A security administrator is analyzing the corporate wireless network The network only has two access points running on channels 1 and 11. While using airodump-ng. the administrator notices other access points are running with the same corporate ESSID on all available channels and with the same BSSID of one of the legitimate access ports
Which of the following attacks in happening on the corporate network?
A. Man in the middle
B. Evil twin
C. Jamming
D. Rogue access point
E. Disassociation
Which of the following describes the exploitation of an interactive process to gain access to restncted areas?
A. Persistence
B. Buffer overflow
C. Privilege escalation
D. Pharming
A new company wants to avoid channel interference when building a WLAN. The company needs to know the radio frequency behavior, identify dead zones, and determine the best place for access points. Which of the following should be done FIRST?
A. Configure heat maps.
B. Utilize captive portals.
C. Conduct a site survey.
D. Install Wi-Fi analyzers.
During a recent incident an external attacker was able to exploit an SMB vulnerability over the internet. Which of the following action items should a security analyst perform FIRST to prevent this from occurring again?
A. Check for any recent SMB CVEs
B. Install AV on the affected server
C. Block unneeded TCP 445 connections
D. Deploy a NIDS in the affected subnet
A company is implementing BYOD and wants to ensure all users have access to the same cloud-based services. Which of the following would BEST allow the company to meet this requirement?
A. laaS
B. PasS
C. MaaS
D. SaaS
The Chief Information Security Officer (CISO) has requested that a third-party vendor provide supporting documents that show proper controls are in place to protect customer data. Which of the following would be BEST for the third-party vendor to provide to the CISO?
A. GDPR compliance attestation
B. Cloud Security Alliance materials
C. SOC 2 Type 2 report
D. NIST RMF workbooks
A routine audit of medical billing claims revealed that several claims were submitted without the subscriber's knowledge. A review of the audit logs for the medical billing company's system indicated a company employee downloaded customer records and adjusted the direct deposit information to a personal bank account. Which of the following does this action describe?
A. Insider threat
B. Social engineering
C. Third-party risk
D. Data breach
A company is providing security awareness training regarding the importance of not forwarding social media messages from unverified sources. Which of the following risks would this training help to prevent?
A. Hoaxes
B. SPIMs
C. Identity fraud
D. Credential harvesting
Which of the following should be monitored by threat intelligence researchers who search for leaked credentials?
A. Common Weakness Enumeration
B. OSINT
C. Dark web
D. Vulnerability databases
A company is looking to migrate some servers to the cloud to minimize its technology footprint. The company has 100 databases that are on premises. Which of the following solutions will require the LEAST management and support from the company?
A. SaaS
B. IaaS
C. PaaS
D. SDN
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-601 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.