CompTIA SY0-601 Online Practice Questions and Exam Preparation

CompTIA SY0-601 Online Questions & Answers

• Question 911:

  During a Chiet Information Securty Officer (CISO) comvenbon to discuss security awareness, the affendees are provided with a network connection to use as a resource. As the Convention progresses. and of the attendees starts to notice delays in the connection. and the HTTPS ste requests are reverting to HTTP. Which of the folowing BEST describes what is happening?

  A. Birtuday colfisices on the cartificate key
  B. DNS hijackeng to reroute tratic
  C. Brute force 1 tho access point
  D. A SSL/TLS downgrade
  D. A SSL/TLS downgrade

• Question 912:

  An organization just implemented a new security system. Local laws state that citizens must be notified prior to encountering the detection mechanism to deter malicious activities. Which of the following is being implemented?

  A. Proximity cards with guards
  B. Fence with electricity
  C. Drones with alarms
  D. Motion sensors with signage
  D. Motion sensors with signage

  ---

  Explanation Explanation/Reference:The question states they must be NOTIFIED. A fence definitely won't whisper in your ear.

• Question 913:

  A security analyst receives a SIEM alert that someone logged in to the appadmin test account, which is only used for the early detection of attacks. The security analyst then reviews the following application log:

  

  Which of the following can the security analyst conclude?

  A. A replay attack is being conducted against the application.
  B. An injection attack is being conducted against a user authentication system.
  C. A service account password may have been changed, resulting in continuous failed logins within the application.
  D. A credentialed vulnerability scanner attack is testing several CVEs against the application.
  B. An injection attack is being conducted against a user authentication system.

• Question 914:

  In which of the following scenarios is tokenization the best privacy technique to use?

  A. Providing pseudo-anonymization for social media user accounts
  B. Serving as a second factor for authentication requests
  C. Enabling established customers to safely store credit card information
  D. Masking personal information inside databases by segmenting data
  C. Enabling established customers to safely store credit card information

• Question 915:

  Which of the following best describes the risk that is present once mitigations are applied?

  A. Control risk
  B. Residual risk
  C. Inherent risk
  D. Risk awareness
  B. Residual risk

  ---

  The residual risk is the amount of risk or danger associated with an action or event remaining after natural or inherent risks have been reduced by risk controls.

• Question 916:

  A retail store has a business requirement to deploy a kiosk computer In an open area The kiosk computer's operating system has been hardened and tested. A security engineer is concerned that someone could use removable media to

  install a rootkit.

  Which should the security engineer configure to BEST protect the kiosk computer?

  A. Measured boot
  B. Boot attestation
  C. UEFI
  D. EDR
  A. Measured boot

• Question 917:

  Which of the following mitigation techniques places devices in physically or logically separated networks and leverages policies to limit the types of communications that are allowed?

  A. Host-based firewalls
  B. Access control list
  C. Port security
  D. Least privilege
  B. Access control list

  ---

  An access control list (ACL) is a set of rules or policies that can be applied to devices or networks to control the types of communications that are allowed or denied. It can be used to filter and restrict traffic based on various criteria such as source IP addresses, destination IP addresses, ports, protocols, and more. By applying ACLs, devices can be placed in logically separated networks and communication between them can be controlled based on the defined rules.

• Question 918:

  An analyst is reviewing logs associated with an attack. The logs indicate an attacker downloaded a malicious file that was quarantined by the AV solution. The attacker utilized a local non-administrative account to restore the malicious file to a new location. The file was then used by another process to execute a payload. Which of the following attacks did the analyst observe?

  A. Privilege escalation
  B. Request forgeries
  C. Injection
  D. Replay attack
  C. Injection

  ---

  key words "non-admin account" and "execute a payload " hence C correct

• Question 919:

  A company owns a public-facing e-commerce website. The company outsources credit card transactions to a payment company. Which of the following BEST describes the role of the payment company?

  A. Data controller
  B. Data custodian
  C. Data owners
  D. Data processor
  D. Data processor

  ---

  A data processor is an organization that processes personal data on behalf of a data controller. In this scenario, the company that owns the e-commerce website is the data controller, as it determines the purposes and means of processing personal data (e.g. credit card information). The payment company is a data processor, as it processes personal data on behalf of the e-commerce company (i.e. it processes credit card transactions). Reference: CompTIA Security+ Study Guide (SY0-601) 7th Edition by Emmett Dulaney, Chuck Easttom

• Question 920:

  A company's help desk has received calls about the wireless network being down and users being unable to connect to it. The network administrator says all access points are up and running. One of the help desk technicians notices the affected users are working in a building near the parking lot. Which of the following is the most likely reason for the outage?

  A. Someone near the building is jamming the signal.
  B. A user has set up a rogue access point near the building.
  C. Someone set up an evil twin access point in the affected area.
  D. The APs in the affected area have been unplugged from the network.
  A. Someone near the building is jamming the signal.

  ---

  The most likely reason for the wireless network outage in the affected building near the parking lot is that someone is jamming the wireless signal. Jamming is a deliberate attempt to disrupt wireless communication by transmitting interference on the same frequency as the wireless network, causing the access points and clients to experience connectivity issues. Jamming can be carried out using various devices that emit radio frequency signals, interfering with the normal operation of wireless devices. This interference prevents legitimate users from connecting to the wireless network and disrupts the communication between access points and clients.