Attested SY0-601 Dumps PDF Resource [2021]
Latest SY0-601 Actual Free Exam Questions Updated 455 Questions
Threats, Attacks, and Vulnerabilities (24%)
- Summarize the methods utilized in security evaluations;
- Describe the security issues connected with different kinds of vulnerabilities;
- Describe the methods utilized for penetration testing.
- In a given scenario, evaluate the possible indicators connected with application attacks;
- Compare and contrast various types of social engineering methods;
- Given a specific scenario, evaluate the possible indicators to determine the attack type;
- Given a specific scenario, evaluate the possible indicators connected with attacks on the network;
- Describe various threat actors, intelligence sources, and vectors;
About Security+
Obtaining the Security+ certificate proves that you are proficient in the following:
- You can secure as well as control hybrid environments such as cloud, IoT, and mobile devices.
- You are able to evaluate the security conditions of an organization you are working for and know how to implement suitable security solutions;
- You are knowledgeable about the principles of governance, compliance, and risk;
- You are capable of efficiently & swiftly responding to any appearing security issues and incidents.
Career Path
Passing the CompTIA SY0-601 test lays the foundation for your IT security career. After an impressive start, every candidate needs career advancement. CompTIA has a well-designed career path for every IT security specialist. To take a beginner cybersecurity career to an intermediate level, one can go for the cybersecurity CySA+ and PenTest+ certifications. Earning these certifications will make you an ideal candidate for job roles like Pen Tester, Security Engineer, and Security Analyst. The CompTIA Advanced Security Practitioner, also known as CASP+, is the advanced-level certification that any cybersecurity specialist who has 10 years of related work experience can opt for. Once you have this advanced certificate, you can easily aim for a Senior Security Engineer job role and take a handsome salary of $109,340 as PayScale.com claims. Under these job roles, there are multiple job postings annually and the crux of the matter is that having all these certifications by your name establishes you as a famed doyen of cybersecurity. Be sure, there won't be any dearth of career opportunities and prospects for you afterward.
NEW QUESTION 84
An attacked is attempting to exploit users by creating a fake website with the URL www.validwebsite.com.
The attacker's intent is to imitate the look and feel of a legitimate website to obtain personal information from unsuspecting users. Which of the following social-engineering attacks does this describe?
- A. Watering-hole attack
- B. Typo squatting
- C. Impersonation
- D. Information elicitation
Answer: A
NEW QUESTION 85
A cybersecurity administrator has a reduced team and needs to operate an on-premises network and security infrastructure efficiently. To help with the situation, the administrator decides to hire a service provider.
Which of the following should the administrator use?
- A. IaaS
- B. Microservices
- C. MSSP
- D. AAA
- E. SDP
Answer: C
NEW QUESTION 86
A security analyst discovers several .jpg photos from a cellular phone during a forensics investigation involving a compromised system. The analyst runs a forensics tool to gather file metadata. Which of the following would be part of the images if all the metadata is still intact?
- A. The total number of print jobs
- B. When the file was deleted
- C. The number of copies made
- D. The GPS location
Answer: B
NEW QUESTION 87
Select the appropriate attack and remediation from each drop-down list to label the corresponding attack with its remediation.
INSTRUCTIONS
Not all attacks and remediation actions will be used.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
Answer:
Explanation:
NEW QUESTION 88
An enterprise has hired an outside security firm to conduct penetration testing on its network and applications. The firm has only been given the documentation available to the customers of the applications. Which of the following BEST represents the type of testing that will occur?
- A. Black-box
- B. Gray-box
- C. Bug bounty
- D. White-box
Answer: C
NEW QUESTION 89
A network engineer needs to build a solution that will allow guests at the company's headquarters to access the Internet via WiFi. This solution should not allow access to the internal corporate network, but it should require guests to sign off on the acceptable use policy before accessing the Internet. Which of the following should the engineer employ to meet these requirements?
- A. Deploy a WAF
- B. Configure WIPS on the APs
- C. Install a captive portal
- D. Implement open PSK on the APs
Answer: C
NEW QUESTION 90
An analyst has determined that a server was not patched and an external actor exfiltrated data on port 139.
Which of the following sources should the analyst review to BEST ascertain how the Incident could have been prevented?
- A. The correlation of events
- B. The baseline report
- C. The vulnerability scan output
- D. The security logs
Answer: D
NEW QUESTION 91
The security administrator has installed a new firewall which implements an implicit DENY policy by default.
Answer:
Explanation:
Click on the firewall and configure it to allow ONLY the following communication.
1. The Accounting workstation can ONLY access the web server on the public network over the default HTTPS port. The accounting workstation should not access other networks.
2. The HR workstation should be restricted to communicate with the Financial server ONLY, over the default SCP port
3. The Admin workstation should ONLY be able to access the servers on the secure network over the default TFTP port.
Instructions: The firewall will process the rules in a top-down manner in order as a first match The port number must be typed in and only one port number can be entered per rule Type ANY for all ports. The original firewall configuration can be reset at any time by pressing the reset button. Once you have met the simulation requirements, click save and then Done to submit.
Hot Area:
Section: Network Security
Explanation:
Implicit deny is the default security stance that says if you aren't specifically granted access or privileges for a resource, you're denied access by default.
Rule #1 allows the Accounting workstation to ONLY access the web server on the public network over the default HTTPS port, which is TCP port 443.
Rule #2 allows the HR workstation to ONLY communicate with the Financial server over the default SCP port, which is TCP Port 22 Rule #3 & Rule #4 allow the Admin workstation to ONLY access the Financial and Purchasing servers located on the secure network over the default TFTP port, which is Port 69.
References: Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 26, 44 http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers References: Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 26, 44 http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
NEW QUESTION 92
Phone number, address, and date of birth be provided to confirm Joe's identity before sending him the prize. Which of the following BEST describes this type of email?
- A. Vishing
- B. Whaling
- C. Phishing
- D. Spear phishing
Answer: C
NEW QUESTION 93
A security engineer is setting up passwordlessauthentication for the first time.
INSTRUCTIONS
Use the minimum set of commands to set this up and verify that it works. Commands cannot be reused.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
Answer:
Explanation:
NEW QUESTION 94
Which of the following will provide the BEST physical security countermeasures to stop intruders? (Choose two.)
- A. Fencing
- B. Alarms
- C. Lighting
- D. Mantraps
- E. Signage
- F. Sensors
Answer: A,F
NEW QUESTION 95
The security administrator has installed a new firewall which implements an implicit DENY policy by default.
INSTRUCTIONS:
Click on the firewall and configure it to allow ONLY the following communication.
1. The Accounting workstation can ONLY access the web server on the public network over the default HTTPS port. The accounting workstation should not access other networks.
2. The HR workstation should be restricted to communicate with the Financial server ONLY, over the default SCP port
3. The Admin workstation should ONLY be able to access the servers on the secure network over the default TFTP port.
Instructions: The firewall will process the rules in a top-down manner in order as a first match The port number must be typed in and only one port number can be entered per rule Type ANY for all ports. The original firewall configuration can be reset at any time by pressing the reset button. Once you have met the simulation requirements, click save and then Done to submit.
Hot Area:
Answer:
Explanation:
Explanation
Graphical user interface Description automatically generated with medium confidence
Graphical user interface Description automatically generated
Section: Network Security
Implicit deny is the default security stance that says if you aren't specifically granted access or privileges for a resource, you're denied access by default.Rule #1 allows the Accounting workstation to ONLY access the web server on the public network over the default HTTPS port, which is TCP port 443.Rule #2 allows the HR workstation to ONLY communicate with the Financial server over the default SCP port, which is TCP Port
22Rule #3 & Rule #4 allow the Admin workstation to ONLY access the Financial and Purchasing servers located on the secure network over the default TFTP port, which is Port 69.
References:Stewart,
James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 26, 44
http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
NEW QUESTION 96
A security analyst has been asked to investigate a situation after the SOC started to receive alerts from the SIEM. The analyst first looks at the domain controller and finds the following events:
To better understand what is going on, the analyst runs a command and receives the following output:
Based on the analyst's findings, which of the following attacks is being executed?
- A. Credential harvesting
- B. Brute-force
- C. Spraying
- D. Keylogger
Answer: C
Explanation:
Explanation
If a user tries to authenticate with a wrong password, the domain controller who handles the authentication request will increment an attribute called badPwdCount. As you can see in the image, the badpwdcount attribute for the user states that many passwords were used to try to log in without success. Password spraying is an attack that attempts to access a large number of accounts (usernames) with a few commonly used passwords.
https://www.coalfire.com/the-coalfire-blog/march-2019/password-spraying-what-to-do-and-how-to-avoid-it
https://doubleoctopus.com/security-wiki/threats-and-tools/password-spraying/
NEW QUESTION 97
A user recently attended an exposition and received some digital promotional materials The user later noticed blue boxes popping up and disappearing on the computer, and reported receiving several spam emails, which the user did not open Which of the following is MOST likely the cause of the reported issue?
- A. There was malicious code on the USB drive
- B. The OS was corrupted
- C. There was a drive-by download of malware
- D. The user installed a cryptominer
Answer: A
NEW QUESTION 98
A manufacturer creates designs for very high security products that are required to be protected and controlled by the government regulations. These designs are not accessible by corporate networks or the Internet. Which of the following is the BEST solution to protect these designs?
- A. A demilitarized zone
- B. An air gap
- C. A shielded cable
- D. A Faraday cage
Answer: B
NEW QUESTION 99
An organization has a growing workforce that is mostly driven by additions to the sales department. Each newly hired salesperson relies on a mobile device to conduct business. The Chief Information Officer (CIO) is wondering it the organization may need to scale down just as quickly as it scaled up. The ClO is also concerned about the organization's security and customer privacy. Which of the following would be BEST to address the ClO's concerns?
- A. Implement BYOD for the sates department while leveraging the MDM
- B. Select four devices for the sales department to use in a CYOD model
- C. Deploy mobile devices using the COPE methodology
- D. Disallow new hires from using mobile devices for six months
Answer: A
NEW QUESTION 100
A security analyst Is hardening a Linux workstation and must ensure It has public keys forwarded to remote systems for secure login Which of the following steps should the analyst perform to meet these requirements? (Select TWO).
- A. Forward the keys using ssh-copy-id.
- B. Forward the keys using scp.
- C. Forward the keys using ash -i.
- D. Forward the keys using openssl -s.
- E. Forward the keys using ssh-keyger.
Answer: A,D
NEW QUESTION 101
......
SY0-601 Certification Overview Latest SY0-601 PDF Dumps: https://www.vce4plus.com/CompTIA/SY0-601-valid-vce-dumps.html
Free SY0-601 Exam Braindumps certification guide Q&A: https://drive.google.com/open?id=1qKc2W1CL4FXUuMoRO_s2VnGFYB2t0E-O