Practice Free SY0-601 Exam Online Questions
A financial analyst is expecting an email containing sensitive information from a client. When the email arrives, the analyst receives an error and is unable to open the encrypted message.
Which of the following is the most likely cause of the issue?
- A . The S’MIME plug-m is not enabled.
- B . The SSL certificate has expired.
- C . Secure I MAP was not implemented.
- D . P0P3S is not supported.
A
Explanation:
The most likely cause of the issue is that the S/MIME plug-in is not enabled. S/MIME stands for Secure/Multipurpose Internet Mail Extensions, which is a standard that allows email users to encrypt and digitally sign their messages. S/MIME uses public key cryptography and certificates to ensure confidentiality, integrity, authenticity, and non-repudiation of email communications. However, S/MIME requires both the sender and the receiver to have compatible email clients and plug-ins that support S/MIME functionality. If the receiver does not have the S/MIME plug-in enabled, they will not be able to decrypt or verify the encrypted message.
A local server recently crashed, and the team is attempting to restore the server from a backup. During the restore process, the team notices the file size of each daily backup is large and will run out of space at the current rate.
The current solution appears to do a full backup every night.
Which of the following would use the least amount of storage space for backups?
- A . A weekly, incremental backup with daily differential backups
- B . A weekly, full backup with daily snapshot backups
- C . A weekly, full backup with daily differential backups
- D . A weekly, full backup with daily incremental backups
D
Explanation:
A weekly, full backup with daily incremental backups would use the least amount of storage space for backups, as it would only store the changes made since the last backup, whether it is a full or incremental backup. Incremental backups are faster and use less storage space than full or differential backups, but they require more time and media to restore data. A full backup is a complete copy of all data, which requires more time and storage space to perform, but allows a faster and easier recovery. A differential backup is a copy of the data that changed since the last full backup, which requires less time and storage space than a full backup, but more than an incremental backup. A differential backup allows a faster recovery than an incremental backup, but slower than a full backup.
Reference:
https://www.techtarget.com/searchdatabackup/feature/Full-incremental-or-differential-How-to-choose-the-correct-backup-type
https://www.nakivo.com/blog/backup-types-explained/
The spread of misinformation surrounding the outbreak of a novel virus on election day led to eligible voters choosing not to take the risk of going the polls.
This is an example of:
- A . prepending.
- B . an influence campaign.
- C . a watering-hole attack.
- D . intimidation.
- E . information elicitation.
B
Explanation:
This scenario describes an influence campaign, where false information is spread to influence or manipulate people’s beliefs or actions. In this case, the misinformation led eligible voters to avoid polling places, which influenced the outcome of the election.
A company is concerned about individuals driving a car into the building to gain access.
Which of the following security controls would work BEST to prevent this from happening?
- A . Bollard
- B . Camera
- C . Alarms
- D . Signage
- E . Access control vestibule
A
Explanation:
Bollards are posts designed to prevent vehicles from entering an area. They are usually made of steel or concrete and are placed close together to make it difficult for vehicles to pass through. In addition to preventing vehicles from entering an area, bollards can also be used to protect buildings and pedestrians from ramming attacks. They are an effective and cost-efficient way to protect buildings and pedestrians from unauthorized access.
As accounting clerk sent money to an attacker’s bank account after receiving fraudulent instructions to use a new account.
Which of the following would most likely prevent this activity in the future?
- A . Standardizing security incident reporting
- B . Executing regular phishing campaigns
- C . Implementing insider threat detection measures
- D . Updating processes for sending wire transfers
During an incident a company CIRT determine it is necessary to observe the continued network-based transaction between a callback domain and the malware running on an enterprise PC.
Which of the following techniques would be BEST to enable this activity while reducing the risk of lateral spread and the risk that the adversary would notice any changes?
- A . Physical move the PC to a separate internet pint of presence
- B . Create and apply micro segmentation rules.
- C . Emulate the malware in a heavily monitored DM Z segment.
- D . Apply network blacklisting rules for the adversary domain
C
Explanation:
To observe the continued network-based transaction between a callback domain and the malware running on an enterprise PC while reducing the risk of lateral spread and the risk that the adversary would notice any changes, the best technique to use is to emulate the malware in a heavily monitored DMZ segment. This is a secure environment that is isolated from the rest of the network and can be heavily monitored to detect any suspicious activity. By emulating the malware in this environment, the activity can be observed without the risk of lateral spread or detection by the adversary.
Reference: https://www.sans.org/blog/incident-response-fundamentals-why-is-the-dmz-so-important/
An organization’s Chief Information Security Officer is creating a position that will be responsible for implementing technical controls to protect data, including ensuring backups are properly maintained.
Which of the following roles would MOST likely include these responsibilities?
- A . Data protection officer
- B . Data owner
- C . Backup administrator
- D . Data custodian
- E . Internal auditor
D
Explanation:
The responsibilities of ensuring backups are properly maintained and implementing technical controls to protect data are the responsibilities of the data custodian role.
Reference: CompTIA Security+ Study Guide by Emmett Dulaney, Chapter 7: Securing Hosts and Data, Data Custodian
Which of the following is a hardware-specific vulnerability?
- A . Firmware version
- B . Buffer overflow
- C . SQL injection
- D . Cross-site scripting
Which of the following security controls is used to isolate a section of the network and its externally available resources from the internal corporate network in order to reduce the number of possible attacks?
- A . Faraday cages
- B . Air gap
- C . Vaulting
- D . Proximity readers
B
Explanation:
Which of the following security controls is used to isolate a section of the network and its externally available resources from the internal corporate network in order to reduce the number of possible attacks?
- A . Faraday cages
- B . Air gap
- C . Vaulting
- D . Proximity readers
B
Explanation: