CompTIA SY0-601 Online Practice Questions and Exam Preparation

CompTIA SY0-601 Online Questions & Answers

• Question 691:

  Which of the following authentication methods is considered to be the LEAST secure?

  A. TOTP
  B. SMS
  C. HOTP
  D. Token key
  B. SMS

  ---

  Explanation Explanation/Reference:SMS (Short Message Service) authentication involves sending a one-time passcode (OTP) to the user's mobile phone via text message, which the user then enters to complete the authentication process. While it is more convenient than some other methods, it is also less secure compared to the other options listed. SMS authentication has several security weaknesses: Phishing: Attackers can use social engineering to trick users into revealing their SMS OTP, compromising the authentication. SIM swapping: Attackers can contact the user's mobile service provider and convince them to transfer the phone number to a new SIM card, gaining access to the SMS OTP. Intercepting SMS: In some cases, attackers with advanced capabilities can intercept SMS messages, allowing them to capture the OTP. Due to these vulnerabilities, SMS authentication is considered less secure compared to other authentication methods like TOTP (Time-based One-Time Password) and HOTP (HMAC-based One-Time Password), which rely on algorithms and do not involve transmitting the OTP via SMS.

• Question 692:

  A development team employs a practice of bringing all the code changes from multiple team members into the same development project through automation. A tool is utilized to validate the code and track source code through version control. Which of the following BEST describes this process?

  A. Continuous delivery
  B. Continuous integration
  C. Continuous validation
  D. Continuous monitoring
  B. Continuous integration

  ---

  continuous integration is managing all versions of a code base and integrating them.

• Question 693:

  A penetration-testing firm is working with a local community bank to create a proposal that best fits the needs of the bank. The bank's information security manager would like the penetration test to resemble a real attack scenario, but it cannot afford the hours required by the penetration-testing firm. Which of the following would best address the bank's desired scenario and budget?

  A. Engage the penetration-testing firm's rea-team services to fully mimic possible attackers.
  B. Give the penetration tester data diagrams of core banking applications in a known-environment test.
  C. Limit the scope of the penetration test to only the system that is used for teller workstations.
  D. Provide limited networking details in a partially known-environment test to reduce reconnaissance efforts.
  D. Provide limited networking details in a partially known-environment test to reduce reconnaissance efforts.

• Question 694:

  Two hospitals merged into a single organization. The privacy officer requested a review of ait records to ensure encryption was used Guring record storage, in compliance with regulations.

  During the review, the officer discovered that medical diagnosis codes and patient names were left unsecured.

  Which of the following types of data does this combination BEST represent?

  A. Personal heath information
  B. Personally Kentifiable information
  C. Tokenized data
  D. Proprietary data
  A. Personal heath information

  ---

  Explanation Explanation/Reference:Protected health information PHI is a subset of PII, but it specifically refers to health information shared with HIPAA covered entities. Medical records, lab reports, and hospital bills are PHI, along with any information relating to an individual's past, present, or future physical or mental health.

• Question 695:

  Since a recent upgrade to a WLAN infrastructure, several mobile users have been unable to access the internet from the lobby. The networking team performs a heat map survey of the building and finds several WAPs in the area. The WAPs are using similar frequencies with high power settings. Which of the following installation considerations should the security team evaluate next?

  A. Channel overlap
  B. Encryption type
  C. New WLAN deployment
  D. WAP placement
  A. Channel overlap

• Question 696:

  A company uses wireless tor all laptops and keeps a very detailed record of its assets, along with a comprehensive list of devices that are authorized to be on the wireless network. The Chief Information Officer (CIO) is concerned about a script kiddie potentially using an unauthorized device to brute force the wireless PSK and obtain access to the internal network. Which of the following should the company implement to BEST prevent this from occurring?

  A. A BPDU guard
  B. WPA-EAP
  C. IP filtering
  D. A WIDS
  B. WPA-EAP

  ---

  Explanation Explanation/Reference:"EAP is in wide use. For example, in IEEE 802.11 (WiFi) the WPA and WPA2 standards have adopted IEEE 802.1X (with various EAP types) as the canonical authentication mechanism." https://en.wikipedia.org/wiki/ Extensible_Authentication_Protocol

• Question 697:

  A security engineer needs to implement an MDM solution that complies with the corporate mobile device policy. The policy states that in order for mobile users to access corporate resources on their devices, the following requirements must be met:

  1.

  Mobile device OSs must be patched up to the latest release.

  2.

  A screen lock must be enabled (passcode or biometric).

  3.

  Corporate data must be removed if the device is reported lost or stolen.

  Which of the following controls should the security engineer configure? (Choose two.)

  A. Containerization
  B. Storage segmentation
  C. Posturing
  D. Remote wipe
  E. Full-device encryption
  F. Geofencing
  C. Posturing
  D. Remote wipe

  ---

  If a mobile device does not meet the policy requirements, such as having an outdated OS or not being able to enable a screen lock, it should not be allowed access to corporate resources until it meets these requirements. to the point "posturing" becomes particularly relevant and first priority. Posturing, as part of a Mobile Device Management (MDM) solution, can assess the compliance of mobile devices with the corporate security policy. If a device is found to be non-compliant (e.g., due to an outdated OS or lack of a screen lock), the MDM solution can restrict or deny access to corporate resources until the device is brought into compliance. Posturing: Use posturing checks to verify that mobile devices comply with the policy's requirements, such as having an up-to-date OS and enabling a screen lock.

• Question 698:

  A security manager runs Nessus scans of the network after every maintenance window.

  Which of the following is the security manger MOST likely trying to accomplish?

  A. Verifying that system patching has effectively removed knows vulnerabilities
  B. Identifying assets on the network that may not exist on the network asset inventory
  C. Validating the hosts do not have vulnerable ports exposed to the internet
  D. Checking the status of the automated malware analysis that is being performed
  A. Verifying that system patching has effectively removed knows vulnerabilities

• Question 699:

  A security administrator suspects there may be unnecessary services running on a server. Which of the following tools will the administrator MOST likely use to confirm the suspicions?

  A. Nmap
  B. Wireshark
  C. Autopsy
  D. DNSEnum
  A. Nmap

• Question 700:

  A recent security breach exploited software vulnerabilities in the firewall and within the network management solution. Which of the following will MOST likely be used to identify when the breach occurred through each device?

  A. SIEM correlation dashboards
  B. Firewall syslog event logs
  C. Network management solution login audit logs
  D. Bandwidth monitors and interface sensors
  A. SIEM correlation dashboards

  ---

  SIEM could tell when the breach occurred in firewall AND in network management solution