SY0-601 Online Practice Questions and Answers

Correct Answer: B

Comptia online book currently only uses hard drives in the sense of HDDs. The following is also from comptia's book.

Due to the cost of facilities, physical destruction is likely to be contracted to a third-party. It is important to use a reputable service provider and to obtain a detailed inventory of how each media item was sanitized and certificates of destruction

Correct Answer: C

A bug bounty program provides a monetary incentive for security researchers to discover vulnerabilities. One of the benefits is that bug bounty programs only pay researchers when they find vulnerabilities. Companies don't pay researchers for their time.

Reference: https://en.wikipedia.org/wiki/Bug_bounty_program

Correct Answer: AE

Correct Answer: B

"UEBA is an extension of SIEM where, in addition to observing suspicious network behavior, they also trigger alerts when unusual entity or user behavior is observed"

Correct Answer: C

key word "expanded its operations" - a new office has been opened that needs to connect to already existing offices.

Correct Answer: D

Wifi Protected Setup - Even though WPS offers this convenience, it is appallingly insecure. Wireless networks with WPS enabled are highly vulnerable to cybersecurity threats. Attackers can easily target the WPS function to steal network passwords, regardless of how complex the password is.

Correct Answer: D

A wildcard certificate is a digital certificate that is applied to a domain and all its subdomains. Wildcard notation consists of an asterisk and a period before the domain name. Secure

Correct Answer: C

In this scenario, the security analyst discovered a network device with cleartext authentication and a default credential. To secure the device, the best recommendation is to configure SNMPv3.

SNMP (Simple Network Management Protocol) is commonly used for network monitoring and management. SNMPv1 and SNMPv2c use cleartext authentication, which means that the credentials are transmitted without encryption, making them vulnerable to eavesdropping and potential credential theft.

SNMPv3 is the most secure version of SNMP and provides several security features, including data encryption, message integrity, and authentication. It uses technologies such as HMAC (Hash-based Message Authentication Code) and encryption algorithms to protect sensitive information, making it the preferred choice when securing network devices and preventing unauthorized access or misuse.

Correct Answer: B

Correct Answer: D

Nmap: Nmap is a network scanning tool used for discovering hosts and services on a network.

cURL: cURL is a command-line tool for transferring data with URLs. It's commonly used to send and receive data over various protocols, such as HTTP. Netcat: Netcat (nc) is a versatile networking utility often referred to as the "Swiss Army knife" of networking. It can create TCP and UDP connections, transfer files, and perform various networking tasks.

D. Wireshark: Wireshark is specifically designed for capturing and analyzing network packets. It provides a graphical user interface for dissecting and analyzing captured network data, making it the most appropriate tool for reviewing a pcap file to understand the content and behavior of the captured network traffic.

Correct Answer: B

The something you can do authentication factor refers to actions you can take such as gestures on a touch screen. As an example, Microsoft Windows 10 supports picture passwords. Users first select a picture, and then they can add three gestures as their picture password. Gestures include tapping in specific places on the picture, drawing lines between items with a finger, or drawing a circle around an item such as someone's head. After registering the picture and their gestures, users repeat these gestures to log on again later.

Correct Answer: D

Rainbow table attacks can easily be prevented by using salt techniques, which is a random data that is passed into the hash function along with the plain text.

Correct Answer: A

PEAP stands for Protected Extensible Authentication Protocol, which is a protocol that can provide secure authentication for wireless networks. PEAP can use certificates to authenticate the server and the client, or only the server. PEAP can also use other methods, such as passwords or tokens, to authenticate the client. PEAP can ensure only employees with a valid certificate can authenticate to the network.

Correct Answer: B

Retention policies specify how long data should be retained or archived to meet legal, compliance, and business requirements. In this case, the administrator is assisting the legal and compliance team in ensuring that information about customer transactions is archived for the proper time period, which aligns with data retention policies.

Correct Answer: C