[2023年05月] ベストな問題集を使おうCompTIA Security+ SY0-601専門試験問題
100%の合格率を試そう!更新されたのはSY0-601試験問題 [2023]
質問 # 139
A Chief Executive Officer's (CEO) personal information was stolen in a social engineering attack. Which of the following sources would reveal if the CEO's personal information is for sale?
- A. Vulnerability databases
- B. Automated information sharing
- C. Open-source intelligence
- D. The dark web
正解:D
質問 # 140
A network analyst is investigating compromised corporate information. The analyst leads to a theory that network traffic was intercepted before being transmitted to the internet. The following output was captured on an internal host:
Based on the IoCS, which of the following was the MOST likely attack used to compromise the network communication?
- A. Denial of service
- B. MAC flooding
- C. Command injection
- D. ARP poisoning
正解:B
質問 # 141
An organization wants to enable built-in FDE on all laptops Which of the following should the organization ensure is Installed on all laptops?
- A. CA
- B. CRL
- C. SAML
- D. TPM
正解:D
解説:
The organization should ensure that a Trusted Platform Module (TPM) is installed on all laptops in order to enable built-in Full Disk Encryption (FDE). TPM is a hardware-based security chip that stores encryption keys and helps to protect data from malicious attacks. It is important to ensure that the TPM is properly configured and enabled in order to get the most out of FDE.
質問 # 142
A company is upgrading its wireless infrastructure to WPA2-Enterprise using EAP-TLS. Which of the following must be part of the security architecture to achieve AAA? (Select TWO)
- A. PKI
- B. RADIUS
- C. DNSSEC
- D. Reverse proxy
- E. VPN concentrator
- F. Active Directory
正解:B、F
質問 # 143
Which of the following would satisfy three-factor authentication requirements?
- A. PIN, fingerprint scan, and ins scan
- B. PIN, physical token, and ID card
- C. Password, fingerprint scan, and physical token
- D. Password, PIN, and physical token
正解:C
解説:
Explanation
Three-factor authentication combines three types of authentication methods: something you know (password), something you have (physical token), and something you are (fingerprint scan). Option C satisfies these requirements, as it uses a password (something you know), a physical token (something you have), and a fingerprint scan (something you are) for authentication.
Reference: CompTIA Security+ Study Guide (SY0-601) 7th Edition by Emmett Dulaney, Chuck Easttom Note: There could be other options as well that could satisfy the three-factor authentication requirements as per the organization's security policies.
質問 # 144
Leveraging the information supplied below, complete the CSR for the server to set up TLS (HTTPS)
* Hostname: ws01
* Domain: comptia.org
* IPv4: 10.1.9.50
* IPV4: 10.2.10.50
* Root: home.aspx
* DNS CNAME:homesite.
Instructions:
Drag the various data points to the correct locations within the CSR. Extension criteria belong in the let hand column and values belong in the corresponding row in the right hand column.
正解:
解説:
質問 # 145
An organization recently acquired an ISO 27001 certification. Which of the following would MOST likely be considered a benefit of this certification?
- A. It assures customers that the organization meets security standards
- B. It certifies the organization can work with foreign entities that require a security clearance
- C. It provides complimentary training and certification resources to IT security staff.
- D. It allows for the sharing of digital forensics data across organizations
- E. It provides insurance in case of a data breach
正解:A
解説:
According to the ISO https://www.iso.org/standard/54534.html
ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. The requirements set out in ISO/IEC 27001:2013 are generic and are intended to be applicable to all organizations, regardless of type, size or nature.
質問 # 146
A user reports constant lag and performance issues with the wireless network when working at a local coffee shop. A security analyst walks the user through an installation of Wireshark and get a five-minute pcap to analyze. The analyst observes the following output:
Which of the following attacks does the analyst MOST likely see in this packet capture?
- A. Bluejacking
- B. Evil twin
- C. Session replay
- D. ARP poisoning
正解:B
質問 # 147
A user reports constant lag and performance issues with the wireless network when working at a local coffee shop. A security analyst walks the user through an installation of Wireshark and get a five-minute pcap to analyze. The analyst observes the following output:
Which of the following attacks does the analyst MOST likely see in this packet capture?
- A. Bluejacking
- B. Evil twin
- C. Session replay
- D. ARP poisoning
正解:B
質問 # 148
An organization blocks user access to command-line interpreters but hackers still managed to invoke the interpreters using native administrative tools.
Which of the following should the security team do to prevent this from Happening in the future?
- A. Implement HIPS to block Inbound and outbound SMB ports 139 and 445.
- B. Configure the AV to quarantine the native OS tools whenever they are executed
- C. Disable the built-in OS utilities as long as they are not needed for functionality.
- D. Trigger a SIEM alert whenever the native OS tools are executed by the user
正解:C
質問 # 149
A corporate security team needs to secure the wireless perimeter of its physical facilities to ensure only authorized users can access corporate resources. Which of the following should the security team do? (Refer the answer from CompTIA SY0-601 Security+ documents or guide at comptia.org)
- A. Identify rogue access points.
- B. Implement domain hijacking.
- C. Create heat maps.
- D. Check for channel overlaps.
正解:A
解説:
Explanation
Based on CompTIA SY0-601 Security+ guide, the answer to the question is A. Identify rogue access points.
To secure the wireless perimeter of its physical facilities, the corporate security team should focus on identifying rogue access points, which are unauthorized access points that have been set up by employees or outsiders to bypass security controls. By identifying and removing these rogue access points, the team can ensure that only authorized users can access corporate resources through the wireless network.
https://www.comptia.org/training/books/security-sy0-601-study-guide
質問 # 150
An organization would like to give remote workers the ability to use applications hosted inside the corporate network Users will be allowed to use their personal computers or they will be provided organization assets Either way no data or applications will be installed locally on any user systems Which of the following mobile solutions would accomplish these goals?
- A. UTM
- B. COPE
- C. VDI
- D. MDM
正解:C
解説:
Explanation
MDM would require something to be installed. VDI, virtual desktop infrastructure, would allow employees to use run apps on the company network without installing locally.
質問 # 151
A company was recently breached Part of the company's new cybersecurity strategy is to centralize the logs from all security devices Which of the following components forwards the logs to a central source?
- A. Log aggregation
- B. Log collector
- C. Log enrichment
- D. Log parser
正解:D
質問 # 152
Which of the following is the MOST effective control against zero-day vulnerabilities?
- A. Patch management
- B. Network segmentation
- C. Multiple vulnerability scanners
- D. Intrusion prevention system
正解:B
質問 # 153
A company is concerned about individuals dnvmg a car into the building to gam access Which of the following security controls would work BEST to prevent this from happening?
- A. Bollard
- B. Access control vestibule
- C. Signage
- D. Camera
- E. Alarms
正解:A
解説:
Explanation
A bollard would work best to prevent individuals from driving a car into the building. A bollard is a short, vertical post that can be used to block vehicles from entering a designated area. It is specifically designed to stop cars from crashing into buildings or other structures.
質問 # 154
An enterprise has hired an outside security firm to facilitate penetration testing on its network and applications. The firm has agreed to pay for each vulnerability that is discovered. Which of the following BEST represents the type of testing that is being used?
- A. Black-box
- B. Red-team
- C. Gray-box
- D. White-box
- E. Bug bounty
正解:E
質問 # 155
A cybersecurity analyst needs to implement secure authentication to third-party websites without users' passwords. Which of the following would be the BEST way to achieve this objective?
- A. PAP
- B. OAuth
- C. SSO
- D. SAML
正解:B
質問 # 156
A company is setting up a web server on the Internet that will utilize both encrypted and unencrypted web-browsing protocols.
A security engineer runs a port scan against the server from the Internet and sees the following output:
Which of the following steps would be best for the security engineer to take NEXT?
- A. Block HTTPS access from the Internet
- B. Allow DNS access from the internet.
- C. Block SSH access from the Internet.
- D. Block SMTP access from the Internet
正解:C
質問 # 157
A security administrator needs to create a RAIS configuration that is focused on high read speeds and fault tolerance. It is unlikely that multiple drivers will fail simultaneously. Which of the following RAID configurations should the administration use?
- A. RA1D 0
- B. RAID1
- C. RAID 10
- D. RAID 5
正解:D
質問 # 158
As part of a company's ongoing SOC maturation process, the company wants to implement a method to share cyberthreat intelligence data with outside security partners. Which of the following will the company MOST likely implement?
- A. TTP
- B. TAXII
- C. TLP
- D. STIX
正解:A
質問 # 159
A large financial services firm recently released information regarding a security breach within its corporate network that began several years before. During the time frame in which the breach occurred, indicators show an attacker gained administrative access to the network through a file downloaded from a social media site and subsequently installed it without the user's knowledge. Since the compromise, the attacker was able to take command and control the computer systems anonymously while obtaining sensitive corporate and personal employee information. Which of the following methods did the attacker MOST likely use to gain access?
- A. A bot
- B. A RAT
- C. A logic bomb
- D. A fileless virus
正解:B
解説:
Remote access trojans (RATs) are malware designed to allow an attacker to remotely control an infected computer. Once the RAT is running on a compromised system, the attacker can send commands to it and receive data back in response.
質問 # 160
An enterprise has hired an outside security firm lo conduct a penetration test on its network and applications, The enterprise provided the firm with access to a guest account. Which af the following BEST represents the type of testing that is being used?
- A. Gray-box
- B. Black-box
- C. Red-team
- D. White-box
- E. Bug bounty
正解:A
質問 # 161
Security analysts are conducting an investigation of an attack that occurred inside the organization's network.
An attacker was able to connect network traffic between workstation throughout the network. The analysts review the following logs:
The layer 2 address table has hundred of entries similar to the ones above. Which of the following attacks has MOST likely occurred?
- A. DNS spoofing
- B. MAC flooding
- C. SQL injection
- D. ARP poisoning
正解:B
質問 # 162
A security analyst needs to generate a server certificate to be used for 802.1X and secure RDP connections.
The analyst is unsure what is required to perform the task and solicits help from a senior colleague. Which of the following is the FIRST step the senior colleague will most likely tell the analyst to perform to accomplish this task?
- A. Create an OCSP
- B. Generate a .pfx file
- C. Create a CRL
- D. Generate a CSR
正解:D
解説:
Explanation
A certificate signing request (CSR) is one of the first steps towards getting your own SSL/TLS certificate.
Generated on the same server you plan to install the certificate on, the CSR contains information (e.g. common name, organization, country) the Certificate Authority (CA) will use to create your certificate. It also contains the public key that will be included in your certificate and is signed with the corresponding private key. We'll go into more details on the roles of these keys below.
質問 # 163
......
CompTIA SY0-601試験は、サイバーセキュリティ業界の最新のトレンドと技術を反映した、以前のSY0-501試験の更新版です。クラウドセキュリティ、IoTセキュリティ、モバイルデバイスセキュリティなどの新しいトピックを含み、リスク管理とインシデント対応の重要性を強調しています。この認証は、世界のトップ組織や政府機関によって認められており、サイバーセキュリティ分野でキャリアを進めたいITプロフェッショナルにとって貴重な資産です。
SY0-601試験問題を今すぐ試そう!最新の[2023年最新] 正解回答付き:https://jp.fast2test.com/SY0-601-premium-file.html