CompTIA Security+ SYO-601 Post-Assessment Quiz Already Passed

CompTIA Security+ SYO-601 Post-Assessment Quiz Already Passed Typically, certain employees of an organization get texts that update them on various IT activities. If there is a support ticket or downtime, they will receive texts to let them know about the activity. They have started to receive some messages via text instructing them to call the IT help desk at the provided number. When they call the help desk number, a recording asks them for their employee ID. Assuming that the IT department did not send those texts, which of the following social engineering attacks is this? a. Smishing b. Whaling c. Spimming d. Vishing Smishing Which of the following social engineering attacks continues to be a primary weapon used by threat actors? a. Vishing b. Spear phishing c. Phishing d. Google dorking Phishing David, a software engineer, recently bought a brand new laptop because his enterprise follows the BYOD (bring your own device) model. David was part of a software development project where the software code was leaked before its release. Further investigation proved that a vulnerability in David's laptop caused the exposure. David insists he never used the laptop to access any network or integrate any devices, and the laptop was kept in a vault while not in use. Which of the following attack vectors was used by the threat actor? a. Direct access b. Wireless c. Supply chain d. Removable media Supply chain Which category of cybersecurity vulnerability is exploited by attackers before anyone else knows about it? a. Patches b. Platforms c. Zero day d. Third parties Zero day You are hired by a startup company as a security expert. You are asked to choose an effective method to host all the enterprise's services, which must be highly secure, easily scalable, and cost-effective. Which of the following platforms is ideal in this situation? a. Legacy platform b. Cloud platform c. On-premises platform d. Root platform Cloud platform The company that developed the office productivity software used on both static and mobile devices by your organization has audited some code and noticed a potential security issue. To address the issue, they have released and automatically scheduled an update to ensure that all users receive it. Which of the following might still be vulnerable after the patch?