CompTIA SY0-601 Online Practice Questions and Exam Preparation

CompTIA SY0-601 Online Questions & Answers

• Question 451:

  A company recenty experienced an attack during which its main website was Girected to the attacker's web server, allowing the attacker to harvest credentials trom unsuspecting customers.

  Which of the following should the company implement lo prevent this type of attack from occurring In the future?

  A. PSec
  B. SSL/TLS
  C. ONSSEC
  D. SMIME
  B. SSL/TLS

• Question 452:

  A company is looking to migrate some servers to the cloud to minimize its technology footprint. The company has 100 databases that are on premises. Which of the following solutions will require the LEAST management and support from the company?

  A. SaaS
  B. IaaS
  C. PaaS
  D. SDN
  A. SaaS

  ---

  Explanation Explanation/Reference:In order from the least amount of management, to the most amount of management for the company: SaaS > PaaS > IaaS > On-site SaaS - Basically everything is managed by the provider PaaS - The provider manages everything other than applications and data IaaS - The middle-ground of services. The provider takes on half, while you take on the other half. Provider is responsible for virtualization, networking, servers, and storage. The company is responsible for applications, data, runtime, OS, and middleware. On-site - There is no service provider. The company is responsible for the whole pie. https://www.pcmag.com/picks/the-best-database-as-a-service-solutions

• Question 453:

  A security analyst is performing a packet capture on a series of SOAP HTTP requests for a security assessment. The analyst redirects the output to a file After the capture is complete, the analyst needs to review the first transactions quickly and then search the entire series of requests for a particular string

  Which of the following would be BEST to use to accomplish the task? (Select TWO).

  A. head
  B. Tcpdump
  C. grep
  D. rail
  E. curl
  F. openssi
  G. dd
  A. head
  C. grep

  ---

  A - "analyst needs to review the first transactions quickly" C - "search the entire series of requests for a particular string" To simplify The head command by default will display the first 10 lines of a file... which is correct! The grep command will search anything you want... which of course is correct! Now... Tcpdump is used to capture traffic (sniffing) or read PCAP files. The tail command by default will display the last 10 files. The curl tool is used to download/read resources from the web (HTML, text, files... etc.)/ OpenSSL is ... SSL related. dd is for binary business and copy files/drives (generally speaking).

• Question 454:

  An organization is planning lo open other data centers to sustain operations in the event of a natural disaster. Which of the following considerations would BEST support the organization's resiliency?

  A. Geographic dispersal
  B. Generator power
  C. Fire suppression
  D. Facility automation
  A. Geographic dispersal

  ---

  Explanation Explanation/Reference:Placing that datacenter far away, maybe in another country can help protect against disasters like an earthquake

• Question 455:

  A company recently experienced a major breach. An investigation concludes that customer credit card data was stolen and exfiltrated through a dedicated business partner connection to a vendor, who is not held to the same security contral standards.

  Which of the following is the MOST likely source of the breach?

  A. Side channel
  B. Supply chain
  C. Cryptographic downgrade
  D. Malware
  B. Supply chain

  ---

  Explanation Explanation/Reference:Based on the information provided, the most likely source of the breach is the supply chain. The breach occurred when customer credit card data was stolen and exfiltrated through a dedicated business partner connection to a vendor. This indicates that the vendor, who is part of the supply chain, may not have the same level of security control standards as the company itself, making it a potential weak link in the overall security posture. Supply chain attacks involve targeting third-party vendors, suppliers, or business partners as a means to gain unauthorized access to the main target organization's systems or data.

• Question 456:

  To reduce and limit software and infrastructure costs, the Chief Information Officer has requested to move email services to the cloud. The cloud provider and the organization must have security controls to protect sensitive data. Which of the following cloud services would BEST accommodate the request?

  A. laas
  B. Paas
  C. Daas
  D. SaaS
  D. SaaS

  ---

  Explanation Explanation/Reference:D. SaaS (Software as a Service) is the best option to accommodate the request to move email services to the cloud while protecting sensitive data. SaaS is a delivery model for software applications where the provider hosts the application and makes it available to customers over the internet. SaaS provides customers with the benefits of cloud computing such as scalability, low cost, and quick implementation without the need for expensive hardware, software, and support infrastructure. SaaS providers also have security controls in place to protect sensitive data, such as encryption, data backup, and disaster recovery. With SaaS, the customer's sensitive data is stored and processed on the provider's infrastructure, reducing the customer's responsibility for securing the data and providing peace of mind.

• Question 457:

  HOTSPOT

  For each of the given items, select the appropriate authentication category from the drop down choices. Select the appropriate authentication type for the following items:

  Hot Area:

  

  

  ---

  Explanation/Reference:

  Biometrics refers to a collection of physical attributes of the human body that can be used as identification or an authentication factor. Fingerprints and retinas are physical attributes of the human body.

  Two types of tokens exist, Time-based one-time password (TOTP) tokens and HMACbased one-time password (HOTP). TOTP tokens generate passwords at fixed time intervals, whereas HOTP tokens generate passwords not based on fixed time intervals but instead based on a non-repeating one-way function, such as a hash or HMAC operation.

  Smart cards can have Multi-factor and proximity authentication embedded into it.

  PAP allows for two entities to share a password in advance and use the password as the basis of authentication. The same goes for PIN numbers.

  References:

  Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 282, 285

  http://en.wikipedia.org/wiki/Password_authentication_protocol#Working_cycle

  http://en.wikipedia.org/wiki/Smart_card#Security

• Question 458:

  A technician was dispatched to complete repairs on a server in a data center. While locating the server, the technician entered a restricted area without authorization. Which of the following security controls would BEST prevent this in the future?

  A. Use appropriate signage to mark all areas.
  B. Utilize cameras monitored by guards.
  C. Implement access control vestibules.
  D. Enforce escorts to monitor all visitors.
  C. Implement access control vestibules.

  ---

  An access control vestibule, or mantrap, is a physical access control system designed to prevent unauthorized individuals from following authorized individuals into facilities with controlled access. This question is asking for a way to prevent physical access to restricted area and this method would address this.

• Question 459:

  A large retail store's network was breached recently, and this news was made public. The store did not lose any intellectual property, and no customer information was stolen. Although no fines were incurred as a result, the store lost revenue after the breach. Which of the following is the most likely reason for this issue?

  A. Employee training
  B. Leadership changes
  C. Reputation damage
  D. Identity theft
  C. Reputation damage

  ---

  Even though no intellectual property or customer information was stolen, the fact that the breach became public knowledge could have significantly damaged the store's reputation. Customers may lose trust in the store's ability to protect their data and personal information, leading to a decline in sales and customer loyalty. A damaged reputation can result in negative publicity, reduced customer confidence, and a decrease in the store's overall market value, all of which can impact the company's revenue and profitability.

• Question 460:

  A security analyst sees the following log output while reviewing web logs:

  

  Which of the following mitigation strategies would be BEST to prevent this attack from being successful?

  A. Secure cookies
  B. Input validation
  C. Code signing
  D. Stored procedures
  B. Input validation