CompTIA SY0-601 Online Practice Questions and Exam Preparation

CompTIA SY0-601 Online Questions & Answers

• Question 801:

  Which of the following BEST describes the MFA attribute that requires a callback on a predefined landline?

  A. Something you exchibl
  B. Something you can do
  C. Someone you krcear
  D. Somnewehere pou are
  B. Something you can do

• Question 802:

  A security analyst reviews the datacenter access logs for a fingerprint scanner and notices an abundance of errors that correlate with users' reports of issues accessing the facility. Which of the following MOST likely the cause of the cause of the access issues?

  A. False rejection
  B. Cross-over error rate
  C. Efficacy rale
  D. Attestation
  A. False rejection

  ---

  A. False rejection is the correct answer. Please note there are many complaints from the users. Users are complaining because sensitivity (= security) of the fingerpront scanner is too high and they cannot enter. If sensitivity was too low, anybody could enter. CER = sweet spot. where a legitimate user is not recognized. This is also referred to as a Type I error or false non-match rate (FNMR). FRR is measured as a percentage.

• Question 803:

  SIMULATION

  A company recently added a DR site and is redesigning the network. Users at the DR site are having issues browsing websites.

  INSTRUCTIONS

  Click on each firewall to do the following:

  1. Deny cleartext web traffic.

  2. Ensure secure management protocols are used.

  3. Resolve issues at the DR site.

  The ruleset order cannot be modified due to outside constraints.

  If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

  

  Firewall 2

  Hot Area:

  

  

  ---

  Explanation/Reference:

  Firewall 2: No changes should be made to this firewall

  

• Question 804:

  A cybersecurity administrator needs to implement a Layer 7 security control on a network and block potential attacks. Which of the following can block an attack at Layer 7? (Select TWO).

  A. HIDS
  B. NIPS
  C. HSM
  D. WAF
  E. NAC
  F. NIDS
  G. Stateless firewall
  B. NIPS
  D. WAF

  ---

  Answer: (B) NIPS and (D) WAF A WAF or web application firewall helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-sitescripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model). A network intrusion protection system (NIPS) is an umbrella term for a combination of hardware and software systems that protect computer networks from unauthorized access and malicious activity. NIPS consists of NIDS and IPS. WAF is a firewall. NIPS can operate up to layer 7 by passing or allowing traffic

• Question 805:

  Which of the following authentication methods sends out a unique password to be used within a specific number of seconds?

  A. TOTP
  B. Biometrics
  C. Kerberos
  D. LDAP
  A. TOTP

• Question 806:

  A digital forensics team at a large company is investigating a case in which malicious code was downloaded over an HTTPS connection and was running in memory, but was never committed to disk. Which of the following techniques should the team use to obtain a sample of the malware binary?

  A. pcap reassembly
  B. SSD snapshot
  C. Image volatile memory
  D. Extract from checksums
  C. Image volatile memory

  ---

  The best technique for the digital forensics team to use to obtain a sample of the malware binary is to image volatile memory. Volatile memory imaging is a process of collecting a snapshot of the contents of a computer's RAM, which can include active malware programs. According to the CompTIA Security+ SY0- 601 Official Text Book, volatile memory imaging can be used to capture active malware programs that are running in memory, but have not yet been committed to disk. This technique is especially useful in cases where the malware is designed to self-destruct or erase itself from the disk after execution.

• Question 807:

  Which of the following is a common source of unintentional corporate credential leakage in cloud environments?

  A. Code repositories
  B. Dark web
  C. Threat feeds
  D. State actors
  E. Vulnerability databases
  A. Code repositories

  ---

  Commonly, unintentional corporate credential leakage in cloud environments can occur through code repositories. Developers and teams often store code, configuration files, and other sensitive information in repositories like GitHub, Bitbucket, or GitLab. If these repositories are not properly secured or if sensitive data is inadvertently included in code commits, it can lead to credential exposure. Attackers might search public repositories for such information, potentially gaining unauthorized access to corporate resources. The other options (B. Dark web, C. Threat feeds, D. State actors, E. Vulnerability databases) are not typically sources of unintentional corporate credential leakage but rather relate to different aspects of cybersecurity, threat intelligence, and actors involved in cyberattacks.

• Question 808:

  A security administrator is working on a solution to protect passwords stored in a database against rainbow table attacks. Which of the following should the administrator consider?

  A. Hashing
  B. Salting
  C. Lightweight cryptography
  D. Steganography
  B. Salting

• Question 809:

  An organization needs to implement more stringent controls over administrator/root credentials and service accounts. Requirements for the project include:

  1.

  Check-in/checkout of credentials

  2.

  The ability to use but not know the password

  3.

  Automated password changes

  4.

  Logging of access to credentials

  Which of the following solutions would meet the requirements?

  A. OAuth 2.0
  B. Secure Enclave
  C. A privileged access management system
  D. An OpenID Connect authentication system
  C. A privileged access management system

  ---

  C. PAM via Messer Privileged access management (PAM) Managing superuser access -Administrator and Root -You don't want this in the wrong hands Store privileged accounts in a digital vault -Access is only granted from the vault by request -These privileges are temporary PAM advantages -Centralized password management -Enables automation -Manage access for each user -Extensive tracking and auditin

• Question 810:

  Which of the following prevents an employee from seeing a colleague who is visting an inappropriate website?

  A. Job roration policy
  B. NDA
  C. AUP
  D. Separation of duties policy
  C. AUP

  ---

  Explanation Explanation/Reference:"Which of the following prevents an employee from visiting an inappropriate website" .....which would somewhat make more sense. An acceptable use policy (AUP) is a document that outlines the rules and restrictions employees must follow in regard to the company's network, software, internet connection and devices. The employee shouldn't access the inappropriate website as it would go against proper use of the company network. ================ Helpful Info I Guess NDA (Non-disclosure agreement) - a binding contract between two or more parties that prevents sensitive information from being shared with others. Separation of Duty - refers to the principle that no user should be given enough privileges to misuse the system on their own. Job rotation - A concept that has employees rotate through different jobs to learn the procedures and processes in each. From a security perspective, job rotation helps to prevent or expose dangerous shortcuts or even fraudulent activity.