SY0-601試験無料問題集（1061題）「CompTIA Security+ 認定」

出題：1

A security consultant needs secure, remote access to a client environment. Which of the following should the security consultant most likely use to gain access?

A. EAP

B. DHCP

C. IPSec

D. NAT

正解：C 解答を投票する

出題：2

one of the attendees starts to notice delays in the connection. and the HTTPS site requests are reverting to HTTP. Which of the following BEST describes what is happening?

A. DNS hacking to reroute traffic

B. Brute force to the access point

C. A SSL/TLS downgrade

D. Birthday collision on the certificate key

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

Audit logs indicate an administrative account that belongs to a security engineer has been locked out multiple times during the day. The security engineer has been on vacation (or a few days. Which of the following attacks can the account lockout be attributed to?

A. Trojan

B. Rootkit

C. Brute-force

D. Backdoor

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

Which of the following involves the inclusion of code in the main codebase as soon as it is written?

A. Continuous integration

B. Continuous Validation

C. Continuous monitoring

D. Continuous deployment

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

An employee receives a text message that appears to have been sent by the payroll department and is asking for credential verification. Which of the following social engineering techniques are being attempted? (Select two).

A. Smishing

B. Vishing

C. Misinformation

D. Typosquatting

E. Impersonation

F. Phishing

正解：A,E 解答を投票する

出題：6

A local business When of the following best describes a legal hold?

A. It occurs during litigabon and requires retention of both electronic and physical documents.
B It occurs during a risk assessment and requires retention of risk-related documents.

B. It occurs during incident recovery and requires retention of electronic documents

C. It occurs during a business impact analysis and requires retention of documents categorized as personally identifiable information

正解：A 解答を投票する

出題：7

Which of the following is the MOST secure but LEAST expensive data destruction method for data that is stored on hard drives?

A. Pulverizing

B. Degaussing

C. Shredding

D. Incinerating

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：8

The compliance team requires an annual recertification of privileged and non-privileged user access. However, multiple users who left the company six months ago still have access. Which of the following would have prevented this compliance violation?

A. Password reuse

B. AUP

C. Account audits

D. SSO

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：9

Which of the following actions could a security engineer take to ensure workstations and servers are properly monitored for unauthorized changes and software?

A. Configure all systems to log scheduled tasks.

B. Install endpoint management software on all systems

C. Block traffic based on known malicious signatures.

D. Collect and monitor all traffic exiting the network.

正解：B 解答を投票する

出題：10

Which of the following incident response steps occurs before containment?

A. Recovery

B. Identification

C. Eradication

D. Lessons learned

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：11

After gaining access to a dual-homed (i.e.. wired and wireless) multifunction device by exploiting a vulnerability in the device's firmware, a penetration tester then gains shell access on another networked asset This technique is an example of:

A. footprinting

B. persistence

C. privilege escalation

D. pivoting.

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：12

During an incident, an EDR system detects an increase in the number of encrypted outbound connections from multiple hosts. A firewall is also reporting an increase in outbound connections that use random high ports. An analyst plans to review the correlated logs to find the source of the incident. Which of the following tools will best assist the analyst?

A. A SIEM

B. The Windows Event Viewer

C. A vulnerability scanner

D. A NGFW

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

SY0-601試験無料問題集「CompTIA Security+ 認定」