Practice Free SY0-601 Exam Online Questions
Which of the following threat vectors is most commonly utilized by insider threat actors attempting data exfiltration?
- A . Unidentified removable devices
- B . Default network device credentials
- C . Spear phishing emails
- D . Impersonation of business units through typosquatting
Stakeholders at an organisation must be kept aware of any incidents and receive updates on status changes as they occur.
Which of the following Plans would fulfill this requirement?
- A . Communication plan
- B . Disaster recovery plan
- C . Business continuity plan
- D . Risk plan
A
Explanation:
A communication plan is a plan that would fulfill the requirement of keeping stakeholders at an organization aware of any incidents and receiving updates on status changes as they occur. A communication plan is a document that outlines the communication objectives, strategies, methods, channels, frequency, and audience for an incident response process. A communication plan can help an organization communicate effectively and efficiently with internal and external stakeholders during an incident and keep them informed of the incident’s impact, progress, resolution, and recovery.
Reference:
https://www.comptia.org/certifications/security#examdetails
https://www.comptia.org/content/guides/comptia-security-sy0-601-exam-objectives
https://www.ready.gov/business-continuity-plan
A security analyst needs an overview of vulnerabilities for a host on the network.
Which of the following is the BEST type of scan for the analyst to run to discover which vulnerable services are running?
- A . Non-credentialed
- B . Web application
- C . Privileged
- D . Internal
C
Explanation:
Privileged scanning, also known as credentialed scanning, is a type of vulnerability scanning that uses a valid user account to log in to the target host and examine vulnerabilities from a trusted user’s perspective. It can provide more accurate and comprehensive results than unprivileged scanning, which does not use any credentials and only scans for externally visible vulnerabilities.
A company decided to reduce the cost of its annual cyber insurance policy by removing the coverage for ransomware attacks.
Which of the following analysis elements did the company most likely use in making this decision?
- A . MTTR
- B . RTO
- C . ARO
- D . MTBF
A major clothing company recently lost a large amount of proprietary information. The security officer must find a solution to ensure this never happens again.
Which of the following is the BEST technical implementation to prevent this from happening again?
- A . Configure DLP solutions
- B . Disable peer-to-peer sharing
- C . Enable role-based
- D . Mandate job rotation
- E . Implement content filters
A
Explanation:
Data loss prevention (DLP) solutions can prevent the accidental or intentional loss of sensitive data. DLP tools can identify and protect sensitive data by classifying and categorizing it, encrypting it, or blocking it from being transferred outside the organization’s network.
A user is attempting to navigate to a website from inside the company network using a desktop. When the user types in the URL, https://www.site.com, the user is presented with a certificate mismatch warning from the browser. The user does not receive a warning when visiting http://www.anothersite.com.
Which of the following BEST describes this attack?
- A . On-path
- B . Domain hijacking
- C . DNS poisoning
- D . Evil twin
Which of the following types of controls is a turnstile?
- A . Physical
- B . Detective
- C . Corrective
- D . Technical
A
Explanation:
A turnstile is a physical security control that regulates the entry and exit of people into a facility or an area. It can prevent unauthorized access, tailgating, etc., by requiring valid credentials or tokens to pass through
Which of the following is an administrative control that would be most effective to reduce the occurrence of malware execution?
- A . Security awareness training
- B . Frequency of NIDS updates
- C . Change control procedures
- D . EDR reporting cycle
A
Explanation:
Security awareness training is an administrative control that educates users on the best practices and policies for protecting the organization’s data and systems from various threats, such as malware, phishing, social engineering, etc. Security awareness training can reduce the occurrence of malware execution by increasing the users’ ability to recognize and avoid malicious links, attachments,
downloads, or websites.
Which of the following security concepts should an e-commerce organization apply for protection against erroneous purchases?
- A . Privacy
- B . Availability
- C . Integrity
- D . Confidentiality
C
Explanation:
Integrity is a security concept that ensures that data is accurate, complete and consistent, and that it has not been tampered with or modified in an unauthorized or unintended way. Integrity is important for e-commerce organizations to protect against erroneous purchases, as it can prevent data corruption, duplication, loss or manipulation that could affect the transactions or the records of the customers. Integrity can be achieved by using methods such as hashing, digital signatures, checksums, encryption and access control.
Verified Reference:
Security+ (Plus) Certification | CompTIA IT Certifications https://www.comptia.org/certifications/security (See. What Skills Will You Learn?) CompTIA Security+ 601 – Infosec https://www.infosecinstitute.com/wp-content/uploads/2021/03/CompTIA-Security-eBook.pdf (See Security+: 5 in-demand cybersecurity skills)
CompTIA Security+ SY0-601 Certification Study Guide https://www.comptia.org/training/books/security-sy0-601-study-guide (See Chapter 1: Threats, Attacks and Vulnerabilities, Section 1.4: Cryptography and PKI)
A security analyst reviews a company’s authentication logs and notices multiple authentication failures. The authentication failures are from different usernames that share the same source IP address.
Which of the password attacks is MOST likely happening?
- A . Dictionary
- B . Rainbow table
- C . Spraying
- D . Brute-force
C
Explanation:
Detailed Password spraying is an attack where an attacker tries a small number of commonly used passwords against a large number of usernames. The goal of password spraying is to avoid detection by avoiding too many failed login attempts for any one user account. The fact that different usernames are being attacked from the same IP address is a strong indication that a password spraying attack is underway.