CompTIA SY0-601 Online Practice Questions and Exam Preparation

CompTIA SY0-601 Online Questions & Answers

• Question 301:

  Which of the following cryptographic concepts would a security engineer utilize while implementing non-repudiation? (Select TWO)

  A. Block cipher
  B. Hashing
  C. Private key
  D. Perfect forward secrecy
  E. Salting
  F. Symmetric keys
  B. Hashing
  C. Private key

  ---

  Non-repudiation is the guarantee that no one can deny a transaction. The terminology of non-repudiation is frequently used for digital signatures and email messages. When a data hashing algorithm is combined with public/private keys, data origination authentication can be achieved. Public Key Infrastructure (PKI) ensures that an author cannot refute that they signed or encrypted a particular message once it has been sent, assuming the private key is secured. B: You can think of this as a digital fingerprint. You would take that fingerprint or create that hash when you first collect the data. And then you would verify that hash whenever you perform the analysis to make sure that nothing has changed in the meantime. - Prof Messer C: A service that is used to provide assurance of the integrity and origin of data in such a way that the integrity and origin can be verified by a third party as having originated from a specific entity in possession of the private key of the claimed signatory. https://csrc.nist.gov/glossary/term/non_repudiation#:~:text=Non%2Drepudiation%20refers%20to%20the,deny%20having%20signed%20the%20data.

• Question 302:

  Which of the following algorithms has the SMALLEST key size?

  A. DES
  B. Twofish
  C. RSA
  D. AES
  A. DES

  ---

  A. DES = 56-bit B. Twofish = 256-bit C. RSA = Smallest is 512-bit D. AES = 128-bit, 192-bit, or 256-bit

• Question 303:

  Which of the following is the final step of the incident response process?

  A. Lessons learned
  B. Eradication
  C. Containment
  D. Recovery
  A. Lessons learned

• Question 304:

  A large bank with two geographically dispersed data centers is concerned about major power disruptions at both locations. Every day each location experiences very brief outages that last for a few seconds. However, during the summer a high risk of intentional under-voltage events that could last up to an hour exists, particularly at one of the locations near an industrial smelter. Which of the following is the best solution to reduce the risk of data loss?

  A. Dual supply
  B. Generator
  C. PDU
  D. Daily backups
  B. Generator

  ---

  Which of the following examples would be best mitigated by input sanitization? A. Cross-Site Scripting(XSS attack) B. nmap -p- 10.11.1.130 C. Email message: "Click this link to get your free gift card." D. Browser message: "Your connection is not private." Correct Answer: A

• Question 305:

  A company i working on mobile device security after a report revealed that users granted non-verified software access to corporate data. Which of the following ts the MOST effective security control to mitigate this risk?

  A. Block access to application stores.
  B. Implement OTA updates
  C. Update the BYOD pot
  D. Deploy a urttoem firmware
  A. Block access to application stores.

  ---

  From my understanding and previous experience managing MDM, I believe the "non-verified" part of the question is referring to the company itself not verifying. For example, someone installs Facebook from the app store and allows it access to the photos app that contains company images. Facebook is a verified app in all app stores but would be considered a non verified application to the company because they didn't approve of the install. Therefor blocking access to the app store will keep them from installed applications they haven't approved. Assuming the device is a personal device and user can go online and download applications outside of the app store is reading too much into the question. Look at what it asked specifically.

• Question 306:

  Due to unexpected circumstances, an IT company must vacate its main office, forcing all operations to alternate, off-site locations. Which of the following will the company MOST likely reference for guidance during this change?

  A. The business continuity plan
  B. The retention policy
  C. The disaster recovery plan
  D. The incident response plan
  A. The business continuity plan

  ---

  BCP is to empower an organization to keep crucial functions running during downtime. This, in turn, helps the organization respond quickly to an interruption, while creating resilient operational protocols.

• Question 307:

  A global company is experiencing unauthorized logging due to credential theft and account lockouts caused by brute-force attacks. The company is considering implementing a third- party identity provider to help mitigate these attacks. Which of the following would be the BEST control for the company to require from prospective vendors?

  A. IP restrictions
  B. Multifactor authentication
  C. A banned password list
  D. A complex password policy
  B. Multifactor authentication

• Question 308:

  During an incident response, a security analyst observes the following log entry on the web server.

  

  Which of the following BEST describes the type of attack the analyst is experience?

  A. SQL injection
  B. Cross-site scripting
  C. Pass-the-hash
  D. Directory traversal
  D. Directory traversal

  ---

  the attacker manipulates the URL parameters by using "../" sequences or absolute file paths to navigate to parent directories and access arbitrary files and directories on the URL parameter "show" contains multiple "../" sequences, indicating an attempt to navigate to parent directories. The attacker is trying to access the "/etc/passwd" file, which is a commonly targeted file that stores user account information on Unix-based systems.

• Question 309:

  An upcoming project focuses on secure communications and trust between external parties. Which of the following security components will need to be considered to ensure a chosen trust provider IS used and the selected option is highly scalable?

  A. Self-signed certificate
  B. Certificate attributes
  C. Public key Infrastructure
  D. Domain validation
  C. Public key Infrastructure

  ---

  PKI is a security technology that enables secure communication between two parties by using cryptographic functions. It consists of a set of components that are used to create, manage, distribute, store, and revoke digital certificates. PKI provides a secure way to exchange data between two parties, as well as a trust provider to ensure that the data is not tampered with. It also helps to create a highly scalable solution, as the same certificate can be used for multiple parties. According to the CompTIA Security+ Study Guide, "PKI is a technology used to secure communications between two external parties. PKI is based on the concept of digital certificates, which are used to authenticate the sender and recipient of a message. PKI provides a trust provider to ensure that the digital certificate is valid and has not been tampered with. It also provides a scalable solution, as multiple parties can use the same certificate."

• Question 310:

  Given the following logs:

  

  Which of the following BEST describes the type of attack that is occurring?

  A. Rainbow table
  B. Dictionary
  C. Password spraying
  D. Pass-the-hash
  C. Password spraying