CompTIA SY0-601 Practice Test

After reading a security bulletin, a network security manager is concerned that a malicious actor may have breached the network using the same software flaw. The exploit code is publicly available and has been reported as being used against other industries in the same vertical. Which of the following should the network security manager consult FIRST to determine a priority list for forensic review?

A.

The vulnerability scan output

B.

The IDS logs

C.

The full packet capture data

D.

The SIEM alerts

An analyst has determined that a server was not patched and an external actor exfiltrated
data on port 139. Which of the following sources should the analyst review to BEST
ascertain how the Incident could have been prevented?

A.

The vulnerability scan output

B.

The security logs

C.

The baseline report

D.

The correlation of events

A security auditor is reviewing vulnerability scan data provided by an internal security team. Which of the following BEST indicates that valid credentials were used?

A.

The scan results show open ports, protocols, and services exposed on the target host

B.

The scan enumerated software versions of installed programs

C.

The scan produced a list of vulnerabilities on the target host

D.

The scan identified expired SSL certificates

When used at the design stage, which of the following improves the efficiency, accuracy,
and speed of a database?

A.

Tokenization

B.

Data masking

C.

Normalization

D.

Obfuscation

Employees are having issues accessing the company's website. Some employees report
very slow performance, while others cannot the website at all. The web and security
administrators search the logs and find millions of half-open connections to port 443 on the
web server. Further analysis reveals thousands of different source IPs initiating this traffic.
Which of the following attacks is MOST likely occurring?

A.

DDoS

B.

Man-in-the-middle

C.

MAC flooding

Which of the following would be BEST to establish between organizations to define the
responsibilities of each party outline the key deliverables and include monetary penalties
for breaches to manage third-party risk?

A.

An ARO

B.

An MOU

C.

An SLA

D.

A BPA

Which of the following are the MOST likely vectors for the unauthorized inclusion of vulnerable code in a software company’s final software releases? (Select TWO.)

A.

Unsecure protocols

B.

Use of penetration-testing utilities

C.

Weak passwords

D.

Included third-party libraries

E.

Vendors/supply chain

F.

Outdated anti-malware software

A financial analyst is expecting an email containing sensitive information from a client.
When the email arrives, the analyst receives an error and is unable to open the encrypted
message. Which of the following is the MOST likely cause of the issue?

A.

The S/MME plug-in is not enabled.

B.

The SLL certificate has expired.

C.

Secure IMAP was not implemented

D.

POP3S is not supported.

Which of the following would BEST identify and remediate a data-loss event in an
enterprise using third-party, web-based services and file-sharing platforms?

A.

SIEM

B.

CASB

C.

UTM

D.

DLP

Which of the following refers to applications and systems that are used within an
organization without consent or approval?

A.

Shadow IT

B.

OSINT

C.

Dark web

D.

Insider threats