CompTIA SY0-601 Online Practice Questions and Exam Preparation

CompTIA SY0-601 Online Questions & Answers

• Question 1111:

  Employees at a company are receiving unsolicited text messages on their corporate cell phones. The unsolicited text messages contain a password reset Link. Which of the attacks is being used to target the company?

  A. Phishing
  B. Vishing
  C. Smishing
  D. Spam
  C. Smishing

  ---

  Smishing is a type of phishing attack which begins with an attacker sending a text message to an individual. The message contains social engineering tactics to convince the person to click on a malicious link or send sensitive information to the attacker. Criminals use smishing attacks for purposes like: Learn login credentials to accounts via credential phishing Discover private data like social security numbers Send money to the attacker Install malware on a phone Establish trust before using other forms of contact like phone calls or emails Attackers may pose as trusted sources like a government organization, a person you know, or your bank. And messages often come with manufactured urgency and time-sensitive threats. This can make it more difficult for a victim to notice a scam. Phone numbers are easy to spoof with VoIP texting, where users can create a virtual number to send and receive texts. If a certain phone number is flagged for spam, criminals can simply recycle it and use a new one.

• Question 1112:

  A security administrator has noticed unusual activity occurring between different global instances and workloads and needs to identify the source of the unusual traffic. Which of the following log sources would be BEST to show the source of the unusual traffic?

  A. HIDS
  B. UEBA
  C. CASB
  D. VPC
  C. CASB

• Question 1113:

  Which of the following should be monitored by threat intelligence researchers who search for leaked credentials?

  A. Common Weakness Enumeration
  B. OSINT
  C. Dark web
  D. Vulnerability databases
  C. Dark web

  ---

  Explanation Explanation/Reference:Darkweb https://www.hackers-arise.com/post/open-source-intelligence-osint-finding-breached-email-addresses-passwords-and-other-credentials

• Question 1114:

  An organization wants to participate in threat intelligence information sharing with peer groups. Which of the following would MOST likely meet the organizations requirement?

  A. Perform OSINT investigations
  B. Subscribe to threat intelligence feeds
  C. Submit RFCs
  D. Implement a TAXII server
  D. Implement a TAXII server

  ---

  Explanation Explanation/Reference:A TAXII server is a client that exchanges standardized and anonymized cyber threat intelligence among users. It works as a venue for sharing and collecting Indicators of compromise, which have been anonymized to protect privacy.

• Question 1115:

  Which of the following are common VoIP-associated vulnerabilities? (Choose two).

  A. SPIM
  B. Vishing
  C. VLAN hopping
  D. Phishing
  E. DHCP snooping
  F. Tailgating
  A. SPIM
  B. Vishing

  ---

  Explanation Explanation/Reference:SPIM (Spam over Internet Messaging) poses a threat to VoIP systems by consuming bandwidth, diverting resources, and potentially causing denial of service attacks. The influx of SPIM messages can degrade the quality of VoIP calls, overload servers, and serve as a platform for social engineering attacks, jeopardizing the security of VoIP users. To mitigate these risks, organizations should implement spam filters, intrusion detection systems, and regular software updates while also educating users to recognize and avoid potential threats associated with SPIM.

• Question 1116:

  An external vendor recently visited a company's headquarters for a presentation. Following the visit, a member of the hosting team found a file that the external vendor left behind on a server. The file contained detailed architecture information and code snippets. Which of the following data types best describes this file?

  A. Government
  B. Public
  C. Proprietary
  D. Critical
  C. Proprietary

• Question 1117:

  The following are the logs of a successful attack.

  

  Which of the following controls would be BEST to use to prevent such a breach in the future?

  A. Password history
  B. Account expiration
  C. Password complexity
  D. Account lockout
  D. Account lockout

  ---

  https://www.computerhope.com/jargon/a/accolock.htm#:~:text=Account%20lockout%20keeps%20the%20account,log%20into%20your%20account%20again

• Question 1118:

  Which of the following models offers third-party-hosted, on-demand computing resources that can be shared with multiple organizations over the internet?

  A. Public cloud
  B. Hybrid cloud
  C. Community cloud
  D. Private cloud
  A. Public cloud

  ---

  There are three main models for cloud computing: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS)12. Each model represents a different part of the cloud computing stack and provides different levels of control, flexibility, and management. According to one source1, a public cloud is a type of cloud deployment where the cloud resources (such as servers and storage) are owned and operated by a third-party cloud service provider and delivered over the Internet. A public cloud can be shared with multiple organizations or users who pay for the service on a subscription or pay-as-you-go basis.

• Question 1119:

  An organization would like to give remote workers the ability to use applications hosted inside the corporate network Users will be allowed to use their personal computers or they will be provided organization assets Either way no data or applications will be installed locally on any user systems

  Which of the following mobile solutions would accomplish these goals?

  A. VDI
  B. MDM
  C. COPE
  D. UTM
  A. VDI

  ---

  MDM would require something to be installed. VDI, virtual desktop infrastructure, would allow employees to use run apps on the company network without installing locally.

• Question 1120:

  Adynamic application vulnerability scan identified that code injection could be performed using a web form. Which of the following will be the BEST remediation to prevent this vulnerability?

  A. Implement input validations.
  B. Deploy MFA.
  C. Utilize a WAF.
  D. Configure HIPS.
  A. Implement input validations.

  ---

  Implementing input validation is the best remediation to prevent code injection vulnerabilities. Input validation involves validating and sanitizing user inputs before processing them within the application. By doing so, the application can detect and prevent malicious inputs, such as SQL injection or other code injection attempts. Input validation helps ensure that data entered into web forms or other application inputs meets the expected format and criteria, thus mitigating the risk of code injection attacks. It is a fundamental security practice to protect against various types of injection attacks.