CompTIA-SY0-601-Security+ Quiz Questions and Answers

After reading a security bulletin, a network security manager is concerned that a malicious actor may have breached the network using the same software flaw. The exploit code is publicly available and has been reported as being used against other industries in the same vertical. Which of the following should the network security manager consult to determine a priority list for forensic review?

Answer :
  • The vulnerability scan output

A cybersecurity administrator needs to add disk redundancy for a critical server. The solution must have a two-drive failure for better fault tolerance. Which of the following RAID levels should the administrator select?

Answer :
  • 1

The IT departmentג€™s on-site developer has been with the team for many years. Once an application is released, the security team can identify multiple vulnerabilities. Which would best help the team ensure the application is ready to be released to production?

Answer :
  • Submit the application to QA before releasing it

An employee has been charged with fraud and is suspected of using corporate assets. As authorities collect evidence and preserve the admissibility of the evidence, which of the following forensic techniques should be used?

Answer :
  • Chain of custody

A host was infected with malware. During the incident response, Joe, a user, reported that he did not receive any emails with links, but he had been browsing the Internet all day. Which of the following would most likely show where the malware originated from?

Answer :
  • The DNS logs

Joe, an employee, receives an email stating he won the lottery. The email includes a link that requests a name, mobile phone number, address, and date of birth be provided to confirm Joeג€™s identity before sending him the prize. Which of the following best describes this type of email?

Answer :
  • Phishing

A security analyst is performing a forensic investigation involving compromised account credentials. Using the Event Viewer, the analyst could detect the following message: ג€Special privileges assigned to the new logon.ג€ Several of these messages did not have a valid login associated with the user before these privileges were assigned. Which of the following attacks is most likely being detected?

Answer :
  • Pass-the-hash

A security engineer has enabled two-factor authentication on all workstations. Which of the following approaches are the most secure? (Select two)

Answer :
  • Password and smart card
  • Password and fingerprint

The process of passively gathering information poor to launching a cyberattack is called:

Answer :
  • Reconnaissance

Which of the following best describes an important security advantage yielded by implementing vendor diversity?

Answer :
  • Resiliency