CompTIA CompTIA Certifications SY0-601 Questions & Answers

• Question 1111:

  An employee received multiple messages on a mobile device. The messages instructing the employee to pair the device to an unknown device. Which of the following BEST describes What a malicious person might be doing to cause this issue to occur?

  A. Jamming

  B. Bluesnarfing

  C. Evil twin

  D. Rogue access point

  Correct Answer: B

• Question 1112:

  Employees at a company are receiving unsolicited text messages on their corporate cell phones. The unsolicited text messages contain a password reset Link. Which of the attacks is being used to target the company?

  A. Phishing

  B. Vishing

  C. Smishing

  D. Spam

  Correct Answer: C

  Smishing is a type of phishing attack which begins with an attacker sending a text message to an individual. The message contains social engineering tactics to convince the person to click on a malicious link or send sensitive information to the attacker. Criminals use smishing attacks for purposes like:

  Learn login credentials to accounts via credential phishing Discover private data like social security numbers Send money to the attacker Install malware on a phone

  Establish trust before using other forms of contact like phone calls or emails

  Attackers may pose as trusted sources like a government organization, a person you know, or your bank. And messages often come with manufactured urgency and time-sensitive threats. This can make it more difficult for a victim to notice a scam.

  Phone numbers are easy to spoof with VoIP texting, where users can create a virtual number to send and receive texts. If a certain phone number is flagged for spam, criminals can simply recycle it and use a new one.

• Question 1113:

  A security administrator has discovered that workstations on the LAN are becoming infected with malware. The cause of the infections appears to be users receiving phishing emails that are bypassing the current email-filtering technology. As a result, users are being tricked into clicking on malicious URLs, as no internal controls currently exist in the environment to evaluate their safety. Which of the following would be BEST to implement to address the issue?

  A. Forward proxy

  B. HIDS

  C. Awareness training

  D. A jump server

  E. IPS

  Correct Answer: D

• Question 1114:

  A software company is analyzing a process that detects software vulnerabilities at the earliest stage possible. The goal is to scan the source looking for unsecure practices and weaknesses before the application is deployed in a runtime environment. Which of the following would BEST assist the company with this objective?

  A. Use fuzzing testing

  B. Use a web vulnerability scanner

  C. Use static code analysis

  D. Use a penetration-testing OS

  Correct Answer: C

  Fuzzing

  Fuzzing or fuzz testing is an automated software testing technique that involves providing invalid, unexpected, or random data as inputs to a computer program. The program is then monitored for exceptions such as crashes, failing built-in

  code assertions, or potential memory leaks.

  Static program analysis

  Static program analysis is the analysis of computer software performed without executing any programs, in contrast with dynamic analysis, which is performed on programs during their execution. What is static code analysis? Static code

  analysis is a method of debugging by examining source code before a program is run. It's done by analyzing a set of code against a set (or multiple sets) of coding rules. ... This type of analysis addresses weaknesses in source code that

  might lead to vulnerabilities.

  Penetration test

  A penetration test, colloquially known as a pen test or ethical hacking, is an authorized simulated cyberattack on a computer system, performed to evaluate the security of the system; this is not to be confused with a vulnerability assessment.

• Question 1115:

  Adynamic application vulnerability scan identified that code injection could be performed using a web form. Which of the following will be the BEST remediation to prevent this vulnerability?

  A. Implement input validations.

  B. Deploy MFA.

  C. Utilize a WAF.

  D. Configure HIPS.

  Correct Answer: A

  Implementing input validation is the best remediation to prevent code injection vulnerabilities. Input validation involves validating and sanitizing user inputs before processing them within the application. By doing so, the application can detect and prevent malicious inputs, such as SQL injection or other code injection attempts.

  Input validation helps ensure that data entered into web forms or other application inputs meets the expected format and criteria, thus mitigating the risk of code injection attacks. It is a fundamental security practice to protect against various types of injection attacks.

• Question 1116:

  Which of the following controls would be the MOST cost-effective and time-efficient to deter intrusions at the perimeter of a restricted, remote military training area?(Select TWO).

  A. Barricades

  B. Thermal sensors

  C. Drones

  D. Signage

  E. Motion sensors

  F. Guards

  G. Bollards

  Correct Answer: AE

• Question 1117:

  A Chief information Officer is concerned about employees using company-issued laptops to steal dala when accessing network shares

  Which of the following should the company implement?

  A. DLP

  B. CASB

  C. HIDS

  D. EDR

  E. UEFI

  Correct Answer: A

• Question 1118:

  Certain users are reporting their accounts are being used to send unauthorized emails and conduct suspicious activities. After further investigation, a security analyst notices the following:

  1.

  All users share workstations throughout the day.

  2.

  Endpoint protection was disabled on several workstations throughout the network.

  3.

  Travel times on logins from the affected users are impossible.

  4.

  Sensitive data is being uploaded to external sites.

  5.

  All user account passwords were forced to be reset and the issue continued.

  Which of the following attacks is being used to compromise the user accounts?

  A. Brute-force

  B. Keylogger

  C. Dictionary

  D. Rainbow

  Correct Answer: B

• Question 1119:

  A security analyst needs an overview of vulnerabilities for a host on the network. Which of the following is the BEST type of scan for the analyst to run to discover which vulnerable services are running?

  A. Non-credentialed

  B. Web application

  C. Privileged

  D. Internal

  Correct Answer: B

• Question 1120:

  An organization is moving away from the use of client-side and server-side certificates for EAR The company would like for the new EAP solution to have the ability to detect rogue access points. Which of the following would accomplish these requirements?

  A. PEAP

  B. EAP-FAST

  C. EAP-TLS

  D. EAP-TTLS

  Correct Answer: B