CompTIA SY0-601 Online Practice Questions and Exam Preparation

CompTIA SY0-601 Online Questions & Answers

• Question 701:

  Which of the following is a physical security control that ensures onty the authorized user is present when gaining access to a secured area?

  A. A biometric scanner
  B. A smart card reader
  C. APKItoken
  D. A PIN pad
  A. A biometric scanner

  ---

  A biometric scanner uses physical characteristics such as fingerprints to identify an individual user. It is used to ensure that only the authorized user is present when gaining access to a secured area.

• Question 702:

  Which of the following threat vectors would appear to be the most legitimate when used by a malicious actor to impersonate a company?

  A. Phone call
  B. Instant message
  C. Email
  D. Text message
  C. Email

  ---

  Email is a commonly used vector for phishing attacks and impersonation because it allows attackers to craft convincing messages that may appear to come from a legitimate company or source. Malicious actors can use various tactics, such as spoofed email addresses, convincing logos, and language that mimics official communications, to deceive recipients into believing that the email is legitimate. This can make email-based impersonation highly effective, and it's why email phishing is a prevalent method for cyberattacks.

• Question 703:

  The local administrator account for a company's VPN appliance was unexpectedly used to log in to the remote management interface. Which of the following would have prevented this from happening?

  A. Using least privilege
  B. Changing the default password
  C. Assigning individual user IDs
  D. Implementing multifactor authentication
  D. Implementing multifactor authentication

  ---

  Implementing multifactor authentication (MFA) would have likely prevented unauthorized access to the VPN appliance using the local administrator account. MFA adds an additional layer of security by requiring users to provide multiple forms of verification before gaining access, making it significantly more difficult for unauthorized individuals to log in even if they have the correct username and password.

• Question 704:

  An employee finds a USB flash drive labeled "Salary Info" in an office parking lot. The employee picks up the USB flash drive, goes into the office, and plugs it into a laptop. Later, a technician inspects the laptop and realizes it has been compromised by malware. Which of the following types of social engineering attacks has occurred?

  A. Smishing
  B. Baiting
  C. Tailgating
  D. Pretexting
  B. Baiting

• Question 705:

  An audit report showed that a former employee saved the following files to an external USB drive before the employee's termination date:

  ? annual_tax_form.pdf ? encrypted_passwords.db ? team_picture.jpg ? contact_list.db ? human_resources.txt

  Which of the following could the former employee do to potentially compromise corporate credentials?

  A. Perform an offline brute-force attack
  B. Use the files to create a rainbow table.
  C. Conduct a token replay.
  D. Release a network dictionary attack.
  A. Perform an offline brute-force attack

• Question 706:

  Which of the following is the phase in the incident response process when a security analyst reviews roles and responsibilities?

  A. Preparation
  B. Recovery
  C. Lessons learned
  D. Analysis
  A. Preparation

  ---

  During the "Preparation" phase of the incident response process, roles and responsibilities are defined, and the incident response plan is developed. This includes identifying and assigning specific roles to team members, establishing communication channels, and clarifying responsibilities for each member of the incident response team. This phase ensures that everyone involved in incident response knows their duties and is prepared to respond effectively when an incident occurs.

• Question 707:

  A junior security analyst is reviewing web server logs and identifies the following pattern in the log file:

  http://comptia.org/../../../etc/passwd

  Which ol the following types of attacks is being attempted and how can it be mitigated?

  A. XSS. mplement a SIEM
  B. CSRF. implement an IPS
  C. Directory traversal implement a WAF
  D. SQL infection, mplement an IDS
  C. Directory traversal implement a WAF

• Question 708:

  Development team members set up multiple application environments so they can develop, test, and deploy code in a secure and reliable manner. One of the environments is configured with real data that has been obfuscated so the team can adequately assess how the code will work in production. Which of the following environments is set up?

  A. Quality assurance
  B. Development
  C. Sandbox
  D. Production
  C. Sandbox

• Question 709:

  A security analyst is reviewing a secure website that is generating TLS certificate errors. The analyst determines that the browser is unable to receive a response from the OCSP for the certificate. Which of the following actions would most likely resolve the issue?

  A. Run a traceroute on the OCSP domain to find where the domain is failing.
  B. Create an exclusion for the OCSP domain in the content filter
  C. Unblock the OCSP protocol in the host-based firewall
  D. Add the root certificate to the trusted sites on the workstation with the issue.
  C. Unblock the OCSP protocol in the host-based firewall

• Question 710:

  Which of the following best describes why a company would erase a newly purchased device and install its own image with an operating system and applications?

  A. Installing a new operating system thoroughly tests the equipment
  B. Removing unneeded applications reduces the system's attack surface
  C. Reimaging a system creates an updated baseline of the computer image
  D. Wiping the device allows the company to evaluate its performance
  C. Reimaging a system creates an updated baseline of the computer image