CompTIA SY0-601 Online Practice Questions and Exam Preparation

CompTIA SY0-601 Online Questions & Answers

• Question 541:

  A network administrator has been asked to install an IDS to improve the security posture of an organization.

  Which of the following control types is an IDS?

  A. Corrective
  B. Physical
  C. Detective
  D. Administrative
  C. Detective

  ---

  Intrusion DECECTION system.. DETECTION, as in sherlock holmes. Imagine sherlock holmes smoking a big fat bowl and you'll always answer this correctly

• Question 542:

  A SOC operator is analyzing a log file that contains the following entries:

  

  Which of the following explains these log entries?

  A. SQL injection and improper input-handling attempts
  B. Cross-site scripting and resource exhaustion attempts
  C. Command injection and directory traversal attempts
  D. Error handling and privilege escalation attempts
  C. Command injection and directory traversal attempts

  ---

  Explanation Explanation/Reference:Directory traversal is when an attacker uses the software on a web server to access data in a directory other than the server's root directory. If the attempt is successful, the threat actor can view restricted files or execute commands on the server. Command injection is an attack that involves executing commands on a host. Typically, the threat actor injects the commands by exploiting an application vulnerability, such as insufficient input validation. The attacker is attempting to traverse the directory of the host and execute the cat command which could be used to print the contents of a file.

• Question 543:

  A security administrator is managing administrative access to sensitive systems with the following requirements:

  Common login accounts must not be used for administrative duties.

  Administrative accounts must be temporal in nature.

  Each administrative account must be assigned to one specific user.

  Accounts must have complex passwords.

  Audit trails and logging must be enabled on all systems.

  Which of the following solutions should the administrator deploy to meet these requirements? (Giveand References from CompTIA Security+ SY0-601 Official Text Book and Resources)

  A. ABAC
  B. SAML
  C. PAM
  D. CASB
  C. PAM

  ---

  PAM is a solution that enables organizations to securely manage users' accounts and access to sensitive systems. It allows administrators to create unique and complex passwords for each user, as well as assign each account to a single user for administrative duties. PAM also provides audit trails and logging capabilities, allowing administrators to monitor user activity and ensure that all systems are secure. According to the CompTIA Security+ SY0-601 Course Book, "PAM is the most comprehensive way to control and monitor privileged accounts".

• Question 544:

  The most recent vulnerability scan flagged the domain controller with a critical vulnerability. The systems administrator researched the vulnerability and discovered the domain controller does not run the associated application with the vulnerability. Which of the following steps should the administrator take next?

  A. Ensure the scan engine is configured correctly.
  B. Apply a patch to the domain controller.
  C. Research the CVE.
  D. Document this as a false positive.
  D. Document this as a false positive.

• Question 545:

  The Chief Security Officer (CSO) at a major hospital wants to implement SSO to help improve in the environment patient data, particularly at shared terminals. The Chief Risk Officer (CRO) is concerned that training and guidance have been provided to frontline staff, and a risk analysis has not been performed. Which of the following is the MOST likely cause of the CRO's concerns?

  A. SSO would simplify username and password management, making it easier for hackers to pass guess accounts.
  B. SSO would reduce password fatigue, but staff would still need to remember more complex passwords.
  C. SSO would reduce the password complexity for frontline staff.
  D. SSO would reduce the resilience and availability of system if the provider goes offline.
  D. SSO would reduce the resilience and availability of system if the provider goes offline.

  ---

  SSO works based upon a trust relationship set up between an application, known as the service provider, and an identity provider, like OneLogin. This trust relationship is often based upon a certificate that is exchanged between the identity provider and the service provider. This certificate can be used to sign identity information that is being sent from the identity provider to the service provider so that the service provider knows it is coming from a trusted source. In SSO, this identity data takes the form of tokens which contain identifying bits of information about the user like a user's email address or a username.

• Question 546:

  Which of the following corporate policies is used to help prevent employee fraud and to detect system log modifications or other malicious activity based on tenure?

  A. Background checks
  B. Mandatory vacation
  C. Social media analysis
  D. Separation of duties
  B. Mandatory vacation

• Question 547:

  Which of the following refers to applications and systems that are used within an organization without consent or approval?

  A. Shadow IT
  B. OSINT
  C. Dark web
  D. Insider threats
  A. Shadow IT

  ---

  https://www.forcepoint.com/cyber-edu/shadow-it

• Question 548:

  An information security policy states that separation of duties is required for all highly sensitive database changes that involve customers' financial data. Which of the following will this be BEST to prevent?

  A. Least privilege
  B. An insider threat
  C. Adata breach
  D. A change control violation
  B. An insider threat

• Question 549:

  A company has been experiencing very brief power outages from its utility company over the last few months. These outages only last for one second each time. The utility company is aware of the issue and Is working to replace a faulty transformer. Which of the following BEST describes what the company should purchase to ensure its critical servers and network devices stay online?

  A. Dual power supplies
  B. A UPS
  C. A generator
  D. A PDU
  B. A UPS

  ---

  Explanation Explanation/Reference:based on the name itself "Uninterruptible Power Supply", so an interruption of a 1 second will not gonna happen.

• Question 550:

  Against the recommendation of the IT security analyst, a company set all user passwords on a server as "P@)55wOrD". Upon review of the /etc/pesswa file, an attacker found the following:

  alice:a8df3b6c4fd75f0617431fd248f35191df8d237f bob:2d250c5b2976b03d757f324ebd59340df96aa05e chris:ea981ec3285421d014108089f3f3f997ce0f4150

  Which of the following BEST explains why the encrypted passwords do not match?

  A. Perfect forward secrecy
  B. Key stretching
  C. Salting
  D. Hashing
  C. Salting