CompTIA CompTIA Certifications SY0-601 Questions & Answers

• Question 681:

  A company recently transitioned to a strictly BYOD culture due to the cost of replacing lost or damaged corporate-owned mobile devices. Which of the following technologies would be BEST to balance the BYOD culture while also protecting the company's data?

  A. Containerization

  B. Geofencing

  C. Full-disk encryption

  D. Remote wipe

  Correct Answer: A

• Question 682:

  A website developer is working on a new e-commerce website and has asked an information security expert for the most appropriate way to store credit card numbers to create an easy reordering process. Which of the following methods would BEST accomplish this goal?

  A. Salting the magnetic strip information

  B. Encrypting the credit card information in transit.

  C. Hashing the credit card numbers upon entry.

  D. Tokenizing the credit cards in the database

  Correct Answer: D

  Hashing credit card numbers is almost never a good idea. Hashing is a way to take an input (e.g. the credit card number) and return a string of numbers and letters that uniquely identifies the input data but is relatively difficult to determine the input data. Hashing works well when the inputs are fairly random. Credit card numbers are 16 digit numbers that meet the luh algorithm. If an attacker gets a hashed credit card number they could do some work to determine what hash was used. Then it is relatively easy to create what is called a rainbow table: a big list of credit card numbers and the associated hash.

  https://www.quora.com/Which-one-is-better-for-storing-credit-card-numbers-for-an-e-commerce-website-tokenization-or-hashing

• Question 683:

  Which of the following would be used to find the MOST common web-application vulnerabilities?

  A. OWASP

  B. MITRE ATTandCK

  C. Cyber Kill Chain

  D. SDLC

  Correct Answer: A

  Anything related to WEB APPLICATION SECURITY = OWASP The Open Web Application Security Project (FRAMEWORK) is an online community that produces freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security. The Open Web Application Security Project provides free and open resources. MITRE's Adversarial Tactics, Techniques, and Common Knowledge (ATTandCKTM) is a curated knowledge base and model for cyber adversary behavior, reflecting the various phases of an adversary's lifecycle and the platforms they are known to target. ATTandCK is useful for understanding security risk against known adversary behavior, for planning security improvements, and verifying defenses work as expected.

• Question 684:

  A global pandemic is forcing a private organization to close some business units and reduce staffing at others. Which of the following would be BEST to help the organization's executives determine the next course of action?

  A. An incident response plan

  B. A communications plan

  C. A disaster recovery plan

  D. A business continuity plan

  Correct Answer: D

• Question 685:

  wo organizations are discussing a possible merger, Both organizations' Chief Financial Officers would like to safely share payroll data with each other to determine if the pay scales for different roles are similar at both organizations. Which of the following techniques would be BEST to protect employee data while allowing the companies to successfully share this information?

  A. Pseudo-anonymization

  B. Tokenization

  C. Data masking

  D. Encryption

  Correct Answer: A

  Data masking and pseudonymization are both methods to de-identify data, but they have some differences in terms of their goals, techniques, and outcomes. Data masking aims to make the data unusable and unrecognizable, while pseudonymization aims to make the data unlinkable and untraceable. Data masking usually involves modifying the data in a way that cannot be reversed, while pseudonymization usually involves replacing the data with a key that can be restored if needed. Data masking preserves the format and structure of the data, while pseudonymization may alter the format and structure of the data. Data masking is more suitable for data that does not need to be analyzed or processed, while pseudonymization is more suitable for data that needs to be aggregated or queried.

  From: www.linkedin.com/advice/3/how-do-you-balance-data-utility-privacy-when-using

• Question 686:

  After a phishing scam for 9 user's credentals, the red team was able to craft a payload to deploy on @ server. The attack allowed the installaton of malicious software that intiates @ new remote session. Which of the following types of attacks has occurred?

  A. Privilege escalation

  B. Session replay

  C. Application programming interface

  D. Directory traversal

  Correct Answer: A

  Privilege escalation DOES NOT always mean you are escalating to elevated permissions. Privilege escalations can also be horiztonal movements. In this case, the red team compromises a user's account through the phising attack. The red team then deploys payload on the server through the comprised user account. The malware then initiates a new remote session, enabling the hackers to access the server directly. The comprised account is User A and the red team directly connected as a result of the malware can be thought of as User B. In this case, privilege escalation refers to user B being able to access user A resources.

• Question 687:

  A security engi is cor that the gy tor on endpoints ts too heavily dependent on previously defined attacks. The engineer would like a tool to monitor for changes to key Mes and network traffic on the device. Which of the following tools BEST addresses both detection and prevention?

  A. NIDS

  B. HIPS

  C. AV

  D. NGFW

  Correct Answer: B

  A host-based intrusion detection and prevention system (HIPS) is a tool that monitors for changes to key files and network traffic on a device

• Question 688:

  A security analyst is reviewing a new website that will soon be made publicly available. The analyst sees the following in the URL:

  http://dev-site.comptia.org/home/show.php?sessionID=77276554andloc=us

  The analyst then sends an internal user a link to the new website for testing purposes, and when the user clicks the link, the analyst is able to browse the website with the following URL:

  http://dev-site.comptia.org/home/show.php?sessionID=98988475andloc=us

  Which of the following application attacks is being tested?

  A. Pass-the-hash

  B. Session replay

  C. Object deference

  D. Cross-site request forgery

  Correct Answer: B

• Question 689:

  Which of the following refers to applications and systems that are used within an organization without consent or approval?

  A. Shadow IT

  B. OSINT

  C. Dark web

  D. Insider threats

  Correct Answer: A

• Question 690:

  Which of the following job roles would sponsor data quality and data entry initiatives that ensure business and regulatory requirements are met?

  A. The data owner

  B. The data processor

  C. The data steward

  D. The data privacy officer.

  Correct Answer: C