CompTIA SY0-601 Quiz Flashcards

Question 1

Q

A company recently transitioned to a strictly BYOD culture due to the cost of replacing lost or damaged corporate-owned mobile devices. Which of the following technologies would be BEST to balance the BYOD culture while also protecting the companyג€™s data?

Answer

A

Containerization

Question 2

Q

A Chief Security Office’s (CSO’s) key priorities are to improve preparation, response, and recovery practices to minimize system downtime and enhance organizational resilience to ransomware attacks. Which of the following would BEST meet the CSO’s objectives?

Answer

A

Implement application whitelisting and centralized event-log management, and perform regular testing and validation of full backups.

Question 3

Q

A network engineer has been asked to investigate why several wireless barcode scanners and wireless computers in a warehouse have intermittent connectivity to the shipping server. The barcode scanners and computers are all on forklift trucks and move around the warehouse during their regular use. Which of the following should the engineer do to determine the issue? (Choose two.)

Answer

A

Perform a site survey

Create a heat map

Question 4

Q

A security administrator suspects an employee has been emailing proprietary information to a competitor. Company policy requires the administrator to capture an exact copy of the employeeג€™s hard disk. Which of the following should the administrator use?

Answer

A

dd for disk duplicator

Question 5

Q

Which of the following is MOST likely to outline the roles and responsibilities of data controllers and data processors?

Answer

A

The data processor is a General Data Protection regulation

(GDPR) role that uses and manipulates data on behalf of the data controller.

Question 6

Q

HTTPS uses port

Question 7

Q

DNS uses port

Question 8

Q

SNMP uses port

Question 9

Q

SSH uses port

Question 10

Q

You received an email from an online store stating that they are giving away iPhones at a 70% discount in
the clearance sale. The email also stated that everyone is rushing to buy these iPhones, and only a limited stock is available. The email contained a link that you had to click to register yourself.
Which type of social engineering principle is being used here?

Question 11

Q

You suspect that one of the systems on the network is infected with malware. Even after scanning the
system with updated antimalware, you are not able to locate anything. The system, however, continues to
show malware symptoms. Which type of malware can be present on this system?

Question 12

Q

Which type of wireless attack requires a disassociation attack as a pre-requisite?

Answer

A

An evil twin is a WAP that has the same name as the legitimate WAP. The attacker
first dissociates the clients from the legitimate WAP using the disassociation attack. The clients then
connect to the evil twin.

Question 13

Q

You have joined an organization as a software development team leader. You want your team to adopt secure coding techniques. Which of the following should you use?

Answer

A

In this scenario, you should use the OWASP secure coding guidelines. The OWASP
guidelines should be integrated into the development

Question 14

Q

You are performing dynamic code analysis on a Web application. Which of the following tasks are you likely to be performing while the application is running?

Answer

A

Verifying the environmental configuration is part of the dynamic code analysis.

Question 15

Q

You want to extend your organization’s security policies to the cloud environment. Which of the following should you use?

Answer

A

CASB, Cloud Access Security Broker, extends the security policies of an organization to the cloud implementation. They are responsible for extending the security between the users and the cloud service providers.

Question 16

Q

You want to gather information about several emails from a domain. You also want to list the sub domains for the domain that you specify. Which tool should you use?

Answer

A

the Harvester

Question 17

Q

Cuckoo is an

Answer

A

an open-source sandbox for malware analysis

Question 18

Q

Nessus is a

Answer

A

a vulnerability management tool

Question 19

Q

Sniper is an

Answer

A

an information gathering and penetration testing platform

Question 20

Q

the Harvester is an

Answer

A

open-source tool specializing in gathering information, such as emails, employee information, sub-domains, and hostnames. It can use a variety of search engines, such as Google and Bing, and other platforms, such as LinkedIn

Question 21

Q

You want to refer to the knowledge base of adversary tactics and techniques and learn about their attack methods. Which of the following should you refer to in this scenario?

Answer

A

use MITRE ATT&CK, the knowledge base of adversary tactics and techniques collected from real-world scenarios. You can use this to learn about specific methods of an attacker.

Question 22

Q

A system is used as a tool in cybercrime. You need to ensure that you capture the digital evidence without fail. Keeping the Order of volatility in mind, which of the following should you focus on first to maintain the Order of volatility?

Answer

A

As per the Order of volatility, this is the first thing you need to capture. You need to get the information from the cache and registers.

Question 23

Q

You have several security policies to make part of the Information Security Management System (ISMS). Which of the following framework should you use?

Answer

A

you should opt for the ISO 27001 framework that helps you establish an ISMS. It provides guidelines as to how the policies should be written and applied. It helps the organizations put practices in place that help them safeguard the information.

Question 24

Q

You are suspecting a financial fraud that has taken place. You want to ensure that you can detect it.
Which of the following method should you use?

Answer

A

Mandatory vacations are enforced to detect any kind of illegitimate or wrong practices followed by the employees. You can audit the financial data after the required people are
sent on vacation.

Question 25

Q

You have been tasked to add a disclaimer to the email that is received from external domains. Which of the following methods should you use?

Answer

A

Prepending is the method of adding a disclaimer or information text to the emails received from external domains.

Question 26

Q

A vishing attack allows an attacker to

Answer

A

use a fake caller ID to conduct a phishing

attack. In this attack, the attacker attempts to get sensitive information from the call recipient.

Question 27

Q

Smishing is a

Answer

A

phishing attack that is conducted by sending an SMS with a malicious link.

Question 28

Q

Whaling is a

Answer

A

type of social engineering attack that targets high-profiled individuals in an organization.

Question 29

Q

Which of the following attack can an attacker conduct to circumvent an account lockout by trying the passwords?

Answer

A

Password spraying attack

Question 30

Q

You want to conduct a DNS poisoning attack. Which of the following tools should you use?

Answer

A

It can conduct various attacks, such as DNS poisoning and ARP poisoning. In the
DNS poisoning attack, the attacker changes the IP address in DNS records and redirects the users to its website. In this scenario, from the given choices, you need to use the Ettercap tool

Question 31

Q

You are the security administrator for your organization. You have to ensure that all systems are compliant with a specific baseline. During a security audit, which of the following should you prove that the systems are compliant against the baseline?

Answer

A

A benchmark is about comparing the system with a specific standard, which is the baseline. You need to use the benchmark to measure the compliance of these systems.

Question 32

Q

Instead of upgrading the existing Customer Relationship Management (CRM) application, the
management of your organization has decided to go with a cloud version CRM to save cost on
implementation and maintenance. Which type of cloud delivery model would you be using in this
scenario?

Answer

A

you would be using the SaaS cloud delivery model, which allows you to use a cloud-hosted application. This reduces cost because you don’t have to purchase the application and can work with subscriptions

Question 33

Q

IaaS is

Answer

A

Infrastructure As A Service, which allows you to set up an entire network or datacenter in the cloud. In this scenario, you have only to use an application.

Question 34

Q

PaaS is

Answer

A

Platform As A Service, which allows you to develop and maintain applications in the cloud. In this scenario, you have only to use an application.

Question 35

Q

XaaS is

Answer

A

Anything As A Service, which allows you to use anything in the cloud virtually. In this scenario, you have only to use an application.

Question 36

Q

You are reviewing the code for an application. You find a lot of code that is not being used. When you independently execute the code, it still runs without error. Which type of code is this?

Answer

A

Dead code

Question 37

Q

Code reuse is

Answer

A

using the existing code to build another application. This saves developmental costs and time.

Question 38

Q

The dead code exists in

Answer

A

an application’s code and can work as desired. However, due to requirement changes, the code is not removed and is left without any purpose

Question 39

Q

Stored procedures are

Answer

A

pre-compiled SQL queries that are executed on

databases.

Question 40

Q

Camouflage is

Answer

A

a piece of code that looks like real code in an application. It is used to prevent the attacker from getting the real code in reverse engineering.

Question 41

Q

Which of the following defines Crossover Error Rate (CER)?

Answer

A

FAR = FRR

Question 42

Q

Biometric security uses

Answer

A

False Acceptance Rate (FAR) for the proportion of times a system grants access to an
unauthorized person. FRM is a Type 2 error

Question 43

Q

False Rejection Rate (FRR) is the

Answer

A

proportion of times a biometric system fails to grant access to an authorized person. FRR is a Type 1 error

Question 44

Q

Crossover Error Rate (CER), also known as

Answer

A

Equal Error Rate (EER)

Question 45

Q

You have received a new server for testing purposes. Using two hard drives, you want to implement a RAID that will provide the highest write performance. You do not want any fault tolerance. Which of the following RAID should you configure?

Answer

A

With two hard drives, you should configure RAID 0, known as spanned volume

Question 46

Q

RAID 1 is known as

Answer

A

mirroring and provides fault tolerance using two hard drives. However, it does not provide excellent performance.

Question 47

Q

RAID 5 provides the best

Answer

A

Read and write performance and fault tolerance.

However, it required three hard drives.

Question 48

Q

RAID 10 or RAID 1+0 or RAID 0+1 requires

Answer

A

three hard drives and provides good

performance and speed.

Question 49

Q

CASB, Cloud Access Security Broker, extends

Answer

A

the security policies of an
organization to the cloud implementation. They are responsible for extending the security between the users and the cloud service providers.

Question 50

Q

You manage a Windows domain. What method can you use to protect the domain?

Answer

A

Rename the administrator and guest accounts

Question 51

Q

You want to implement two-factor authentication in which a user must be asked to enter a password and a one-time password received on the mobile device. Which of the following method should you implement?

Question 52

Q

Static codes are

Answer

A

one-time use codes that are implemented with static cards.

Question 53

Q

Token keys are

Answer

A

hardware devices that are plugged into the USB port

Question 54

Q

HOTP

Answer

A

The HMAC-based one-time password is generated by an application or hardware
device and sent to the mobile phone. This type of password can be used only once

Question 55

Q

Using Nmap, you want to scan for the common 100 ports. Which parameter should you use to do this?

Answer

A

To perform the scan for the common 100 ports, you need to use the -F option for a
fast scan.

Question 56

Q

Using Nmap, you want to scan for all 65535 ports. Which parameter should you use to do this?

Answer

A

With the -p- option, Nmap will scan all 65535 ports.

Question 57

Q

Using Nmap, you want to scan for the operating system version. Which parameter should you use to do this?

Answer

A

With the -A option, Nmap will scan for the operating system version.

Question 58

Q

Technical detective security control is

Answer

A

e a technology control that detects an

attack. Honeypot and Intrusion Detection System (IDS) are examples of this.

Question 59

Q

You want to use an ISO standard that helps you set up risk management practices within your
organization. Which of the following ISO standard should you use?

Answer

A

To set up risk management practices within your organization, you need to use the ISO 31000 framework.

Question 60

Q

ISO 27001 framework helps you establish an ISMS, It provides

Answer

A

guidelines as to how the policies should be written and applied. It helps the organizations put practices in place that help them safeguard the information.

Question 61

Q

You want to ensure that none of the users within the organization has the privilege to misuse their powers in the accounts department. Which of the following system should you implement?

Answer

A

Separation of duties is implemented to prevent fraud. For example, for any monetary transactions, authorization is required from two people.

Question 62

Q

You are performing dynamic code analysis on a Web application. Which of the following tasks are you likely to be performing while the application is running?

Answer

A

Verifying the environmental configuration issues

Question 63

Q

An attacker is using the hashes to crack an authentication protocol. Which type of attack is occurring?

Answer

A

The pass the hash attack is occurring. In this attack, the attacker captures the password hashes. Instead of decrypting the hashes, the attacker uses the hashes to crack the authentication protocol.

Question 64

Q

You want to name all systems on the network based on their department names. Which of the following should you use for this purpose?

Answer

A

You should use the standard naming convention, which helps you set specific names based on the team, department, room, or location

Answer 58

A

The development time. Because you want the code to be reused later in other applications, you need to plan and develop it carefully.

Answer 59

A

The incoming traffic is distributed to both the network interface cards (NICs). Along with redundancy, NIC teaming provides load balancing

Answer 60

A

Telnet transmits the information in clear text and is rarely used. SSH is secure, replaces Telnet, and encrypts the channels information needs to travel.

Answer 61

A

monitoring network devices

Answer 62

A

SRTP stands for Secure Real-time Transport Protocol (SRTP). It is mainly used to
secure voice and video transmissions

Answer 63

A

VPNs to authenticate and encrypt data packets

Answer 64

A

Static code analysis requires you to review the code and find errors and malicious code hidden inside it.

Answer 65

A

A jump server is a server that authenticates the users before they can access a network. It is like a gatekeeper. After the users are authenticated, they can access the network with fewer restrictions. If the jump server is compromised, the attacker virtually has access to the entire
network.

Answer 66

A

To ensure that a root certificate authority is highly secure, you should power off the root server and keep it offline. If the root server is compromised, the entire certificate authority environment is compromised.

Answer 67

A

When an attack occurs on a network, the attacker wants to perform the lateral
movement to search for sensitive information. This usually happens when you have a flat network. With the help of network segmentation, you can reduce the attack by preventing the attacker from moving laterally in the network.

Answer 68

A

The sublist3r tool is an alternate to the Harvester tool. It can be used to enumerate subdomains.

Answer 69

A

You need to use the dd command to copy the disk. You can create an exact image of the disk without losing a single byte of data. When you create an image, you can verify the MD5 checksum of the disk and the image. They both should be the same.

Answer 70

A

for copying a file and is not used for digital forensics

Answer 71

A

is used to write to the log file

Answer 72

A

is used for analyzing the network packets. It captures

the TCP/IP packets for analysis.

Answer 73

A

CSA or Cloud Security Alliance (CSA) provides CCM to the cloud vendors and customers for assessing a cloud service provider.

Answer 74

A

cybersecurity framework for government agencies and other entities.

Answer 75

A

An MoU or Memorandum of Understanding is a non-legal agreement between two parties with defined responsibilities.

Answer 76

A

between two entities or parties that use a shared infrastructure. It defines the levels of connectivity for the parties and the security risks in the interconnectivity.

Answer 77

A

between the service provider and

the customer. It defines the service levels to be provided by the service providers.

Answer 78

A

In this scenario, the organization has used the risk transfer strategy. You are
transferring the risk to the insurance company.

Brainscape's Knowledge GenomeTM

CompTIA SY0-601 Quiz Flashcards

Brainscape's Knowledge Genome^TM