CompTIA SY0-601 Quiz Flashcards

1
Q

A company recently transitioned to a strictly BYOD culture due to the cost of replacing lost or damaged corporate-owned mobile devices. Which of the following technologies would be BEST to balance the BYOD culture while also protecting the companyג€™s data?

A

Containerization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A Chief Security Office’s (CSO’s) key priorities are to improve preparation, response, and recovery practices to minimize system downtime and enhance organizational resilience to ransomware attacks. Which of the following would BEST meet the CSO’s objectives?

A

Implement application whitelisting and centralized event-log management, and perform regular testing and validation of full backups.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A network engineer has been asked to investigate why several wireless barcode scanners and wireless computers in a warehouse have intermittent connectivity to the shipping server. The barcode scanners and computers are all on forklift trucks and move around the warehouse during their regular use. Which of the following should the engineer do to determine the issue? (Choose two.)

A

Perform a site survey

Create a heat map

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A security administrator suspects an employee has been emailing proprietary information to a competitor. Company policy requires the administrator to capture an exact copy of the employeeג€™s hard disk. Which of the following should the administrator use?

A

dd for disk duplicator

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following is MOST likely to outline the roles and responsibilities of data controllers and data processors?

A

The data processor is a General Data Protection regulation

(GDPR) role that uses and manipulates data on behalf of the data controller.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

HTTPS uses port

A

443

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

DNS uses port

A

53

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

SNMP uses port

A

161

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

SSH uses port

A

22

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

You received an email from an online store stating that they are giving away iPhones at a 70% discount in
the clearance sale. The email also stated that everyone is rushing to buy these iPhones, and only a limited stock is available. The email contained a link that you had to click to register yourself.
Which type of social engineering principle is being used here?

A

Scarcity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

You suspect that one of the systems on the network is infected with malware. Even after scanning the
system with updated antimalware, you are not able to locate anything. The system, however, continues to
show malware symptoms. Which type of malware can be present on this system?

A

Fileless

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which type of wireless attack requires a disassociation attack as a pre-requisite?

A

An evil twin is a WAP that has the same name as the legitimate WAP. The attacker
first dissociates the clients from the legitimate WAP using the disassociation attack. The clients then
connect to the evil twin.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

You have joined an organization as a software development team leader. You want your team to adopt secure coding techniques. Which of the following should you use?

A

In this scenario, you should use the OWASP secure coding guidelines. The OWASP
guidelines should be integrated into the development

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

You are performing dynamic code analysis on a Web application. Which of the following tasks are you likely to be performing while the application is running?

A

Verifying the environmental configuration is part of the dynamic code analysis.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

You want to extend your organization’s security policies to the cloud environment. Which of the following should you use?

A

CASB, Cloud Access Security Broker, extends the security policies of an organization to the cloud implementation. They are responsible for extending the security between the users and the cloud service providers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

You want to gather information about several emails from a domain. You also want to list the sub domains for the domain that you specify. Which tool should you use?

A

the Harvester

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Cuckoo is an

A

an open-source sandbox for malware analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Nessus is a

A

a vulnerability management tool

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Sniper is an

A

an information gathering and penetration testing platform

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

the Harvester is an

A

open-source tool specializing in gathering information, such as emails, employee information, sub-domains, and hostnames. It can use a variety of search engines, such as Google and Bing, and other platforms, such as LinkedIn

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

You want to refer to the knowledge base of adversary tactics and techniques and learn about their attack methods. Which of the following should you refer to in this scenario?

A

use MITRE ATT&CK, the knowledge base of adversary tactics and techniques collected from real-world scenarios. You can use this to learn about specific methods of an attacker.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

A system is used as a tool in cybercrime. You need to ensure that you capture the digital evidence without fail. Keeping the Order of volatility in mind, which of the following should you focus on first to maintain the Order of volatility?

A

As per the Order of volatility, this is the first thing you need to capture. You need to get the information from the cache and registers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

You have several security policies to make part of the Information Security Management System (ISMS). Which of the following framework should you use?

A

you should opt for the ISO 27001 framework that helps you establish an ISMS. It provides guidelines as to how the policies should be written and applied. It helps the organizations put practices in place that help them safeguard the information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

You are suspecting a financial fraud that has taken place. You want to ensure that you can detect it.
Which of the following method should you use?

A

Mandatory vacations are enforced to detect any kind of illegitimate or wrong practices followed by the employees. You can audit the financial data after the required people are
sent on vacation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

You have been tasked to add a disclaimer to the email that is received from external domains. Which of the following methods should you use?

A

Prepending is the method of adding a disclaimer or information text to the emails received from external domains.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

A vishing attack allows an attacker to

A

use a fake caller ID to conduct a phishing

attack. In this attack, the attacker attempts to get sensitive information from the call recipient.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Smishing is a

A

phishing attack that is conducted by sending an SMS with a malicious link.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Whaling is a

A

type of social engineering attack that targets high-profiled individuals in an organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Which of the following attack can an attacker conduct to circumvent an account lockout by trying the passwords?

A

Password spraying attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

You want to conduct a DNS poisoning attack. Which of the following tools should you use?

A

It can conduct various attacks, such as DNS poisoning and ARP poisoning. In the
DNS poisoning attack, the attacker changes the IP address in DNS records and redirects the users to its website. In this scenario, from the given choices, you need to use the Ettercap tool

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

You are the security administrator for your organization. You have to ensure that all systems are compliant with a specific baseline. During a security audit, which of the following should you prove that the systems are compliant against the baseline?

A

A benchmark is about comparing the system with a specific standard, which is the baseline. You need to use the benchmark to measure the compliance of these systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Instead of upgrading the existing Customer Relationship Management (CRM) application, the
management of your organization has decided to go with a cloud version CRM to save cost on
implementation and maintenance. Which type of cloud delivery model would you be using in this
scenario?

A

you would be using the SaaS cloud delivery model, which allows you to use a cloud-hosted application. This reduces cost because you don’t have to purchase the application and can work with subscriptions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

IaaS is

A

Infrastructure As A Service, which allows you to set up an entire network or datacenter in the cloud. In this scenario, you have only to use an application.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

PaaS is

A

Platform As A Service, which allows you to develop and maintain applications in the cloud. In this scenario, you have only to use an application.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

XaaS is

A

Anything As A Service, which allows you to use anything in the cloud virtually. In this scenario, you have only to use an application.

36
Q

You are reviewing the code for an application. You find a lot of code that is not being used. When you independently execute the code, it still runs without error. Which type of code is this?

A

Dead code

37
Q

Code reuse is

A

using the existing code to build another application. This saves developmental costs and time.

38
Q

The dead code exists in

A

an application’s code and can work as desired. However, due to requirement changes, the code is not removed and is left without any purpose

39
Q

Stored procedures are

A

pre-compiled SQL queries that are executed on

databases.

40
Q

Camouflage is

A

a piece of code that looks like real code in an application. It is used to prevent the attacker from getting the real code in reverse engineering.

41
Q

Which of the following defines Crossover Error Rate (CER)?

A

FAR = FRR

42
Q

Biometric security uses

A

False Acceptance Rate (FAR) for the proportion of times a system grants access to an
unauthorized person. FRM is a Type 2 error

43
Q

False Rejection Rate (FRR) is the

A

proportion of times a biometric system fails to grant access to an authorized person. FRR is a Type 1 error

44
Q

Crossover Error Rate (CER), also known as

A

Equal Error Rate (EER)

45
Q

You have received a new server for testing purposes. Using two hard drives, you want to implement a RAID that will provide the highest write performance. You do not want any fault tolerance. Which of the following RAID should you configure?

A

With two hard drives, you should configure RAID 0, known as spanned volume

46
Q

RAID 1 is known as

A

mirroring and provides fault tolerance using two hard drives. However, it does not provide excellent performance.

47
Q

RAID 5 provides the best

A

Read and write performance and fault tolerance.

However, it required three hard drives.

48
Q

RAID 10 or RAID 1+0 or RAID 0+1 requires

A

three hard drives and provides good

performance and speed.

49
Q

CASB, Cloud Access Security Broker, extends

A

the security policies of an
organization to the cloud implementation. They are responsible for extending the security between the users and the cloud service providers.

50
Q

You manage a Windows domain. What method can you use to protect the domain?

A

Rename the administrator and guest accounts

51
Q

You want to implement two-factor authentication in which a user must be asked to enter a password and a one-time password received on the mobile device. Which of the following method should you implement?

A

HOTP

52
Q

Static codes are

A

one-time use codes that are implemented with static cards.

53
Q

Token keys are

A

hardware devices that are plugged into the USB port

54
Q

HOTP

A

The HMAC-based one-time password is generated by an application or hardware
device and sent to the mobile phone. This type of password can be used only once

55
Q

Using Nmap, you want to scan for the common 100 ports. Which parameter should you use to do this?

A

To perform the scan for the common 100 ports, you need to use the -F option for a
fast scan.

56
Q

Using Nmap, you want to scan for all 65535 ports. Which parameter should you use to do this?

A

With the -p- option, Nmap will scan all 65535 ports.

57
Q

Using Nmap, you want to scan for the operating system version. Which parameter should you use to do this?

A

With the -A option, Nmap will scan for the operating system version.

58
Q

Technical detective security control is

A

e a technology control that detects an

attack. Honeypot and Intrusion Detection System (IDS) are examples of this.

59
Q

You want to use an ISO standard that helps you set up risk management practices within your
organization. Which of the following ISO standard should you use?

A

To set up risk management practices within your organization, you need to use the ISO 31000 framework.

60
Q

ISO 27001 framework helps you establish an ISMS, It provides

A

guidelines as to how the policies should be written and applied. It helps the organizations put practices in place that help them safeguard the information.

61
Q

You want to ensure that none of the users within the organization has the privilege to misuse their powers in the accounts department. Which of the following system should you implement?

A

Separation of duties is implemented to prevent fraud. For example, for any monetary transactions, authorization is required from two people.

62
Q

You are performing dynamic code analysis on a Web application. Which of the following tasks are you likely to be performing while the application is running?

A

Verifying the environmental configuration issues

63
Q

An attacker is using the hashes to crack an authentication protocol. Which type of attack is occurring?

A

The pass the hash attack is occurring. In this attack, the attacker captures the password hashes. Instead of decrypting the hashes, the attacker uses the hashes to crack the authentication protocol.

64
Q

You want to name all systems on the network based on their department names. Which of the following should you use for this purpose?

A

You should use the standard naming convention, which helps you set specific names based on the team, department, room, or location

65
Q

One of the biggest challenges in code reuse is

A

The development time. Because you want the code to be reused later in other applications, you need to plan and develop it carefully.

66
Q

You have configured NIC teaming in a critical server. Along with redundancy, which of the following does the NIC team provide?

A

The incoming traffic is distributed to both the network interface cards (NICs). Along with redundancy, NIC teaming provides load balancing

67
Q

Which of the following would be a secure replacement of Telnet?

A

Telnet transmits the information in clear text and is rarely used. SSH is secure, replaces Telnet, and encrypts the channels information needs to travel.

68
Q

SNMP is used for

A

monitoring network devices

69
Q

Which of the following protocol should you use to secure voice and video?

A

SRTP stands for Secure Real-time Transport Protocol (SRTP). It is mainly used to
secure voice and video transmissions

70
Q

IPSec is used with

A

VPNs to authenticate and encrypt data packets

71
Q

You want to perform a code scan to find any malicious code hidden inside. Which of the following method should you use?

A

Static code analysis requires you to review the code and find errors and malicious code hidden inside it.

72
Q

If you compromise a jump server, which of the following outcomes is likely to occur as an attacker?

A

A jump server is a server that authenticates the users before they can access a network. It is like a gatekeeper. After the users are authenticated, they can access the network with fewer restrictions. If the jump server is compromised, the attacker virtually has access to the entire
network.

73
Q

You have configured a root and two subordinate certificate authorities. You want to ensure that the root server is highly secured. Which of the following recommended method should you use?

A

To ensure that a root certificate authority is highly secure, you should power off the root server and keep it offline. If the root server is compromised, the entire certificate authority environment is compromised.

74
Q

Which of the following can reduce the impact of lateral movement in an attack?

A

When an attack occurs on a network, the attacker wants to perform the lateral
movement to search for sensitive information. This usually happens when you have a flat network. With the help of network segmentation, you can reduce the attack by preventing the attacker from moving laterally in the network.

75
Q

You are about to initiate a penetration test. Instead of using the Harvester tool, you want to use an alternate to enumerate subdomains. Which of the following tool can serve as an alternate to the Harvester?

A

The sublist3r tool is an alternate to the Harvester tool. It can be used to enumerate subdomains.

76
Q

For digital forensics, you want to make a copy of a disk. You want to ensure the disk is duplicated with everything. Which of the following command should you use?

A

You need to use the dd command to copy the disk. You can create an exact image of the disk without losing a single byte of data. When you create an image, you can verify the MD5 checksum of the disk and the image. They both should be the same.

77
Q

The cp command is used

A

for copying a file and is not used for digital forensics

78
Q

The logger command

A

is used to write to the log file

79
Q

The Tcpdump command

A

is used for analyzing the network packets. It captures

the TCP/IP packets for analysis.

80
Q

Which of the following provides Cloud Controls Matrix (CCM) to the cloud vendors and customers for assessing a cloud service provider?

A

CSA or Cloud Security Alliance (CSA) provides CCM to the cloud vendors and customers for assessing a cloud service provider.

81
Q

NIST, or the National Institute of Standards and Technology, provides a

A

cybersecurity framework for government agencies and other entities.

82
Q

Which of the following is a non-legal agreement between two parties to work together with defined responsibilities?

A

An MoU or Memorandum of Understanding is a non-legal agreement between two parties with defined responsibilities.

83
Q

ISA or Interconnection Security Agreement is an agreement

A

between two entities or parties that use a shared infrastructure. It defines the levels of connectivity for the parties and the security risks in the interconnectivity.

84
Q

SLA or Service Level Agreement is a contract

A

between the service provider and

the customer. It defines the service levels to be provided by the service providers.

85
Q

Your organization has insured the complete data center by paying a huge amount. Which of the risk management strategies have they used?

A

In this scenario, the organization has used the risk transfer strategy. You are
transferring the risk to the insurance company.