CompTIA SY0-601 Exam Practice Questions (P. 1)
- Full Access (860 questions)
- Six months of Premium Access
- Access to one million comments
- Seamless ChatGPT Integration
- Ability to download PDF files
- Anki Flashcard files for revision
- No Captcha & No AdSense
- Advanced Exam Configuration
Question #1
A user is attempting to navigate to a website from inside the company network using a desktop. When the user types in the URL, https://www.site.com, the user is presented with a certificate mismatch warning from the browser. The user does not receive a warning when visiting http://www.anothersite.com. Which of the following describes this attack?
- AOn-path
- BDomain hijacking
- CDNS poisoningMost Voted
- DEvil twin
Correct Answer:
B
B

The correct answer, Domain hijacking, involves an attacker gaining control of a domain name system record to redirect traffic to a malicious site. The scenario with the certificate mismatch warning when navigating to a specific site suggests such manipulation, since the legitimate site's certificate doesn't match the site the user is directed to. DNS poisoning would direct traffic to a different IP without necessarily affecting certificate validity directly related to the domain name, making it a less accurate answer in this context.
send
light_mode
delete
Question #2
Which of the following tools is effective in preventing a user from accessing unauthorized removable media?
- AUSB data blockerMost Voted
- BFaraday cage
- CProximity reader
- DCable lock
Correct Answer:
A
A

A USB data blocker, often humorously termed a "USB condom," is a simple yet highly effective tool for enhancing digital security. It primarily operates by permitting power to pass through while blocking data exchange. This functionality is crucial as it prevents any data from being transferred between the connected USB device and the system, thereby eliminating the possibility of malicious software transfers or unauthorized data access through USB ports. Hence, it's quite effective in restricting unauthorized use of removable media via USB connections.
send
light_mode
delete
Question #3
A Chief Security Officer is looking for a solution that can provide increased scalability and flexibility for back-end infrastructure, allowing it to be updated and modified without disruption to services. The security architect would like the solution selected to reduce the back-end server resources and has highlighted that session persistence is not important for the applications running on the back-end servers. Which of the following would BEST meet the requirements?
- AReverse proxyMost Voted
- BAutomated patch management
- CSnapshots
- DNIC teaming
Correct Answer:
C
C

In light of the requirements stipulated by the CSO and the security architect for enhanced scalability and flexibility without service disruption, the correct solution would indeed be a reverse proxy. This tool aids in distributing client requests across multiple servers, thereby ensuring no single server bears too much load. It also enables seamless integration of updates or modifications to individual servers without interrupting the overall service. This aligns fully with the need for a system capable of maintaining continuous service availability while undergoing changes, thus refuting the initial indication that snapshots would be the best fit as they primarily serve as data restoration points rather than facilitating operational flexibility or scalability.
send
light_mode
delete
Question #4
Which of the following describes a social engineering technique that seeks to exploit a person's sense of urgency?
- AA phishing email stating a cash settlement has been awarded but will expire soonMost Voted
- BA smishing message stating a package is scheduled for pickup
- CA vishing call that requests a donation be made to a local charity
- DA SPIM notification claiming to be undercover law enforcement investigating a cybercrime
Correct Answer:
C
C

The correct response to the question involves identifying a social engineering technique that exploits a sense of urgency. Option A, involving a phishing email that claims a cash settlement is about to expire, most directly targets the recipient's sense of urgency. This technique pressures the victim to act swiftly to avoid missing out, leveraging the urgency to bypass rational thinking and verification processes. Hence, although option C is labeled as the correct answer, option A appears to be the more fitting choice concerning the exploitation of urgency in social engineering techniques.
send
light_mode
delete
Question #5
A security analyst is reviewing application logs to determine the source of a breach and locates the following log: https://www.comptia.com/login.php?id='%20or%20'1'1='1
Which of the following has been observed?
Which of the following has been observed?
- ADLL Injection
- BAPI attack
- CSQLiMost Voted
- DXSS
Correct Answer:
C
C

The log shows a classic SQL injection attempt using the pattern "' or '1'='1". This technique aims to alter the intended SQL query by forcing it to return true, potentially allowing unauthorized access or data extraction. The presence of keywords like 'or' and payload structures like '1'='1' indicates manipulation to achieve always-true conditions in SQL queries. This is a common method in SQL injection attacks to compromise database interactions and should be addressed with input validation and parameterization to enhance security.
send
light_mode
delete
Question #6
An audit identified PII being utilized in the development environment of a critical application. The Chief Privacy Officer (CPO) is adamant that this data must be removed; however, the developers are concerned that without real data they cannot perform functionality tests and search for specific data. Which of the following should a security professional implement to BEST satisfy both the CPO's and the development team's requirements?
- AData anonymization
- BData encryption
- CData maskingMost Voted
- DData tokenization
Correct Answer:
A
A

Implementing data anonymization is the optimal approach to address the concerns raised by both the Chief Privacy Officer and the development team. By employing data anonymization, personally identifiable information within the dataset is altered, ensuring individual identities are protected while allowing critical data to be utilized for development purposes such as functionality tests. This method fulfills privacy requirements without compromising the testing and development capabilities, ensuring compliance and operational efficiency concurrently.
send
light_mode
delete
Question #7
A company is implementing a DLP solution on the file server. The file server has PII, financial information, and health information stored on it. Depending on what type of data that is hosted on the file server, the company wants different DLP rules assigned to the data. Which of the following should the company do to help accomplish this goal?
- AClassify the data.Most Voted
- BMask the data.
- CAssign the application owner.
- DPerform a risk analysis.
Correct Answer:
A
A

Absolutely spot on to go with Classify the data. When setting up DLP (Data Loss Prevention) rules for different types of sensitive information such as PII, financial records, or health data, the first step is always classifying the data based on sensitivity and the requirements for handling it. Each classification can have tailored DLP rules ensuring that protection mechanisms are properly aligned to the data’s importance and privacy requirements. This ensures targeted and efficient data protection strategies within the file server environment, making it easier to manage compliance and security.
send
light_mode
delete
Question #8
A forensics investigator is examining a number of unauthorized payments that were reported on the company's website. Some unusual log entries show users received an email for an unwanted mailing list and clicked on a link to attempt to unsubscribe. One of the users reported the email to the phishing team, and the forwarded email revealed the link to be:
<a href="https://www.company.com/payto.do?routing=00001111&acct=22223334&amount=250">Click here to unsubscribe</a>
Which of the following will the forensics investigator MOST likely determine has occurred?
<a href="https://www.company.com/payto.do?routing=00001111&acct=22223334&amount=250">Click here to unsubscribe</a>
Which of the following will the forensics investigator MOST likely determine has occurred?
- ASQL injection
- BBroken authentication
- CXSS
- DXSRFMost Voted
Correct Answer:
B
B

The scenario described involves an email link that when clicked, leads to unauthorized payments by unwittingly utilizing the user's authenticated session to execute a transaction. This is a classic example of a Cross-Site Request Forgery (XSRF) attack. In XSRF, the attacker tricks the user into executing actions on a web application to which they are already authenticated, exploiting the web application's trust in the user's browser. Here, the link embedded in the deceptive email performs actions without the user's consent, specifically directing funds without needing to steal the user's credentials.
send
light_mode
delete
Question #9
A report delivered to the Chief Information Security Officer (CISO) shows that some user credentials could be exfiltrated. The report also indicates that users tend to choose the same credentials on different systems and applications. Which of the following policies should the CISO use to prevent someone from using the exfiltrated credentials?
- AMFA
- BLockout
- CTime-based logins
- DPassword historyMost Voted
Correct Answer:
A
A

Implementing Multi-Factor Authentication (MFA) is the most effective method to enhance security when credentials have been compromised. MFA requires more than just the username and password for access, adding an additional layer of protection. This means even if a hacker has obtained user credentials, they still can't access the system without the second form of authentication. Even though it might not be categorized strictly under 'account policies' as described by some frameworks, its immediate impact on securing access makes it a superior choice in scenarios involving credential theft.
send
light_mode
delete
Question #10
A company wants to simplify the certificate management process. The company has a single domain with several dozen subdomains, all of which are publicly accessible on the internet. Which of the following BEST describes the type of certificate the company should implement?
- ASubject alternative name
- BWildcardMost Voted
- CSelf-signed
- DDomain validation
Correct Answer:
B
B

For a company with a single domain and several dozen subdomains that all need to be publicly accessible on the internet, a Wildcard SSL certificate is indeed the optimal choice. This type of certificate efficiently manages security by covering the primary domain and any subdomains under it using a single certificate. This not only simplifies the management process but also ensures consistent encryption across all domains and subdomains, enhancing overall security practices with practicality and ease.
send
light_mode
delete
All Pages