Practice Free SY0-601 Exam Online Questions
Which of the following test describes the risk that is present once mitigations are applied?
- A . Control risk
- B . Residual risk
- C . Inherent risk
- D . Risk awareness
B
Explanation:
Residual risk is the risk that remains after applying risk mitigation measures, such as controls, policies, or procedures. It reflects the level of uncertainty and potential impact that cannot be completely eliminated by risk management efforts. Residual risk is calculated by subtracting the risk reduction from the inherent risk, or by multiplying the inherent risk by the risk control effectiveness. Residual risk should be compared to the acceptable level of risk to determine if further action is needed or if the risk can be accepted by the management.
Reference: CompTIA Security+ SY0-601 Certification Study Guide, Chapter 10: Summarizing Risk Management Concepts, page 456; Residual risk – Wikipedia; Residual risk definition and why it’s important – Advisera
A company is adding a clause to its AUP that states employees are not allowed to modify the operating system on mobile devices.
Which of the following vulnerabilities is the organization addressing?
- A . Cross-site scripting
- B . Buffer overflow
- C . Jailbreaking
- D . Side loading
C
Explanation:
Jailbreaking is the vulnerability that the organization is addressing by adding a clause to its AUP that states employees are not allowed to modify the operating system on mobile devices. Jailbreaking is the process of removing the restrictions or limitations imposed by the manufacturer or carrier on a mobile device, such as an iPhone or iPad. Jailbreaking can allow users to install unauthorized applications, customize settings, or access system files. However, jailbreaking can also expose the device to security risks, such as malware, data loss, or warranty voidance.
Reference:
https://www.comptia.org/blog/what-is-jailbreaking
https://www.certblaster.com/wp-content/uploads/2020/11/CompTIA-Security-SY0-601-Exam-Objectives-1.0.pdf
A company’s marketing department collects, modifies, and stores sensitive customer data. The infrastructure team is responsible for Securing the data while in transit and at rest.
Which of the following data roles describes the customer?
- A . Processor
- B . Custodian
- C . Subject
- D . Owner
A network engineer is troubleshooting wireless network connectivity issues that were reported by users The issues are occurring only in the section of the building that is closest to the parking lot. Users are intermittently experiencing slow speeds when accessing websites and are unable to connect to network drives. The issues appear to increase when laptop users return to their desks after using their devices in other areas of the building There have also been reports of users being required to enter their credentials on web pages in order to gain access to them.
Which of the following is the most likely cause of this issue?
- A . An external access point is engaging in an evil-Twin attack
- B . The signal on the WAP needs to be increased in that section of the building
- C . The certificates have expired on the devices and need to be reinstalled
- D . The users in that section of the building are on a VLAN that is being blocked by the firewall
A
Explanation:
An evil-Twin attack is a type of wireless network attack that involves setting up a rogue access point that mimics a legitimate one. It can trick users into connecting to the rogue access point instead of the real one, and then intercept or modify their traffic, steal their credentials, launch phishing pages, etc. It is the most likely cause of the issue that users are experiencing slow speeds, unable to connect to network drives, and required to enter their credentials on web pages when working in the section of the building that is closest to the parking lot, where an external access point could be placed nearby.
A company currently uses passwords for logging in to company-owned devices and wants to add a second authentication factor Per corporate policy, users are not allowed to have smartphones at their desks.
Which of the following would meet these requirements?
- A . Smart card
- B . PIN code
- C . Knowledge-based question
- D . Secret key
A
Explanation:
A smart card is a physical device that contains an embedded integrated circuit chip that can store and process data. A smart card can be used as a second authentication factor, in addition to a password, to verify the identity of a user who wants to log in to company-owned devices. A smart card requires a smart card reader to access the data on the chip, which adds an extra layer of security. A smart card meets the requirements of the company because it does not involve a smartphone or any other device that is not allowed at the desks
A governance, risk, and compliance team created a report that notes the existence of a chlorine processing facility two miles from one of the company offices.
Which of the following describes this type of documentation?
- A . Site risk assessment
- B . Environmental impact report
- C . Disaster recovery plan
- D . Physical risk register
A cyber security administrator is using iptables as an enterprise firewall. The administrator created some rules, but the network now seems to be unresponsive. All connections are being dropped by the firewall.
Which of the following would be the best option to remove the rules?
- A . # iptables -t mangle -X
- B . # iptables -F
- C . # iptables -2
- D . # iptables -P INPUT -j DROP
B
Explanation:
iptables is a command-line tool that allows an administrator to configure firewall rules for a Linux system. The -F option flushes or deletes all the existing rules in the selected chain or in all chains if none is given. It can be used to remove the rules that caused the network to be unresponsive and restore the default firewall behavior.
Which of the following describes a security alerting and monitoring tool that collects system, application, and network logs from multiple sources in a centralized system?
- A . SIEM
- B . DLP
- C . IDS
- D . SNMP
Which of the following teams combines both offensive and defensive testing techniques to protect an organization’s critical systems?
- A . Red
- B . Blue
- C . Purple
- D . Yellow
C
Explanation:
A purple team combines both offensive and defensive testing techniques to protect an organization’s critical systems. A purple team is a type of cybersecurity team that consists of members from both the red team and the blue team. The red team performs simulated attacks on the organization’s systems, while the blue team defends against them. The purple team facilitates the collaboration and communication between the red team and the blue team, and provides feedback and recommendations for improvement. A purple team can help the organization identify and remediate vulnerabilities, enhance security controls, and increase resilience.
Reference:
https://www.comptia.org/blog/red-team-blue-team-purple-team
https://www.certblaster.com/wp-content/uploads/2020/11/CompTIA-Security-SY0-601-Exam-Objectives-1.0.pdf
Which of the following authentication methods sends out a unique password to be used within a specific number of seconds?
- A . TOTP
- B . Biometrics
- C . Kerberos
- D . LDAP
A
Explanation:
Time-based One-Time Password (TOTP) is a type of authentication method that sends out a unique password to be used within a specific number of seconds. It uses a combination of a shared secret key and the current time to generate a one-time password. TOTP is commonly used for two-factor authentication (2FA) to provide an additional layer of security beyond just a username and password.