CompTIA CompTIA Security+ SY0-601 Questions & Answers

• Question 1:

  The website http://companywebsite.com requires users to provide personal information, including security question responses, for registration. Which of the following would MOST likely cause a data breach?

  A. Lack of input validation

  B. Open permissions

  C. Unsecure protocol

  D. Missing patches

  Correct Answer: C

  Website is using HTTP which is the unsecure protocol of HTTP

• Question 2:

  An analyst is trying to identify insecure services that are running on the internal network. After performing a port scan, the analyst identifies that a server has some insecure services enabled on default ports. Which of the following BEST describes the services that are currently running and the secure alternatives for replacing them? (Choose three.)

  A. SFTP, FTPS

  B. SNMPv2, SNMPv3

  C. HTTP, HTTPS

  D. TEIP, FIP

  E. SNMPv1, SNMPv2

  F. Telnet, SSH

  G. TLS, SSL

  H. POP, IMAP

  I. Login, rlogin

  Correct Answer: BCF

  A. SFTP, FTPS -SFTP is FTP over SSH, FTPS is FTP over SSL/TLS which means they both have encryption mechanisms built in.

  B. SNMPv2, SNMPv3

  -v2 has no encryption. v3 does.

  C. HTTP, HTTPS

  -HTTP is plaintext. HTTPS is HTTP Secure (SSL and now TLS).

  D. TFTP, FTP

  -Neither of these are secure protocols.

  E. SNMPv1, SNMPv2

  -Neither of these feature encryption, although as stated up v3 does.

  F. Telnet, SSH

  -Telnet is in the clear. SSH in encrypted.

  G. TLS, SSL

  -Both cryptographic protocols, TLS is an upgrade to SSL, not the other way around. While SSL in considered insecure, it's supposed to be, and these protocols don't have "default ports".

  H. POP, IMAP

  -You'd probably be looking for POP->POP3 or IMAP->IMAPS here. These email protocols that work a bit differently.

  I. Login, rlogin

  -These are not in the SY0-601 objectives from what I remember. I had to do a quick search: rlogin is a remote access protocol for Linux that sends passwords in-the-clear and was basically replaced by SSH.

  Telnet - Telnet is a remote terminal protocol that allows users to connect to and control a remote system over a network. It is considered insecure because it does not encrypt the data transmitted between the client and server, allowing attackers to easily intercept and read sensitive information. A secure alternative to Telnet is Secure Shell (SSH), which encrypts the data transmitted between the client and server. HTTP - Hypertext Transfer Protocol (HTTP) is a protocol for transferring web-based content over a network. It is considered insecure because it does not encrypt the data transmitted between the client and server, allowing attackers to easily intercept and read sensitive information. A secure alternative to HTTP is HTTPS, which encrypts the data transmitted between the client and server.

• Question 3:

  Which of the following often operates in a client-server architecture to act as a service repository, providing enterprise consumers access to structured threat intelligence data?

  A. STIX

  B. CIRT

  C. OSINT

  D. TAXII

  Correct Answer: D

  Profess Messor notes:

  Structured Threat Information eXpression (STIX)

  ?Describes cyber threat information

  ?Includes motivations, abilities, capabilities, and response information

  Trusted Automated eXchange of Indicator Information (TAXII)

  ?Securely shares STIX data

  Understand STIX/TAXII:

  Structured Threat Information eXpression (STIX) is a standardized language and repetitional structure for the organization and dissemination of cyberthreat indicators and related information. Trusted Automated eXchange of Intelligence

  Information (TAXII) is a standardized set of communication services, protocols, and message exchanges to support the effective communication and exchange of cyberthreat indicators.

• Question 4:

  The new Chief Executive Officer (CEO) of a large company has announced a partnership with a vendor that will provide multiple collaboration applications t make remote work easier. The company has a geographically dispersed staff located in numerous remote offices in different countries. The company's IT administrators are concerned about network traffic and load if all users simultaneously download the application.

  Which of the following would work BEST to allow each geographic region to download the software without negatively impacting the corporate network?

  A. Update the host IDS rules.

  B. Enable application whitelisting.

  C. Modify the corporate firewall rules.

  D. Deploy all applications simultaneously.

  Correct Answer: B

• Question 5:

  A Chief Executive Officer (CEO) is dissatisfied with the level of service from the company's new service provider. The service provider is preventing the CEO from sending email from a work account to a personal account. Which of the following types of service providers is being used?

  A. Telecommunications service provider

  B. Cloud service provider

  C. Master managed service provider

  D. Managed security service provider

  Correct Answer: D

  MSSP seems to be the logical answer. O365 as a cloud service for example will not prevent you from sending emails from work to personal account without it being specifically configured.

• Question 6:

  A security analyst needs to perform periodic vulnerability scans on production systems. Which of the following scan types would produce the BEST vulnerability scan report?

  A. Port

  B. Intrusive

  C. Host discovery

  D. Credentialed

  Correct Answer: A

  Credentialed scan will include versions of software applications that might be vulnerable

• Question 7:

  To further secure a company's email system, an administrator is adding public keys to DNS records in the company's domain Which of the following is being used?

  A. PFS

  B. SPF

  C. DMARC

  D. DNSSEC

  Correct Answer: D

  1.

  DNSSEC

  2.

  Domain Name System Security Extensions

  3.

  Validate DNS responses

  4.

  Origin authentication, data integrit

• Question 8:

  Which of the following distributes data among nodes, making it more difficult to manipulate the data while also minimizing downtime?

  A. MSSP

  B. Public cloud

  C. Hybrid cloud

  D. Fog computing

  Correct Answer: D

  Fog computing - data is processed and distributed among nodes

• Question 9:

  A company uses specially configured workstations for any work that requires administrator privileges to its Tier 0 and Tier 1 systems. The company follows a strict process to harden systems immediately upon delivery. Even with these strict security measures in place, an incident occurred from one of the workstations. The root cause appears to be that the SoC was tampered with or replaced. Which of the following MOST likely occurred?

  A. Fileless malware

  B. A downgrade attack

  C. A supply-chain attack

  D. A logic bomb

  E. Misconfigured BIOS

  Correct Answer: C

• Question 10:

  A network administrator at a large organization is reviewing methods to improve the security of the wired LAN. Any security improvement must be centrally managed and allow corporate-owned devices to have access to the intranet but limit others to Internet access only. Which of the following should the administrator recommend?

  A. 802.1X utilizing the current PKI infrastructure

  B. SSO to authenticate corporate users

  C. MAC address filtering with ACLS on the router

  D. PAM for user account management

  Correct Answer: A

  It's possible to combine an 802.1x server with other network elements such as a virtual local area network (VLAN). For example, imagine you want to provide visitors with Internet access, but prevent them from accessing internal network resources. You can configure the 802.1x server to grant full access to authorized clients, but redirect unauthorized clients to a guest area of the network via a VLAN.