The Secret Of CompTIA SY0-601 Preparation Exams

NEW QUESTION 1
A security engineer is setting up passwordless authentication for the first time. INSTRUCTIONS
Use the minimum set of commands to set this up and verify that it works. Commands cannot be reused.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 2
A user recently attended an exposition and received some digital promotional materials The user later noticed blue boxes popping up and disappearing on the computer, and reported receiving several spam emails, which the user did not open Which of the following is MOST likely the cause of the reported issue?

• A. There was a drive-by download of malware
• B. The user installed a cryptominer
• C. The OS was corrupted
• D. There was malicious code on the USB drive

Answer: D

NEW QUESTION 3
An organization needs to implement more stringent controls over administrator/root credentials and service accounts. Requirements for the project include:
Check-in/checkout of credentials
The ability to use but not know the password
Automated password changes
Logging of access to credentials
Which of the following solutions would meet the requirements?

• A. OAuth 2.0
• B. Secure Enclave
• C. A privileged access management system
• D. An OpenID Connect authentication system

Answer: D

NEW QUESTION 4
A security analyst needs to produce a document that details how a security incident occurred, the steps that were taken for recovery, and how future incidents can be avoided. During which of the following stages of the response process will this activity take place?

• A. Recovery
• B. Identification
• C. Lessons learned
• D. Preparation

Answer: C

NEW QUESTION 5
Employees are having issues accessing the company's website. Some employees report very slow performance, while others cannot the website at all. The web and security administrators search the logs and find millions of half-open connections to port 443 on the web server. Further analysis reveals thousands of different source IPs initiating this traffic. Which of the following attacks is MOST likely occurring?

• A. DDoS
• B. Man-in-the-middle
• C. MAC flooding
• D. Domain hijacking

Answer: A

NEW QUESTION 6
An employee has been charged with fraud and is suspected of using corporate assets. As authorities collect evidence, and to preserve the admissibility of the evidence, which of the following forensic techniques should be used?

• A. Order of volatility
• B. Data recovery
• C. Chain of custody
• D. Non-repudiation

Answer: C

NEW QUESTION 7
Joe, an employee, receives an email stating he won the lottery. The email includes a link that requests a name, mobile phone number, address, and date of birth be provided to confirm Joe’s identity before sending him the prize. Which of the following BEST describes this type of email?

• A. Spear phishing
• B. Whaling
• C. Phishing
• D. Vishing

Answer: C

NEW QUESTION 8
A network administrator would like to configure a site-to-site VPN utilizing iPSec. The administrator wants the tunnel to be established with data integrity encryption, authentication and anti- replay functions Which of the following should the administrator use when configuring the VPN?

• A. AH
• B. EDR
• C. ESP
• D. DNSSEC

Answer: C

NEW QUESTION 9
A security analyst is preparing a threat for an upcoming internal penetration test. The analyst needs to identify a method for determining the tactics, techniques, and procedures of a threat against the organization’s network. Which of the following will the analyst MOST likely use to accomplish the objective?

• A. A table exercise
• B. NST CSF
• C. MTRE ATT$CK
• D. OWASP

Answer: A

NEW QUESTION 10
A security analyst needs to generate a server certificate to be used for 802.1X and secure RDP connections. The analyst is unsure what is required to perform the task and solicits help from a senior colleague. Which of the following is the FIRST step the senior colleague will most likely tell the analyst to perform to accomplish this task?

• A. Create an OCSP
• B. Generate a CSR
• C. Create a CRL
• D. Generate a .pfx file

Answer: B

NEW QUESTION 11
A security administrator suspects there may be unnecessary services running on a server. Which of the following tools will the administrator MOST likely use to confirm the suspicions?

• A. Nmap
• B. Wireshark
• C. Autopsy
• D. DNSEnum

Answer: A

NEW QUESTION 12
A security analyst is performing a forensic investigation compromised account credentials. Using the Event Viewer, the analyst able to detect the following message, ‘’Special privileges assigned to new login.’’ Several of these messages did not have a valid logon associated with the user before these privileges were assigned. Which of the following attacks is MOST likely being detected?

• A. Pass-the-hash
• B. Buffer overflow
• C. Cross-site scripting
• D. Session replay

Answer: A

NEW QUESTION 13
A company is adopting a BYOD policy and is looking for a comprehensive solution to protect company information on user devices. Which of the following solutions would BEST support the policy?

• A. Mobile device management
• B. Full-device encryption
• C. Remote wipe
• D. Biometrics

Answer: A

NEW QUESTION 14
A critical file server is being upgraded and the systems administrator must determine which RAID level the new server will need to achieve parity and handle two simultaneous disk failures. Which of the following RAID levels meets this requirements?

• A. RAID 0+1
• B. RAID 2
• C. RAID 5
• D. RAID 6

Answer: C

NEW QUESTION 15
A security analyst sees the following log output while reviewing web logs:

Which of the following mitigation strategies would be BEST to prevent this attack from being successful?

• A. Secure cookies
• B. Input validation
• C. Code signing
• D. Stored procedures

Answer: B

NEW QUESTION 16
Which of the following would be BEST to establish between organizations that have agreed cooperate and are engaged in early discussion to define the responsibilities of each party, but do not want to establish a contractually binding agreement?

• A. An SLA
• B. AnNDA
• C. ABPA
• D. AnMOU

Answer: D

NEW QUESTION 17
An end user reports a computer has been acting slower than normal for a few weeks. During an investigation, an analyst determines the system is sending the user's email address and a ten-digit number to an IP address once a day. The only recent log entry regarding the user's computer is the following:

Which of the following is the MOST likely cause of the issue?

• A. The end user purchased and installed a PUP from a web browser
• B. A bot on the computer is brute forcing passwords against a website
• C. A hacker is attempting to exfiltrate sensitive data
• D. Ransomware is communicating with a command-and-control server.

Answer: A

NEW QUESTION 18
A symmetric encryption algorithm Is BEST suited for:

• A. key-exchange scalability.
• B. protecting large amounts of data.
• C. providing hashing capabilities,
• D. implementing non-repudiation.

Answer: D

NEW QUESTION 19
Which of the following would be the BEST method for creating a detailed diagram of wireless access points and hot-spots?

• A. Footprinting
• B. White-box testing
• C. A drone/UAV
• D. Pivoting

Answer: A

NEW QUESTION 20
A cybersecurity manager has scheduled biannual meetings with the IT team and department leaders to discuss how they would respond to hypothetical cyberattacks. During these meetings, the manager presents a scenario and injects additional information throughout the session to replicate what might occur in a dynamic cybersecurity event involving the company, its facilities, its data, and its staff. Which of the following describes what the manager is doing?

• A. Developing an incident response plan
• B. Building a disaster recovery plan
• C. Conducting a tabletop exercise
• D. Running a simulation exercise

Answer: C

NEW QUESTION 21
......