CompTIA Security+ Practice Tests
Exam SY0-601
2nd Edition
Published on 7. January 2021
336 pages
978-1-119-73544-1 (ISBN)
Description
Get ready for a career in IT security and efficiently prepare for the SY0-601 exam with a single, comprehensive resource
CompTIA Security+ Practice Tests: Exam SY0-601, Second Edition efficiently prepares you for the CompTIA Security+ SY0-601 Exam with one practice exam and domain-by-domain questions. With a total of 1,000 practice questions, you'll be as prepared as possible to take Exam SY0-601.
Written by accomplished author and IT security expert David Seidl, the 2nd Edition of CompTIA Security+ Practice Tests includes questions covering all five crucial domains and objectives on the SY0-601 exam:
* Attacks, Threats, and Vulnerabilities
* Architecture and Design
* Implementation
* Operations and Incident Response
* Governance, Risk, and Compliance
Perfect for anyone looking to prepare for the SY0-601 Exam, upgrade their skills by earning a high-level security certification (like CASP+, CISSP, or CISA), as well as anyone hoping to get into the IT security field, CompTIA Security+ Practice Tests allows for efficient and comprehensive preparation and study.
CompTIA Security+ Practice Tests: Exam SY0-601, Second Edition efficiently prepares you for the CompTIA Security+ SY0-601 Exam with one practice exam and domain-by-domain questions. With a total of 1,000 practice questions, you'll be as prepared as possible to take Exam SY0-601.
Written by accomplished author and IT security expert David Seidl, the 2nd Edition of CompTIA Security+ Practice Tests includes questions covering all five crucial domains and objectives on the SY0-601 exam:
* Attacks, Threats, and Vulnerabilities
* Architecture and Design
* Implementation
* Operations and Incident Response
* Governance, Risk, and Compliance
Perfect for anyone looking to prepare for the SY0-601 Exam, upgrade their skills by earning a high-level security certification (like CASP+, CISSP, or CISA), as well as anyone hoping to get into the IT security field, CompTIA Security+ Practice Tests allows for efficient and comprehensive preparation and study.
More details
Other editions
Additional editions
Book
03/2021
Sybex Inc.,U.S.
Unfortunately, price unknown
Article exhausted; check for reprint
Person
ABOUT THE AUTHOR
David Seidl, CySA+, CISSP, GPEN, GCIH, is the co-author of CompTIA Security+ Study Guide: Exam SY0-601, CompTIA CySA+ Study Guide: Exam CS0-002, CompTIA CySA+ Practice Tests: Exam CS0-002, and CompTIA PenTest+ Study Guide: Exam PT0-001. David is Vice President for Information Technology and CIO at Miami University. Previously, he led the University of Notre Dame security team as Director of Information Security and has served in a variety of technical and IT security roles.
David Seidl, CySA+, CISSP, GPEN, GCIH, is the co-author of CompTIA Security+ Study Guide: Exam SY0-601, CompTIA CySA+ Study Guide: Exam CS0-002, CompTIA CySA+ Practice Tests: Exam CS0-002, and CompTIA PenTest+ Study Guide: Exam PT0-001. David is Vice President for Information Technology and CIO at Miami University. Previously, he led the University of Notre Dame security team as Director of Information Security and has served in a variety of technical and IT security roles.
Content
Introduction xix
Chapter 1 Threats, Attacks, and Vulnerabilities 1
Chapter 2 Architecture and Design 45
Chapter 3 Implementation 81
Chapter 4 Operations and Incident Response 129
Chapter 5 Governance, Risk, and Compliance 159
Appendix Answers and Explanations 185
Index 299
Chapter 1
Chapter 1 Threats, Attacks, and Vulnerabilities 1
Chapter 2 Architecture and Design 45
Chapter 3 Implementation 81
Chapter 4 Operations and Incident Response 129
Chapter 5 Governance, Risk, and Compliance 159
Appendix Answers and Explanations 185
Index 299
Chapter 1
Threats, Attacks, and Vulnerabilities
THE COMPTIA SECURITY+ EXAM SY0-601 TOPICS COVERED IN THIS CHAPTER INCLUDE THE FOLLOWING:
- 1.1 Compare and contrast different types of social engineering techniques
- 1.2 Given a scenario, analyze potential indicators to determine the type of attack
- 1.3 Given a scenario, analyze potential indicators associated with application attacks
- 1.4 Given a scenario, analyze potential indicators associated with network attacks
- 1.5 Explain different threat actors, vectors, and intelligence sources
- 1.6 Explain the security concerns associated with various types of vulnerabilities
- 1.7 Summarize the techniques used in security assessments
- 1.8 Explain the techniques used in penetration testing
- Ahmed is a sales manager with a major insurance company. He has received an email that is encouraging him to click on a link and fill out a survey. He is suspicious of the email, but it does mention a major insurance association, and that makes him think it might be legitimate. Which of the following best describes this attack?
- Phishing
- Social engineering
- Spear phishing
- Trojan horse
- You are a security administrator for a medium-sized bank. You have discovered a piece of software on your bank's database server that is not supposed to be there. It appears that the software will begin deleting database files if a specific employee is terminated. What best describes this?
- Worm
- Logic bomb
- Trojan horse
- Rootkit
- You are responsible for incident response at Acme Bank. The Acme Bank website has been attacked. The attacker used the login screen, but rather than enter login credentials, they entered some odd text:
'or'1' = '1. What is the best description for this attack?- Cross-site scripting
- Cross-site request forgery
- SQL injection
- ARP poisoning
- Users are complaining that they cannot connect to the wireless network. You discover that the WAPs are being subjected to a wireless attack designed to block their Wi-Fi signals. Which of the following is the best label for this attack?
- IV attack
- Jamming
- WPS attack
- Botnet
- Frank is deeply concerned about attacks to his company's e-commerce server. He is particularly worried about cross-site scripting and SQL injection. Which of the following would best defend against these two specific attacks?
- Encrypted web traffic
- Input validation
- A firewall
- An IDS
- You are responsible for network security at Acme Company. Users have been reporting that personal data is being stolen when using the wireless network. They all insist they only connect to the corporate wireless access point (AP). However, logs for the AP show that these users have not connected to it. Which of the following could best explain this situation?
- Session hijacking
- Clickjacking
- Rogue access point
- Bluejacking
- What type of attack depends on the attacker entering JavaScript into a text area that is intended for users to enter text that will be viewed by other users?
- SQL injection
- Clickjacking
- Cross-site scripting
- Bluejacking
- Rick wants to make offline brute-force attacks against his password file very difficult for attackers. Which of the following is not a common technique to make passwords harder to crack?
- Use of a salt
- Use of a pepper
- Use of a purpose-built password hashing algorithm
- Encrypting password plain text using symmetric encryption
- What term is used to describe spam over Internet messaging services?
- SPIM
- SMSPAM
- IMSPAM
- TwoFaceTiming
- Susan is analyzing the source code for an application and discovers a pointer de-reference and returns NULL. This causes the program to attempt to read from the NULL pointer and results in a segmentation fault. What impact could this have for the application?
- A data breach
- A denial-of-service condition
- Permissions creep
- Privilege escalation
- Teresa is the security manager for a mid-sized insurance company. She receives a call from law enforcement, telling her that some computers on her network participated in a massive denial-of-service (DoS) attack. Teresa is certain that none of the employees at her company would be involved in a cybercrime. What would best explain this scenario?
- It is a result of social engineering.
- The machines all have backdoors.
- The machines are bots.
- The machines are infected with crypto-viruses.
- Unusual outbound network traffic, geographical irregularities, and increases in database read volumes are all examples of what key element of threat intelligence?
- Predictive analysis
- OSINT
- Indicators of compromise
- Threat maps
- Chris needs visibility into connection attempts through a firewall because he believes that a TCP handshake is not properly occurring. What security information and event management (SIEM) capability is best suited to troubleshooting this issue?
- Reviewing reports
- Packet capture
- Sentiment analysis
- Log collection and analysis
- Chris wants to detect a potential insider threat using his security information and event management (SIEM) system. What capability best matches his needs?
- Sentiment analysis
- Log aggregation
- Security monitoring
- User behavior analysis
- Chris has hundreds of systems spread across multiple locations and wants to better handle the amount of data that they create. What two technologies can help with this?
- Log aggregation and log collectors
- Packet capture and log aggregation
- Security monitoring and log collectors
- Sentiment analysis and user behavior analysis
- What type of security team establishes the rules of engagement for a cybersecurity exercise?
- Blue team
- White team
- Purple team
- Red team
- Cynthia is concerned about attacks against an application programming interface (API) that her company provides for its customers. What should she recommend to ensure that the API is only used by customers who have paid for the service?
- Require authentication.
- Install and configure a firewall.
- Filter by IP address.
- Install and use an IPS.
- What type of attack is based on sending more data to a target variable than the data can actually hold?
- Bluesnarfing
- Buffer overflow
- Bluejacking
- Cross-site scripting
- An email arrives telling Gurvinder that there is a limited time to act to get a software package for free and that the first 50 downloads will not have to be paid for. What social engineering principle is being used against him?
- Scarcity
- Intimidation
- Authority
- Consensus
- You have been asked to test your company network for security issues. The specific test you are conducting involves primarily using automated and semiautomated tools to look for known vulnerabilities with the various systems on your network. Which of the following best describes this type of test?
- Vulnerability scan
- Penetration test
- Security audit
- Security test
- Susan wants to reduce the likelihood of successful credential harvesting attacks via her organization's commercial websites. Which of the following is not a common prevention method aimed at stopping credential harvesting?
- Use of multifactor authentication
- User awareness training
- Use of complex usernames
- Limiting or preventing use of third-party web scripts and plugins
- Greg wants to gain admission to a network which is protected by a network access control (NAC) system that recognized the hardware address of systems. How can he bypass this protection?
- Spoof a legitimate IP address.
- Conduct a denial-of-service attack against the NAC system.
- Use MAC cloning to clone a legitimate MAC address.
- None of the above
- Coleen is the web security administrator for an online auction website. A small number of users are complaining that when they visit the website it does not appear to be the correct site. Coleen checks and she can visit the site without any problem, even from computers outside the network. She also checks the web server log and there is no record of those users ever connecting. Which of the following might best explain this?
- Typo squatting
- SQL injection
- Cross-site scripting
- Cross-site request forgery
- The organization that Mike works in finds that one of their domains is directing traffic to a competitor's website. When Mike checks, the domain information has been changed, including the contact and other administrative details for the domain. If the domain had not expired, what has most likely occurred?
- DNS hijacking
- An on-path attack
- Domain...
