CompTIA SY0-601 Online Practice Questions and Exam Preparation

CompTIA SY0-601 Online Questions & Answers

• Question 1011:

  A security analyst is reviewing the following command-line output:

  

  Which of the following Is the analyst observing?

  A. IGMP spoofing
  B. URL redirection
  C. MAG address cloning
  D. DNS poisoning
  C. MAG address cloning

  ---

  ICMP Spoofing == changing the IP address of your network packets so that they appear to come from another IP address.

• Question 1012:

  Which of the following organizational policies are MOST likely to detect fraud that is being conducted by existing employees? (Select TWO).

  A. Offboarding
  B. Mandatory vacation
  C. Job rotation
  D. Background checks
  E. Separation of duties
  F. Acceptable use
  B. Mandatory vacation
  C. Job rotation

• Question 1013:

  A Chief Information Security Officer wants to ensure the organization is validating and checking the Integrity of zone transfers. Which of the following solutions should be implemented?

  A. DNSSEC
  B. LOAPS
  C. NGFW
  D. DLP
  A. DNSSEC

  ---

  Explanation Explanation/Reference:Domain Name System Security Extensions (DNSSEC) is a set of specifications that extend the DNS protocol by adding cryptographic authentication

• Question 1014:

  Which of the following explains why an attacker cannot easily decrypt passwords using a rainbow table attack?

  A. Digital signatures
  B. Salting
  C. Hashing
  D. Perfect forward secrecy
  B. Salting

• Question 1015:

  While considering the organization's cloud-adoption strategy, the Chief Information Security Officer sets a goal to outsource patching of firmware, operating systems, and applications to the chosen cloud vendor. Which of the following best meets this goal?

  A. Community cloud
  B. PaaS
  C. Containerization
  D. Private cloud
  E. SaaS
  F. IaaS
  E. SaaS

• Question 1016:

  A security administrator has discovered that workstations on the LAN are becoming infected with malware. The cause of the infections appears to be users receiving phishing emails that are bypassing the current email-filtering technology. As a result, users are being tricked into clicking on malicious URLs, as no internal controls currently exist in the environment to evaluate their safety. Which of the following would be BEST to implement to address the issue?

  A. Forward proxy
  B. HIDS
  C. Awareness training
  D. A jump server
  E. IPS
  D. A jump server

• Question 1017:

  Which of the following best describes why the SMS OTP authentication method is more risky to implement than the TOTP method?

  A. The SMS OTP method requires an end user to have an active mobile telephone service and SIM card.
  B. Generally, SMS OTP codes are valid for up to 15 minutes, while the TOTP time frame is 30 to 60 seconds.
  C. The SMS OTP is more likely to be intercepted and lead to unauthorized disclosure of the code than the TOTP method.
  D. The algorithm used to generate an SMS OTP code is weaker than the one used to generate a TOTP code.
  C. The SMS OTP is more likely to be intercepted and lead to unauthorized disclosure of the code than the TOTP method.

• Question 1018:

  The process of passively gathering information poor to launching a cyberattack is called:

  A. tailgating
  B. reconnaissance
  C. pharming
  D. prepending
  B. reconnaissance

• Question 1019:

  Which of the following organizations sets frameworks and controls for optimal security configuration on systems?

  A. ISO
  B. GDPR
  C. PCI DSS
  D. NIST
  D. NIST

  ---

  Explanation Explanation/Reference:ISO is for all standards, not only security, whereas NIST is only related to security.

• Question 1020:

  The website http://companywebsite.com requires users to provide personal information, including security question responses, for registration. Which of the following would MOST likely cause a data breach?

  A. Lack of input validation
  B. Lack of input validation
  C. Unsecure protocol
  D. Missing patches
  C. Unsecure protocol

  ---

  Website is using HTTP which is the unsecure protocol of HTTP