Practice Free SY0-601 Exam Online Questions
A security analyst is reviewing an IDS alert and sees the following:
Which of the following triggered the IDS alert?
- A . Bluesnaring attack
- B . URL redirection attack
- C . Fileless malware execution
- D . Macro-based denial of service
An employee receives a text message that appears to have been sent by the payroll department and is asking for credential verification.
Which of the following social engineering techniques are being attempted? (Select two).
- A . Typosquatting
- B . Phishing
- C . Impersonation
- D . Vishing
- E . Smishing
- F . Misinformation
A security analyst is using OSINT to gather information to verify whether company data is available publicly.
Which of the following is the BEST application for the analyst to use?
- A . theHarvester
B Cuckoo - B . Nmap
- C . Nessus
A
Explanation:
TheHarvester is a reconnaissance tool that is used to gather information about a target organization, such as email addresses, subdomains, and IP addresses. It can also be used to gather information about a target individual, such as email addresses, phone numbers, and social media profiles. TheHarvester is specifically designed for OSINT (Open-Source Intelligence) and it can be used to discover publicly available information about a target organization or individual.
Which of the following biometric authentication methods is the MOST accurate?
- A . Gait
- B . Retina
- C . Signature
- D . Voice
B
Explanation:
Retina authentication is the most accurate biometric authentication method. Retina authentication is based on recognizing the unique pattern of blood vessels and other features in the retina. This makes it virtually impossible to duplicate or bypass, making it the most secure form of biometric authentication currently available.
A growing company would like to enhance the ability of its security operations center to detect threats but reduce the amount of manual work required for the security analysts.
Which of the following would best enable the reduction in manual work?
- A . SOAR
- B . SIEM
- C . MDM
- D . DLP
An employee’s laptop was stolen last month. This morning, the was returned by the A cyberrsecurity analyst retrieved laptop and has since cybersecurity incident checklist Four incident handlers are responsible for executing the checklist.
Which of the following best describes the process for evidence collection assurance?
- A . Time stamp
- B . Chain of custody
- C . Admissibility
- D . Legal hold
B
Explanation:
Chain of custody is a process that documents the chronological and logical sequence of custody, control, transfer, analysis, and disposition of materials, including physical or electronic evidence. Chain of custody is important to ensure the integrity and admissibility of evidence in legal proceedings. Chain of custody can help evidence collection assurance by providing proof that the evidence has been handled properly and has not been tampered with or contaminated.
Reference:
https://www.comptia.org/certifications/security#examdetails
https://www.comptia.org/content/guides/comptia-security-sy0-601-exam-objectives
https://www.thoughtco.com/chain-of-custody-4589132
Which of the following agreements defines response time, escalation points, and performance metrics?
- A . BPA
- B . MOA
- C . NDA
- D . SLA
D
Explanation:
A service level agreement (SLA) defines response time, escalation points, and performance metrics. An SLA is a contract between a service provider and a customer that specifies the level and quality of service that will be delivered. An SLA typically includes metrics such as availability, reliability, throughput, latency, security, etc., as well as penalties or remedies for failing to meet them. An SLA also defines how issues will be reported and resolved, how often reviews will be conducted, and how changes will be communicated.
Which of the following environments would MOST likely be used to assess the execution of component parts of a system at both the hardware and software levels and to measure performance characteristics?
- A . Test
- B . Staging
- C . Development
- D . Production
A
Explanation:
The test environment is used to assess the execution of component parts of a system at both the hardware and software levels and to measure performance characteristics.
Reference: CompTIA Security+ Study Guide 601, Chapter 2
Which of the following environments would MOST likely be used to assess the execution of component parts of a system at both the hardware and software levels and to measure performance characteristics?
- A . Test
- B . Staging
- C . Development
- D . Production
A
Explanation:
The test environment is used to assess the execution of component parts of a system at both the hardware and software levels and to measure performance characteristics.
Reference: CompTIA Security+ Study Guide 601, Chapter 2
Which of the following environments would MOST likely be used to assess the execution of component parts of a system at both the hardware and software levels and to measure performance characteristics?
- A . Test
- B . Staging
- C . Development
- D . Production
A
Explanation:
The test environment is used to assess the execution of component parts of a system at both the hardware and software levels and to measure performance characteristics.
Reference: CompTIA Security+ Study Guide 601, Chapter 2