Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

CompTIA SY0-601 - CompTIA Security+ Exam 2023

CompTIA SY0-601 Premium Access     Download Demo    
Page: 13 / 16
Total 1063 questions

Which of the following enables the use of an input field to run commands that can view or manipulate data?

A.

Cross-site scripting

B.

Side loading

C.

Buffer overflow

D.

SQL injection

An employee clicked a link in an email from a payment website that asked the employee to update contact information. The employee entered the log-in information but received a "page not found" error message. Which of the following types of social engineering attacks occurred?

A.

Brand impersonation

B.

Pretexting

C.

Typosquatting

D.

Phishing

A security analyst scans a company's public network and discovers a host is running a remote desktop that can be used to access the production network. Which of the following changes should the security analyst recommend?

A.

Changing the remote desktop port to a non-standard number

B.

Setting up a VPN and placing the jump server inside the firewall

C.

Using a proxy for web connections from the remote desktop server

D.

Connecting the remote server to the domain and increasing the password length

A bank was recently provided a new version of an executable that was used to launch its core banking platform. During the upgrade process, a remote code execution exploit was publicly released that targeted the old version. Which of the following would best prevent a security incident?

A.

Blocking the vulnerable file's hash from execution

B.

Completing the upgrade process immediately on all devices

C.

Disabling all inbound access from untrusted networks

D.

Adding an IDS signature to detect bad traffic on the firewall

A newly appointed board member with cybersecurity knowledge wants the board of directors to receive a quarterly report detailing the number of incidents that impacted the organization. The systems administrator is creating a way to present the data to the board of directors. Which of the following should the systems administrator use?

A.

Packet captures

B.

Vulnerability scans

C.

Metadata

D.

Dashboard

A company wants to ensure that ail devices are secured property through the MDM solution so that, if remote wipe fails, access to the data will still be inaccessible offline. Which of the following would need to be configured?

A.

Full device encryption

B.

Geolocation

C.

Screen locks

D.

Content management

A systems administrator wants to implement a backup solution. The solution needs to allow recovery of the entire system, including the operating system, in case of a disaster. Which of the following backup types should the administrator consider?

A.

Incremental

B.

Storage area network

C.

Differential

D.

Image

Which of the following threat actors is the most likely to use large financial resources to attack critical systems located in other countries?

A.

Insider

B.

Unskilled attacker

C.

Nation-state

D.

Hacktivist

Which of the following provides guidelines for the management and reduction of information security risk?

A.

CIS

B.

NISTCSF

C.

ISO

D.

PCIDSS

Which of the following are cases in which an engineer should recommend the decommissioning of a network device? (Select two).

A.

The device has been moved from a production environment to a test environment.

B.

The device is configured to use cleartext passwords.

C.

The device is moved to an isolated segment on the enterprise network.

D.

The device is moved to a different location in the enterprise.

E.

The device’s encryption level cannot meet organizational standards.

F.

The device is unable to receive authorized updates.

Which of the following vulnerabilities is associated with installing software outside of a manufacturer's approved software repository?

A.

Jailbreaking

B.

Memory injection

C.

Resource reuse

D.

Side loading

A security analyst is responding to a malware incident at a company. The malware connects to a command-and-control server on the internet in order to function. Which of the following should the security analyst implement first?

A.

Network segmentation

B.

IP-based firewall rules

C.

Mobile device management

D.

Content filter

A security analyst is investigating a SIEM event concerning invalid log-ins The system logs that match the time frame of the event show the following:

Which of the following best describes this type of attack?

A.

Rainbow table

B.

Spraying

C.

Dictionary

D.

Keylogger

A company is utilizing an offshore team to help support the finance department. The company wants to keep the data secure by keeping it on a company device but does not want to provide equipment to the offshore team. Which of the following should the company implement to meet this requirement?

A.

VDI

B.

MDM

C.

VPN

D.

VPC

An employee receives a text message that appears to have been sent by the payroll department and is asking for credential verification. Which of the following social engineering techniques are being attempted? (Select two).

A.

Typosquatting

B.

Phishing

C.

Impersonation

D.

Vishing

E.

Smishing

F.

Misinformation

A security analyst is reviewing alerts in the SIEM related to potential malicious network traffic coming from an employee's corporate laptop. The security analyst has determined that additional data about the executable running on the machine is necessary to continue the investigation. Which of the following logs should the analyst use as a data source?

A.

Application

B.

IPS/IDS

C.

Network

D.

Endpoint

After segmenting the network, the network manager wants to control the traffic between the segments. Which of the following should the manager use to control the network traffic?

A.

A DMZ

B.

A VPN a

C.

A VLAN

D.

An ACL

A company was compromised, and a security analyst discovered the attacker was able to get access to a service account. The following logs were discovered during the investigation:

Which of the following MOST likely would have prevented the attacker from learning the service account name?

A.

Race condition testing

B.

Proper error handling

C.

Forward web server logs to a SIEM

D.

Input sanitization

A security analyst wants to verify that a client-server (non-web) application is sending encrypted traffic. Which of the following should the analyst use?

A.

openssl

B.

hping

C.

netcat

D.

tcpdump

A cybersecurity administrator needs to implement a Layer 7 security control on a network and block potential attacks. Which of the following can block an attack at Layer 7? (Select TWO).

A.

HIDS

B.

NIPS

C.

HSM

D.

WAF

E.

NAC

F.

NIDS

G.

Stateless firewall