CompTIA CompTIA Certifications SY0-601 Questions & Answers

• Question 611:

  An attacker is attempting to exploit users by creating a fake website with the URL users. Which of the following social-engineering attacks does this describe?

  A. Information elicitation

  B. Type squatting

  C. Impersonation

  D. Watering-hole attack

  Correct Answer: D

  It's really the only logical answer. Everything else is more plausible to eliminate.

  Information elicitation is done directly in-person, meaning it's typically conversational in nature.

  Impersonation centers around PERSONS, not websites. You can't impersonate websites; you can only create similar-looking ones.

  Water-hole attacks are performed on third-party websites one suspects the targeted organization uses; this can't be the case here if the attacker created the website themselves.

  That leaves typosquatting. While it doesn't explicitly say it's a misspelling of another website, we can't outright rule out that possibility either. It's literally the only applicable answer for creating a website that imitates a legitimate one, after all,

  and it implies it's not the original site by saying it's emulating the "look and feel of a legitimate website."

  Either way, it's ridiculously ambiguous. I'm hoping CompTIA weights answers so that not ALL of them award zero points.

  Reference:

  https://www.kaspersky.com/resource-center/definitions/what-is-typosquatting

• Question 612:

  Phishing and spear-phishing attacks have been occurring more frequently against a company's staff. Which of the following would MOST likely help mitigate this issue?

  A. DNSSEC and DMARC

  B. DNS query logging

  C. Exact mail exchanger records in the DNS

  D. The addition of DNS conditional forwarders

  Correct Answer: C

• Question 613:

  An engineer is configuring AAA authentication on a Cisco MDS 9000 Series Switch. The LDAP server is located under the IP 10.10.2.2. The data sent to the LDAP server should be encrypted. Which command should be used to meet these requirements?

  A. Idap-server 10.10.2.2 key SSL_KEY

  B. Idap-server host 10.10.2.2 key SSL_KEY

  C. Idap-server 10.10.2.2 port 443

  D. Idap-server host 10.10.2.2 enable-ssl

  Correct Answer: D

  Example: switch(config)# ldap-server host 10.10.2.2 enable-ssl

  The enable-ssl keyword ensures the integrity and confidentiality of the transferred data by causing the LDAP client to establish a Secure Sockets Layer (SSL) session prior to sending the bind or search request.

• Question 614:

  A manufacturer creates designs for very high security products that are required to be protected and controlled

  A. Session replay

  B. Evil twin

  C. Bluejacking

  D. ARP poisoning

  Correct Answer: B

• Question 615:

  Which of the following is a detective and deterrent control against physical intrusions?

  A. Alock

  B. An alarm

  C. A fence

  D. Asign

  Correct Answer: B

• Question 616:

  A security engineer obtained the following output from a threat intelligence source that recently performed an attack on the company's server:

  

  Which of the following BEST describes this kind of attack?

  A. Directory traversal

  B. SQL injection

  C. API

  D. Request forgery

  Correct Answer: A

  This cannot be Directory Traversal. The key to a traversal attack is the presence of ".../etc/...." on the path.

• Question 617:

  An attacker is trying to gain access by installing malware on a website that is known to be visited by the target victims. Which of the following is the attacker MOST likely attempting?

  A. A spear-phishing attack

  B. A watering-hole attack

  C. Typo squatting

  D. A phishing attack

  Correct Answer: B

  Watering-hole - An attack in which an attacker targets specific groups or organizations, discovers which websites they frequent, and injects malicious code into those sites.

• Question 618:

  On which of the following is the live acquisition of data for forensic analysis MOST dependent? (Choose two.)

  A. Data accessibility

  B. Legal hold

  C. Cryptographic or hash algorithm

  D. Data retention legislation

  E. Value and volatility of data

  F. Right-to-audit clauses

  Correct Answer: AE

  directly from the link @AspiringScriptKiddie provided:

  Note

  Before conducting a live acquisition, data acquisition priorities should be identified in terms of data accessibility, as well as the value and volatility of the data.

• Question 619:

  A security analyst is reviewing the following attack log output:

  

  Which of the following types of attacks does this MOST likely represent?

  A. Rainbow table

  B. Brute-force

  C. Password-spraying

  D. Dictionary

  Correct Answer: C

  Password spraying is a type of brute-force attack in which a malicious actor uses a single password against targeted user accounts before moving on to attempt a second password, and so on. This technique allows the actor to remain undetected by avoiding rapid or frequent account lockouts.

• Question 620:

  A startup company is using multiple SaaS and IaaS platforms to stand up a corporate infrastructure and build out a customer-facing web application. Which of the following solutions would be BEST to provide security, manageability, and visibility into the platforms?

  A. SIEM

  B. DLP

  C. CASB

  D. SWG

  Correct Answer: C

  While Secure Web Gateway (SWG) is undergoing a rapid evolution. As users conduct their day-to-day activities directly with the Internet, SWGs have evolved to become a core component to securing users. Against this backdrop, secure web gateways have evolved how they offer protection against online security threats by enforcing company security policies and filtering malicious internet traffic in real time. At a minimum, a secure web gateway offers URL filtering, application controls for web applications and the detection and filtering of malicious code. Data leak prevention features are also essential. Leading SWGs are parts of SASE platforms where they are integrated with technology like cloud access security brokers (CASBs) for consistent, comprehensive protection. https://www.bitglass.com/what-is-a-secure-web-gateway