The Secret Of CompTIA SY0-601 Test Preparation

NEW QUESTION 1
An analyst visits an internet forum looking for information about a tool. The analyst finds a threat that appears to contain relevant information. One of the posts says the following:

Which of the following BEST describes the attack that was attempted against the forum readers?

• A. SOU attack
• B. DLL attack
• C. XSS attack
• D. API attack

Answer: C

NEW QUESTION 2
A pharmaceutical sales representative logs on to a laptop and connects to the public WiFi to check emails and update reports. Which of the following would be BEST to prevent other devices on the network from directly accessing the laptop? (Choose two.)

• A. Trusted Platform Module
• B. A host-based firewall
• C. A DLP solution
• D. Full disk encryption
• E. A VPN
• F. Antivirus software

Answer: AB

NEW QUESTION 3
A company’s bank has reported that multiple corporate credit cards have been stolen over the past several weeks. The bank has provided the names of the affected cardholders to the company’s forensics team to assist in the cyber-incident investigation.
An incident responder learns the following information:
The timeline of stolen card numbers corresponds closely with affected users making Internet-based purchases from diverse websites via enterprise desktop PCs.
All purchase connections were encrypted, and the company uses an SSL inspection proxy for the inspection of encrypted traffic of the hardwired network.
Purchases made with corporate cards over the corporate guest WiFi network, where no SSL inspection occurs, were unaffected.
Which of the following is the MOST likely root cause?

• A. HTTPS sessions are being downgraded to insecure cipher suites
• B. The SSL inspection proxy is feeding events to a compromised SIEM
• C. The payment providers are insecurely processing credit card charges
• D. The adversary has not yet established a presence on the guest WiFi network

Answer: C

NEW QUESTION 4
An auditor is performing an assessment of a security appliance with an embedded OS that was vulnerable during the last two assessments. Which of the following BEST explains the appliance’s vulnerable state?

• A. The system was configured with weak default security settings.
• B. The device uses weak encryption ciphers.
• C. The vendor has not supplied a patch for the appliance.
• D. The appliance requires administrative credentials for the assessment.

Answer: C

NEW QUESTION 5
A company is adopting a BYOD policy and is looking for a comprehensive solution to protect company information on user devices. Which of the following solutions would BEST support the policy?

• A. Mobile device management
• B. Full-device encryption
• C. Remote wipe
• D. Biometrics

Answer: A

NEW QUESTION 6
A recently discovered zero-day exploit utilizes an unknown vulnerability in the SMB network protocol to rapidly infect computers. Once infected, computers are encrypted and held for ransom. Which of the following would BEST prevent this attack from reoccurring?

• A. Configure the perimeter firewall to deny inbound external connections to SMB ports.
• B. Ensure endpoint detection and response systems are alerting on suspicious SMB connections.
• C. Deny unauthenticated users access to shared network folders.
• D. Verify computers are set to install monthly operating system, updates automatically.

Answer: A

NEW QUESTION 7
A security analyst is performing a packet capture on a series of SOAP HTTP requests for a security assessment. The analyst redirects the output to a file After the capture is complete, the analyst needs to review the first transactions quickly and then search the entire series of requests for a particular string Which of the following would be BEST to use to accomplish the task? (Select TWO).

• A. head
• B. Tcpdump
• C. grep
• D. rail
• E. curl
• F. openssi
• G. dd

Answer: AB

NEW QUESTION 8
Which of the following would be the BEST method for creating a detailed diagram of wireless access points and hot-spots?

• A. Footprinting
• B. White-box testing
• C. A drone/UAV
• D. Pivoting

Answer: A

NEW QUESTION 9
When used at the design stage, which of the following improves the efficiency, accuracy, and speed of a database?

• A. Tokenization
• B. Data masking
• C. Normalization
• D. Obfuscation

Answer: C

NEW QUESTION 10
Which of the following BEST describes a security exploit for which a vendor patch is not readily available?

• A. Integer overflow
• B. Zero-day
• C. End of life
• D. Race condition

Answer: B

NEW QUESTION 11
A security analyst discovers several .jpg photos from a cellular phone during a forensics investigation involving a compromised system. The analyst runs a forensics tool to gather file metadata. Which of the following would be part of the images if all the metadata is still intact?

• A. The GPS location
• B. When the file was deleted
• C. The total number of print jobs
• D. The number of copies made

Answer: A

NEW QUESTION 12
A vulnerability assessment report will include the CVSS score of the discovered vulnerabilities because the score allows the organization to better.

• A. validate the vulnerability exists in the organization's network through penetration testing
• B. research the appropriate mitigation techniques in a vulnerability database
• C. find the software patches that are required to mitigate a vulnerability
• D. prioritize remediation of vulnerabilities based on the possible impact.

Answer: D

NEW QUESTION 13
The manager who is responsible for a data set has asked a security engineer to apply encryption to the data on a hard disk. The security engineer is an example of a:

• A. data controller.
• B. data owner
• C. data custodian.
• D. data processor

Answer: D

NEW QUESTION 14
A security auditor is reviewing vulnerability scan data provided by an internal security team. Which of the following BEST indicates that valid credentials were used?

• A. The scan results show open ports, protocols, and services exposed on the target host
• B. The scan enumerated software versions of installed programs
• C. The scan produced a list of vulnerabilities on the target host
• D. The scan identified expired SSL certificates

Answer: B

NEW QUESTION 15
A recent malware outbreak across a subnet included successful rootkit installations on many PCs, ensuring persistence by rendering remediation efforts ineffective. Which of the following would BEST detect the presence of a rootkit in the future?

• A. FDE
• B. NIDS
• C. EDR
• D. DLP

Answer: C

NEW QUESTION 16
A security administrator suspects an employee has been emailing proprietary information to a competitor. Company policy requires the administrator to capture an exact copy of the employee’s hard disk. Which of the following should the administrator use?

• A. dd
• B. chmod
• C. dnsenum
• D. logger

Answer: A

NEW QUESTION 17
A network administrator has been asked to install an IDS to improve the security posture of an organization. Which of the following control types is an IDS?

• A. Corrective
• B. Physical
• C. Detective
• D. Administrative

Answer: C

NEW QUESTION 18
After a ransomware attack a forensics company needs to review a cryptocurrency transaction between the victim and the attacker. Which of the following will the company MOST likely review to trace this transaction?

• A. The public ledger
• B. The NetFlow data
• C. A checksum
• D. The event log

Answer: A

NEW QUESTION 19
Which of the following refers to applications and systems that are used within an organization without consent or approval?

• A. Shadow IT
• B. OSINT
• C. Dark web
• D. Insider threats

Answer: A

NEW QUESTION 20
A security analyst is looking for a solution to help communicate to the leadership team the seventy levels of the organization’s vulnerabilities. Which of the following would BEST meet this need?

• A. CVE
• B. SIEM
• C. SOAR
• D. CVSS

Answer: D

NEW QUESTION 21
An organization with a low tolerance for user inconvenience wants to protect laptop hard drives against loss or data theft. Which of the following would be the MOST acceptable?

• A. SED
• B. HSM
• C. DLP
• D. TPM

Answer: A

NEW QUESTION 22
A network engineer needs to create a plan for upgrading the wireless infrastructure in a large office Priority must be given to areas that are currently experiencing latency and connection issues. Which of the following would be the BEST resource for determining the order of priority?

• A. Nmapn
• B. Heat maps
• C. Network diagrams
• D. Wireshark

Answer: C

NEW QUESTION 23
The CSIRT is reviewing the lessons learned from a recent incident. A worm was able to spread unhindered throughout the network and infect a large number of computers and servers. Which of the following recommendations would be BEST to mitigate the impacts of a similar incident in the future?

• A. Install a NIDS device at the boundary.
• B. Segment the network with firewalls.
• C. Update all antivirus signatures daily.
• D. Implement application blacklisting.

Answer: B

NEW QUESTION 24
......