SY0-601 : CompTIA Security+ 2021 : Part 05

SY0-601 : CompTIA Security+ 2021 : Part 05

1. Which of the following policies would help an organization identify and mitigate potential single points of failure in the company’s IT/security operations?

   • Least privilege
   • Awareness training
   • Separation of duties
   • Mandatory vacation

2. Which of the following would be the BEST method for creating a detailed diagram of wireless access points and hotspots?

   • Footprinting
   • White-box testing
   • A drone/UAV
   • Pivoting

3. A user enters a password to log in to a workstation and is then prompted to enter an authentication code. Which of the following MFA factors or attributes are being utilized in the authentication process? (Choose two.)

   • Something you know
   • Something you have
   • Somewhere you are
   • Someone you know
   • Something you are
   • Something you can do

4. When selecting a technical solution for identity management, an architect chooses to go from an in-house solution to a third-party SaaS provider. Which of the following risk management strategies is this an example of?

   • Transference
   • Avoidance
   • Acceptance
   • Mitigation

5. A website developer is working on a new e-commerce website and has asked an information security expert for the most appropriate way to store credit card numbers to create an easy reordering process. Which of the following methods would BEST accomplish this goal?

   • Salting the magnetic strip information
   • Encrypting the credit card information in transit
   • Hashing the credit card numbers upon entry
   • Tokenizing the credit cards in the database

6. A company recently experienced a data breach and the source was determined to be an executive who was charging a phone in a public area. Which of the following would MOST likely have prevented this breach?

   • A firewall
   • A device pin
   • A USB data blocker
   • Biometrics

7. An analyst visits an Internet forum looking for information about a tool. The analyst finds a thread that appears to contain relevant information. One of the posts says the following:

   

   Which of the following BEST describes the attack that was attempted against the forum readers?

   • SQLi attack
   • DLL attack
   • XSS attack
   • API attack

8. A network administrator would like to configure a site-to-site VPN utilizing IPsec. The administrator wants the tunnel to be established with data integrity, encryption, authentication, and anti-replay functions. Which of the following should the administrator use when configuring the VPN?

   • AH
   • EDR
   • ESP
   • DNSSEC

9. Users have been issued smart cards that provide physical access to a building. The cards also contain tokens that can be used to access information systems. Users can log in to any thin client located throughout the building and see the same desktop each time. Which of the following technologies are being utilized to provide these capabilities? (Choose two.)

   • COPE
   • VDI
   • GPS
   • TOTP
   • RFID
   • BYOD

10. The Chief Security Officer (CSO) at a major hospital wants to implement SSO to help improve security in the environment and protect patient data, particularly at shared terminals. The Chief Risk Officer (CRO) is concerned that training and guidance have not been provided to frontline staff, and a risk analysis has not been performed. Which of the following is the MOST likely cause of the CRO’s concerns?

    • SSO would simplify username and password management, making it easier for hackers to guess accounts.
    • SSO would reduce password fatigue, but staff would still need to remember more complex passwords.
    • SSO would reduce the password complexity for frontline staff.
    • SSO would reduce the resilience and availability of systems if the identity provider goes offline.

11. A smart switch has the ability to monitor electrical levels and shut off power to a building in the event of power surge of power surge or other fault situation. The switch was installed on a wired network in a hospital and is monitored by the facilities department via a cloud application. The security administrator isolated the switch on a separate VLAN and set up a patching routine. Which of the following steps should also be taken to harden the smart switch?

    • Set up an air gap for the switch.
    • Change the default password for the switch.
    • Place the switch in a Faraday cage.
    • Install a cable lock on the switch.

12. A cybersecurity administrator has a reduced team and needs to operate an on-premises network and security infrastructure efficiently. To help with the situation, the administrator decides to hire a service provider. Which of the following should the administrator use?

    • SDP
    • AAA
    • IaaS
    • MSSP
    • Microservices

13. A security assessment determines DES and 3DES are still being used on recently deployed production servers. Which of the following did the assessment identify?

    • Unsecure protocols
    • Default settings
    • Open permissions
    • Weak encryption

14. Which of the following types of controls is a turnstile?

    • Physical
    • Detective
    • Corrective
    • Technical

15. Which of the following describes the BEST approach for deploying application patches?

    • Apply the patches to systems in a testing environment, then to systems in a staging environment, and finally to production systems.
    • Test the patches in a staging environment, develop against them in the development environment, and then apply them to the production systems.
    • Test the patches in a test environment, apply them to the production systems, and then apply them to a staging environment.
    • Apply the patches to the production systems, apply them in a staging environment, and then test all of them in a testing environment.

16. A security analyst is investigating an incident that was first reported as an issue connecting to network shares and the Internet. While reviewing logs and tool output, the analyst sees the following:

    

    Which of the following attacks has occurred?

    • IP conflict
    • Pass-the-hash
    • MAC flooding
    • Directory traversal
    • ARP poisoning

17. After entering a username and password, an administrator must draw a gesture on a touch screen. Which of the following demonstrates what the administrator is providing?

    • Multifactor authentication
    • Something you can do
    • Biometrics
    • Two-factor authentication

18. An organization suffered an outage, and a critical system took 90 minutes to come back online. Though there was no data loss during the outage, the expectation was that the critical system would be available again within 60 minutes. Which of the following is the 60-minute expectation an example of?

    • MTBF
    • RPO
    • MTTR
    • RTO

19. Joe, a user at a company, clicked an email links that led to a website that infected his workstation. Joe was connected to the network, and the virus spread to the network shares. The protective measures failed to stop this virus, and it has continued to evade detection. Which of the following should a security administrator implement to protect the environment from this malware?

    • Install a definition-based antivirus.
    • Implement an IDS/IPS
    • Implement a heuristic behavior-detection solution.
    • Implement CASB to protect the network shares.

20. An organization is concerned that its hosted web servers are not running the most updated version of the software. Which of the following would work BEST to help identify potential vulnerabilities?

    • hping3 ­–S comptia.org –p 80

    • nc –l –v comptia.org –p 80

    • nmap comptia.org –p 80 –sV

    • nslookup –port=80 comptia.org