CompTIA SY0-601 CompTIA Security+ Exam Practice Test

Page: 1 / 14
Total 608 questions
Question 1

Which of the following is best to use when determining the severity of a vulnerability?



Answer : D

CVSS, or Common Vulnerability Scoring System, is a standard method for assessing the severity of software vulnerabilities based on various metrics and factors. CVE, or Common Vulnerabilities and Exposures, is a list of publicly disclosed vulnerabilities, but does not provide a severity score. OSINT, or Open Source Intelligence, is the collection and analysis of publicly available information, which may or may not be relevant to a specific vulnerability. SOAR, or Security Orchestration, Automation and Response, is a set of tools and processes that automate and streamline security operations and incident response.


Question 2

Which of the following test helps to demonstrate integrity during a forensics investigation?



Answer : C

Hashing is a process that applies a mathematical algorithm to a data set, such as a file or a message, and produces a fixed-length string of characters called a hash or a digest. Hashing helps to demonstrate integrity during a forensics investigation because it can verify that the data has not been altered, corrupted, or tampered with. By comparing the hash values of the original and the copied data, investigators can ensure that they are identical and authentic.If the hash values are different, it means that the data has been modified in some way


Question 3

A company currently uses passwords for logging in to company-owned devices and wants to add a second authentication factor Per corporate policy, users are not allowed to have smartphones at their desks Which of the following would meet these requirements?



Answer : A

A smart card is a physical device that contains an embedded integrated circuit chip that can store and process data. A smart card can be used as a second authentication factor, in addition to a password, to verify the identity of a user who wants to log in to company-owned devices. A smart card requires a smart card reader to access the data on the chip, which adds an extra layer of security.A smart card meets the requirements of the company because it does not involve a smartphone or any other device that is not allowed at the desks


Question 4

A security engineer must deploy two wireless routers in an office suite Other tenants in the office building should not be able to connect to this wireless network Which of the following protocols should the engineer implement to ensure the strongest encryption?



Answer : B

WPA2 (Wi-Fi Protected Access 2) is a network security protocol that should be implemented to ensure the strongest encryption for a wireless network. WPA2 is an upgrade from the original WPA protocol, which was designed as a replacement for the older and less secure WEP protocol. WPA2 implements the mandatory elements of IEEE 802.11i standard, including CCMP, an AES-based encryption mode.WPA2 provides stronger security and data protection than WPS (Wi-Fi Protected Setup), WAP (Wireless Application Protocol), or HTTPS (Hypertext Transfer Protocol Secure)


Question 5

A company uses specially configured workstations for any work that requires administrator privileges to its Tier 0 and Tier 1 systems The company follows a strict process to harden systems immediately upon delivery Even with these strict security measures in place an incident occurred from one of the workstations The root cause appears to be that the SoC was tampered with or replaced Which of the following most likely occurred?



Answer : C

A supply-chain attack is a type of cyberattack that targets a trusted third-party vendor who offers services or products vital to the supply chain. A supply-chain attack can occur in software or hardware. In this case, the most likely scenario is that the SoC (system on chip) was compromised by a malicious actor before it was delivered to the company, either by tampering with or replacing it with a malicious version.This would allow the attacker to gain access to the company's systems through the specially configured workstations


Question 6

A software company adopted the following processes before releasing software to production

* Peer review

* Static code scanning

* Signing

A considerable number of vulnerabilities are still being detected when code is executed on production Which of the following security tools can improve vulnerability detection on this environment?



Answer : B

A dynamic code analysis tool is a security tool that can improve vulnerability detection on this environment by testing and analyzing the software during runtime. Dynamic code analysis can identify potential vulnerabilities, errors, or performance issues that may not be visible in the source code or during static analysis, such as memory leaks, buffer overflows, or input validation errors.Dynamic code analysis can also simulate real-world scenarios and user inputs to evaluate the behavior and functionality of the software


Question 7

A company is designing the layout of a new data center so it will have an optimal environmental temperature Which of the following must be included? (Select two).



Answer : B, D

A cold aisle and a hot aisle are design strategies for data centers that aim to improve the cooling efficiency and reduce the energy consumption. They involve lining up server racks in alternating rows with cold air intakes facing one side (the cold aisle) and hot air exhausts facing the other side (the hot aisle). This prevents the mixing of hot and cold air and creates a more uniform temperature distribution. The cold aisles receive cold air from the cooling units, while the hot aisles return hot air to the cooling units. This improves the performance and reliability of the IT equipment and lowers the cooling costs.Reference:Hot and Cold-Aisle Containment - Advantages & Disadvantages - AKCP;Hot Aisle Containment vs. Cold Aisle Containment: Which is Better for the Data Center? - Upsite;Aisle Containment Systems FAQ for Hot & Cold Aisle Solutions - Cool Shield;Hot and Cold Aisle Containment Differences - AKCP Monitoring;What is Hot Aisle/Cold Aisle? - Definition from Techopedia


Page:    1 / 14   
Total 608 questions