CompTIA Security+ SY0-601 (Practice Test)

The CompTIA Security+ certification exam will verify the successful candidate has the knowledge and skills required to assess the security posture of an enterprise environment and recommend and implement appropriate security solutions; monitor and secure hybrid environments, including cloud, mobile, and IoT; operate with an awareness of applicable laws and policies, including principles of governance, risk, and compliance; identify, analyze, and respond to security events and incidents

  • Questions: 20
  • Time: 60 seconds per question (0 hours, 20 minutes, 0 seconds)
  • Included Objectives:
    • Attacks, Threats, and Vulnerabilities
    • Architecture and Design
    • Implementation
    • Operations and Incident Response
    • Governance, Risk, and Compliance

Your employer allows BYOD because the companies software landscape is entirely based on SaaS applications on the internet. Recently an employee's various accounts were accessed by a hacker. The user tells you they had different passwords for all of the applications. No one else has reported similar issues. After helping the user conduct a malware scan on their personnel device you find that they have malware that records input given to the PC by the user. What option best describes the type of malware found?

  • Virus
  • RAT
  • Keylogger
  • Worm

Your employer has always been very security conscious and to date does not use an company owned mobile or wireless devices like laptops and smart phones. A new project aims to evaluate options on the market for security implementing laptops within the company. One requirement is that all data stored on the laptop's drive must be encrypted. What type of drive could fulfill this requirement?

  • VPN
  • SED
  • RAID 0

What option would create a new ACL entry that would deny any port 80 HTTP traffic?

  • allow all but tcp 443
  • deny tcp any server tcp 80
  • deny all any server web
  • allow tcp any server tcp 80

Your employer has several thousand internal users all who need to access the internet on a daily basis to complete their work. What technology should be used to mask the internal IP addresses of these users and allow access to the internet through shared public IP addresses?

  • NAT
  • DNS
  • DMZ
  • Router

Which of the following options is a network device that can use VLANs to reduce collisions and the size of broadcast domains?

  • Switch
  • Packet Tracer
  • Router
  • Packet Switcher
  • Firewall
  • Hub

What role is responsible for ensuring that an organization's processes and systems protect any PII data about customers or staff as defined by data privacy regulations like GDPR?

  • Personnel Data Owner (PDO)
  • Chief Data Officer (DTO)
  • Data Protection Officer (DPO)
  • Data Administrator (DA)

You work for a large enterprise with many offices around the country. Offices have been asked to identify any natural disasters that could impact their areas and prevent employees from being able to complete there usual duties. Once these are identified a plan should be put in place to ensure the business can carry on using mitigations and back up systems or processes. What type of plan is being put into place for each office?

  • Business Fallback and Restoration Plan
  • Incident Response Plan
  • Disaster Recovery Plan
  • Business Continuity Plan

Of the following options, which is a cryptographic algorithm classified as asymmetric?

  • Blowfish
  • RSA
  • AES
  • DES
  • RC4
  • RC5

You are observing an outage of your employers website. While investigating the cause of the outage you learn that there is a large-scale DDOS attack that has caused network outages for large percentages of the internet. The attack is targeting key infrastructure of major web service providers. According to news sources the attackers are sending huge numbers of requests to open DNS servers with spoofed IP addresses. The responses from the DNS servers are sent to the spoofed IP addresses which have resulted in network outages due to overwhelmed infrastructure. What type of attack is being conducted?

  • DNS jamming
  • DNS poisoning
  • DNS amplification
  • Domain hijacking

You have ordered a penetration test on the companies website from a 3rd party IT Security consultant. Your web administration team has created a stand-alone test network to ensure the penetration tests do not cause issues on the live website. Other than the IP address of the web server you have not provided the penetration testers with any information. What type of test best describes this scenario?

  • Integration
  • White box
  • Black box
  • Stand alone

Your employer has a large team of software developers with constantly changing codebases for dozens of internal applications. As a part of change control any code changes go through an automated vulnerability scanning process which checks for known vulnerabilities in frameworks, programming languages, dependencies and the code itself. Due to business pressure these scans have been largely ignored and there are currently over a thousand issues found by the automated scanning. You are tasked with working with the developers and remedying 100% of the issues. What should you do next?

  • Identify any false positives to reduce the number of items to remediate
  • Organize the vulnerabilities by criticality and begin planning for solutions for the most critical vulnerabilities first
  • Implement an approval step for all code changes that requires no security issues prior to updates
  • Stop all deployments, code changes and updates until the vulnerabilities are fixed

Your coworker identified a vulnerability for a 3rd party software solution hosted on premise. The coworker is out sick today and has asked you remediate this issue as quickly as possible. You have identified a patch to fix the security vulnerability from the vendor's official website. What step should you take NEXT?

  • Submit a change request based on the companies change management processes
  • Install the patch immediately and inform affected users
  • Start the incident response process
  • Begin monitoring for related incidients

You are responsible for network security within your employer's network architecture team. Your team is implementing a new network that can allow unauthenticated WiFi users access to the internet without allowing them access to any internal systems. What type of WiFi network is this?

  • Extranet
  • NAT
  • DMZ
  • Guest

Which containment technique would be the best response when a system is believed to be infected with malware?

  • Propagation
  • Immediately segment the network into the smallest possible groups
  • Determine the attack vector and disable it
  • Isolate the affected systems

What term refers to a holistic approach to IT security including diversification of vendors, controls (both administrative and technical) and user training?

  • Holistic IA
  • DMZ
  • Regulatory standard framework
  • Defense-in-depth

After a recent firewall configuration change several users are complaining they can access the company intranet but not any public websites. You determine that an accidental configuration change was made that is blocking HTTPS traffic. What port should be allowed to ensure users can access the web again?

  • 8080
  • 8888
  • 80
  • 443
  • 3389
  • 334

You are the resident IT within your family. While relaxing and enjoying a family Thanksgiving dinner your sweet old Grandmother mentions that Microsoft called her cell phone and helped her with a virus on her computer. You explain to her that Microsoft does not call people directly to help with computer issues and that she was likely targeted by a malicious attacker. You scan her computer for viruses and find several. Your poor sweet old Grandmother was a victim of what type of attack?

  • phonejacking
  • Tailgaiting
  • Spear phishing
  • Vishing

Which of the following options is a functionality or tool that disallows access to a wireless network based on the layer 2 address of the client device?

  • ACL
  • WPA2
  • Split tunnel VPN
  • MAC address filtering

Your boss wants an intrusion detection system that can automatically identify suspicious activity on a server by using its log data. What type of IDS is she talking about?

  • NIPS
  • FIDS
  • NIDS
  • HIDS

Your employer has asked your team to define and implement a new network area that will be accessible to authorized 3rd party companies through a dedicated WAN connection. A critical requirement is that access to this new network area should not also allow network access to the companies internal network and systems. What type of network best defines this setup?

  • Intranet
  • VLAN
  • Guess WiFi
  • Extranet