Comptia (SY0-601) Exam Questions And Answers page 29
A security analyst is reviewing logs on a server and observes the following output:
Which of the following is the security analyst observing?
Which of the following is the security analyst observing?
A password-spraying attack
A dictionary attack
A keylogger attack
Threats, Attacks, and Vulnerabilities
Identity and Access Management
A security operations analyst is using the company s SIEM solution to correlate alerts. Which of the following stages of the incident response process is this an example of?
Eradiction
Recovery
Identification
Preparation
Threats, Attacks, and Vulnerabilities
Technologies and Tools
A security analyst is reviewing the following command-line output:
Which of the following is the analyst observing?
Which of the following is the analyst observing?
ICMP spoofing
URL redirection
MAC address cloning
DNS poisoning
Threats, Attacks, and Vulnerabilities
Identity and Access Management
A security analyst needs to complete an assessment. The analyst is logged into a server and must use native tools to map services running on it to the server s listening ports. Which of the following tools can BEST accomplish this task?
Netcat
Netstat
Nmap
Nessus
Technologies and Tools
Architecture and Design
The Chief Security Officer (CSO) at a major hospital wants to implement SSO to help improve security in the environment and protect patient data, particularly at shared terminals. The Chief Risk Officer (CRO) is concerned that training and guidance have not been provided to frontline staff, and a risk analysis has not been performed. Which of the following is the MOST likely cause of the CRO s concerns?
SSO would simplify username and password management, making it easier for hackers to guess accounts.
SSO would reduce password fatigue, but staff would still need to remember more complex passwords.
SSO would reduce the password complexity for frontline staff.
SSO would reduce the resilience and availability of systems if the identity provider goes offline.
Identity and Access Management
Risk Management
A vulnerability assessment report will include the CVSS score of the discovered vulnerabilities because the score allows the organization to better:
validate the vulnerability exists in the organization s network through penetration testing.
research the appropriate mitigation techniques in a vulnerability database.
find the software patches that are required to mitigate a vulnerability.
prioritize remediation of vulnerabilities based on the possible impact.
Threats, Attacks, and Vulnerabilities
Identity and Access Management
In which of the following situations would it be BEST to use a detective control type for mitigation?
A company implemented a network load balancer to ensure 99.999% availability of its web application.
A company designed a backup solution to increase the chances of restoring services in case of a natural disaster.
A company purchased an application-level firewall to isolate traffic between the accounting department and the information technology department.
A company purchased an IPS system, but after reviewing the requirements, the appliance was supposed to monitor, not block, any traffic.
A company purchased liability insurance for flood protection on all capital assets.
Threats, Attacks, and Vulnerabilities
Risk Management
A security analyst needs to perform periodic vulnerability scans on production systems. Which of the following scan types would produce the BEST vulnerability scan report?
Port
Intrusive
Host discovery
Credentialed
Threats, Attacks, and Vulnerabilities
An analyst needs to set up a method for securely transferring files between systems. One of the requirements is to authenticate the IP header and the payload. Which of the following services would BEST meet the criteria?
TLS
PFS
ESP
AH
Technologies and Tools
Cryptography and PKI
A cybersecurity analyst needs to implement secure authentication to third-party websites without users passwords. Which of the following would be the BEST way to achieve this objective?
OAuth
SSO
SAML
PAP
Architecture and Design
Identity and Access Management
Comments