Practice Free SY0-601 Exam Online Questions
Which of the following isa risk that is specifically associated with hesting applications iin the public cloud?
- A . Unsecured root accounts
- B . Zero day
- C . Shared tenancy
- D . Insider threat
C
Explanation:
When hosting applications in the public cloud, there is a risk of shared tenancy, meaning that multiple organizations are sharing the same infrastructure. This can potentially allow one tenant to access another tenant’s data, creating a security risk.
Reference: CompTIA Security+ Certification Exam Objectives (SY0-601)
An organization is upgrading its wireless system and wants to require MFA in order for users to connect to Wi-Fi. New access points were installed and connected to the controller.
Which of the following is the next piece of technology that will be required to enable MFA?
- A . RADIUS
- B . BWPA3
- C . PSK
- D . HSM
- E . CBC-MAC
A systems administrator is redesigning how devices will perform network authentication.
The following requirements need to be met:
• An existing internal certificate must be used.
• Wired and wireless networks must be supported.
• Any unapproved device should be isolated in a quarantine subnet.
• Approved devices should be updated before accessing resources.
Which of the following would best meet the requirements?
- A . 802.1X
- B . EAP
- C . RADIUS
- D . WPA2
An analyst is working on an investigation with multiple alerts for multiple hosts. The hosts are showing signs of being compromised by a fast-spreading worm.
Which of the following should be the next step in order to stop the spread?
- A . Disconnect every host from the network.
- B . Run an AV scan on the entire
- C . Scan the hosts that show signs of
- D . Place all known-infected hosts on an isolated network
D
Explanation:
Placing all known-infected hosts on an isolated network is the best way to stop the spread of a worm infection. This will prevent the worm from reaching other hosts on the network and allow the infected hosts to be cleaned and restored. Disconnecting every host from the network is not practical and may disrupt business operations. Running an AV scan on the entire network or scanning the hosts that show signs of infection may not be effective or fast enough to stop a fast-spreading worm.
A systems administrator is concerned about the output from web server logs.
Given the following snippet of the web server log file:
Which of the following attacks occurred?
- A . Cross-site scripting
- B . Buffer overflow
- C . Directory traversal
- D . SQL injection
During a forensic investigation, an analyst uses software to create a checksum of the affected subject’s email file.
Which of the following is the analyst practicing?
- A . Chain of custody
- B . Data recovery
- C . Non-repudiation
- D . Integrity
Which of the following is used to describe discrete characteristics of a potential weakness that results in a seventy number?
- A . CVSS
- B . CVE
- C . CAR
- D . CERT
A security administrator is using UDP port 514 to send a syslog through an unsecure network to the SIEM server.
Which of the following is the best way for the administrator to improve the process?
- A . Change the protocol to TCP.
- B . Add LDAP authentication to the SIEM server.
- C . Use a VPN from the internal server to the SIEM and enable DLP.
- D . Add SSL/TLS encryption and use a TCP 6514 port to send logs.
D
Explanation:
SSL/TLS encryption is a method of securing the syslog traffic by using cryptographic protocols to encrypt and authenticate the data. SSL/TLS encryption can prevent eavesdropping, tampering, or spoofing of the syslog messages. TCP 6514 is the standard port for syslog over TLS, as defined by RFC 5425. Using this port can ensure compatibility and interoperability with other syslog implementations that support TLS.
The Chief information Security Officer has directed the security and networking team to retire the use of shared passwords on routers and switches.
Which of the following choices BEST meets the requirements?
- A . SAML
- B . TACACS+
- C . Password vaults
- D . OAuth
B
Explanation:
TACACS+ is a protocol used for remote authentication, authorization, and accounting (AAA) that can be used to replace shared passwords on routers and switches. It provides a more secure method of authentication that allows for centralized management of access control policies.
Reference: CompTIA Security+ Study Guide, Exam SY0-601, 4th Edition, Chapter 6
An organization implemented cloud-managed IP cameras to monitor building entry points and sensitive areas. The service provider enables direct TCP/IP connection to stream live video footage from each camera. The organization wants to ensure this stream is encrypted and authenticated.
Which of the following protocols should be implemented to best meet this objective?
- A . SSH
- B . SRTP
- C . S/MIME
- D . PPTP