CompTIA Security+ SY0-701 - Study |\ |\ |\ |\ |\
Guide - Practice Exam 1 questions with |\ |\ |\ |\ |\ |\ |\
answers
One of Murali's staff members has malware on their PC. They
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
claim that they downloaded only a spreadsheet tool, and not
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
malware. What type of malware have they encountered if the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
malware was designed to look legitimate but was actually
|\ |\ |\ |\ |\ |\ |\ |\ |\
malicious?
A. A worm
|\ |\
B. A virus
|\ |\
C. A Trojan
|\ |\
D. A rootkit - CORRECT ANSWERS ✔✔C. A Trojan
|\ |\ |\ |\ |\ |\ |\ |\
Trojans, or Trojan horses, are malware designed to appear
|\ |\ |\ |\ |\ |\ |\ |\ |\
legitimate but that are actually malicious. Viruses require human
|\ |\ |\ |\ |\ |\ |\ |\ |\
interaction to spread, whereas worms propagate on their own via
|\ |\ |\ |\ |\ |\ |\ |\ |\
networks, often targeting vulnerable services. Rootkits help
|\ |\ |\ |\ |\ |\ |\ |\
attackers obtain and maintain persistent access to systems.
|\ |\ |\ |\ |\ |\ |\
The authentication token that Susan uses generates codes based
|\ |\ |\ |\ |\ |\ |\ |\
on an algorithm that relies on the current time. What type of
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
token does Susan have? |\ |\ |\
A. HOTP
|\
B. Timestamp
|\
C. TOTP
|\
D. Time offset - CORRECT ANSWERS ✔✔C. TOTP
|\ |\ |\ |\ |\ |\ |\
,Susan has a time‐based OTP (TOTP) token. HMAC‐based one‐time
|\ |\ |\ |\ |\ |\ |\ |\
password (HOTP) tokens use a mathematical function that
|\ |\ |\ |\ |\ |\ |\ |\ |\
increments based on an event such as the click of a button. Time
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
stamp and time offset are used for forensic and log analysis but
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
are not types of tokens.
|\ |\ |\ |\
*What of the following would best allow you to quickly
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
summarize key risk indicators in real time for management using
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
graphs and charts? |\ |\
A. Regular updates
|\ |\
B. Dashboard reporting
|\ |\
C. Risk trend analysis
|\ |\ |\
D. Risk event reports - CORRECT ANSWERS ✔✔B. Dashboard
|\ |\ |\ |\ |\ |\ |\ |\ |\
reporting
Dashboard reporting utilizes visual aids like graphs and charts to
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
summarize risk data, usually in real time. This allows for a quick
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
understanding and monitoring of key risk indicators. Regular |\ |\ |\ |\ |\ |\ |\ |\
updates are routine reports that provide stakeholders with the
|\ |\ |\ |\ |\ |\ |\ |\ |\
status of risks, the effectiveness of controls, and any recent
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
changes or developments. Risk trend analysis reporting involves
|\ |\ |\ |\ |\ |\ |\ |\
analyzing historical data to identify patterns or trends in the risks
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
faced by the organization. Risk event reports focus on
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
documenting specific risk events, such as security breaches or |\ |\ |\ |\ |\ |\ |\ |\ |\
incidents, their impacts, and the responses taken.
|\ |\ |\ |\ |\ |\
Madhuri receives a text message asking her to contact the IRS
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
due to unpaid taxes. When she calls the number in the text
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
message, the person on the other end of the line attempts to get
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
her to disclose her bank account number, Social Security
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
,number, and other personal information. What type of attack is
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
this?
A. Vishing
|\
B. Phishing
|\
C. Spearphishing
|\
D. Smishing - CORRECT ANSWERS ✔✔D. Smishing
|\ |\ |\ |\ |\ |\
Smishing is phishing over SMS or text messages. Phishing is
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
typically done via email, whereas vishing is conducted via the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
phone. Spearphishing is done via email and specifically targeted
|\ |\ |\ |\ |\ |\ |\ |\ |\
at individuals or small groups.
|\ |\ |\ |\
Gabby's organization captures sensitive customer information.
|\ |\ |\ |\ |\ |\
Sales representatives and others often work with that data on
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
local workstations and laptops. After a recent inadvertent data
|\ |\ |\ |\ |\ |\ |\ |\ |\
breach where a salesperson accidentally sent a spreadsheet of
|\ |\ |\ |\ |\ |\ |\ |\ |\
customer information to another customer, the organization is
|\ |\ |\ |\ |\ |\ |\ |\
seeking a technology solution that can help prevent similar
|\ |\ |\ |\ |\ |\ |\ |\ |\
problems. What should Gabby recommend? |\ |\ |\ |\
A. IDS
|\
B. FSB
|\
C. DLP
|\
D. FDE - CORRECT ANSWERS ✔✔C. DLP
|\ |\ |\ |\ |\ |\
Data loss prevention (DLP) can tag sensitive data and then scan
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
outbound communications for that data. Once tagged data or
|\ |\ |\ |\ |\ |\ |\ |\ |\
data that matches specific patterns such as credit card numbers
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
or Social Security numbers is discovered, DLP can alert the user
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
or take other action. An intrusion detection system (IDS) detects
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
inbound traffic patterns but cannot stop an outbound email. FSB
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
, is not a security term, and full‐disk encryption (FDE) can help
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
prevent data loss if a system is lost or stolen.
|\ |\ |\ |\ |\ |\ |\ |\ |\
*Fred wants to implement trusted boot and knows that he needs
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
to make sure that his workstations and laptops have the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
appropriate hardware to support it. What hardware should he |\ |\ |\ |\ |\ |\ |\ |\ |\
ensure is built into the systems he is purchasing?
|\ |\ |\ |\ |\ |\ |\ |\
A. TPM|\
B. HSM|\
C. IPS|\
D. NGFW - CORRECT ANSWERS ✔✔A. TPM
|\ |\ |\ |\ |\ |\
A Trusted Platform Module (TPM) is used by UEFI as part of the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
boot process to validate the boot objects and programs or to
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
document what is started so that boot attestation can occur. A
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
hardware security module (HSM) is used to create, store, and
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
manage encryption keys and certificates. An intrusion prevention
|\ |\ |\ |\ |\ |\ |\ |\
system (IPS) and a next‐generation firewall (NGFW) are both
|\ |\ |\ |\ |\ |\ |\ |\ |\
network security devices. |\ |\
*Sarah is a cybersecurity analyst at a growing e‐commerce
|\ |\ |\ |\ |\ |\ |\ |\ |\
company. She's tasked with enhancing the company's email
|\ |\ |\ |\ |\ |\ |\ |\
security measures. The management wants to ensure that email
|\ |\ |\ |\ |\ |\ |\ |\ |\
messages from their domain are verified for their authenticity
|\ |\ |\ |\ |\ |\ |\ |\ |\
and can't be tampered with, and that other sites know how to
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
handle emails from their domain. Which protocol(s) should Sarah
|\ |\ |\ |\ |\ |\ |\ |\ |\
deploy?
A. SPF only
|\ |\
B. DKIM only
|\ |\
C. SPF and DKIM
|\ |\ |\
Guide - Practice Exam 1 questions with |\ |\ |\ |\ |\ |\ |\
answers
One of Murali's staff members has malware on their PC. They
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
claim that they downloaded only a spreadsheet tool, and not
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
malware. What type of malware have they encountered if the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
malware was designed to look legitimate but was actually
|\ |\ |\ |\ |\ |\ |\ |\ |\
malicious?
A. A worm
|\ |\
B. A virus
|\ |\
C. A Trojan
|\ |\
D. A rootkit - CORRECT ANSWERS ✔✔C. A Trojan
|\ |\ |\ |\ |\ |\ |\ |\
Trojans, or Trojan horses, are malware designed to appear
|\ |\ |\ |\ |\ |\ |\ |\ |\
legitimate but that are actually malicious. Viruses require human
|\ |\ |\ |\ |\ |\ |\ |\ |\
interaction to spread, whereas worms propagate on their own via
|\ |\ |\ |\ |\ |\ |\ |\ |\
networks, often targeting vulnerable services. Rootkits help
|\ |\ |\ |\ |\ |\ |\ |\
attackers obtain and maintain persistent access to systems.
|\ |\ |\ |\ |\ |\ |\
The authentication token that Susan uses generates codes based
|\ |\ |\ |\ |\ |\ |\ |\
on an algorithm that relies on the current time. What type of
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
token does Susan have? |\ |\ |\
A. HOTP
|\
B. Timestamp
|\
C. TOTP
|\
D. Time offset - CORRECT ANSWERS ✔✔C. TOTP
|\ |\ |\ |\ |\ |\ |\
,Susan has a time‐based OTP (TOTP) token. HMAC‐based one‐time
|\ |\ |\ |\ |\ |\ |\ |\
password (HOTP) tokens use a mathematical function that
|\ |\ |\ |\ |\ |\ |\ |\ |\
increments based on an event such as the click of a button. Time
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
stamp and time offset are used for forensic and log analysis but
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
are not types of tokens.
|\ |\ |\ |\
*What of the following would best allow you to quickly
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
summarize key risk indicators in real time for management using
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
graphs and charts? |\ |\
A. Regular updates
|\ |\
B. Dashboard reporting
|\ |\
C. Risk trend analysis
|\ |\ |\
D. Risk event reports - CORRECT ANSWERS ✔✔B. Dashboard
|\ |\ |\ |\ |\ |\ |\ |\ |\
reporting
Dashboard reporting utilizes visual aids like graphs and charts to
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
summarize risk data, usually in real time. This allows for a quick
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
understanding and monitoring of key risk indicators. Regular |\ |\ |\ |\ |\ |\ |\ |\
updates are routine reports that provide stakeholders with the
|\ |\ |\ |\ |\ |\ |\ |\ |\
status of risks, the effectiveness of controls, and any recent
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
changes or developments. Risk trend analysis reporting involves
|\ |\ |\ |\ |\ |\ |\ |\
analyzing historical data to identify patterns or trends in the risks
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
faced by the organization. Risk event reports focus on
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
documenting specific risk events, such as security breaches or |\ |\ |\ |\ |\ |\ |\ |\ |\
incidents, their impacts, and the responses taken.
|\ |\ |\ |\ |\ |\
Madhuri receives a text message asking her to contact the IRS
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
due to unpaid taxes. When she calls the number in the text
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
message, the person on the other end of the line attempts to get
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
her to disclose her bank account number, Social Security
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
,number, and other personal information. What type of attack is
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
this?
A. Vishing
|\
B. Phishing
|\
C. Spearphishing
|\
D. Smishing - CORRECT ANSWERS ✔✔D. Smishing
|\ |\ |\ |\ |\ |\
Smishing is phishing over SMS or text messages. Phishing is
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
typically done via email, whereas vishing is conducted via the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
phone. Spearphishing is done via email and specifically targeted
|\ |\ |\ |\ |\ |\ |\ |\ |\
at individuals or small groups.
|\ |\ |\ |\
Gabby's organization captures sensitive customer information.
|\ |\ |\ |\ |\ |\
Sales representatives and others often work with that data on
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
local workstations and laptops. After a recent inadvertent data
|\ |\ |\ |\ |\ |\ |\ |\ |\
breach where a salesperson accidentally sent a spreadsheet of
|\ |\ |\ |\ |\ |\ |\ |\ |\
customer information to another customer, the organization is
|\ |\ |\ |\ |\ |\ |\ |\
seeking a technology solution that can help prevent similar
|\ |\ |\ |\ |\ |\ |\ |\ |\
problems. What should Gabby recommend? |\ |\ |\ |\
A. IDS
|\
B. FSB
|\
C. DLP
|\
D. FDE - CORRECT ANSWERS ✔✔C. DLP
|\ |\ |\ |\ |\ |\
Data loss prevention (DLP) can tag sensitive data and then scan
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
outbound communications for that data. Once tagged data or
|\ |\ |\ |\ |\ |\ |\ |\ |\
data that matches specific patterns such as credit card numbers
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
or Social Security numbers is discovered, DLP can alert the user
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
or take other action. An intrusion detection system (IDS) detects
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
inbound traffic patterns but cannot stop an outbound email. FSB
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
, is not a security term, and full‐disk encryption (FDE) can help
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
prevent data loss if a system is lost or stolen.
|\ |\ |\ |\ |\ |\ |\ |\ |\
*Fred wants to implement trusted boot and knows that he needs
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
to make sure that his workstations and laptops have the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
appropriate hardware to support it. What hardware should he |\ |\ |\ |\ |\ |\ |\ |\ |\
ensure is built into the systems he is purchasing?
|\ |\ |\ |\ |\ |\ |\ |\
A. TPM|\
B. HSM|\
C. IPS|\
D. NGFW - CORRECT ANSWERS ✔✔A. TPM
|\ |\ |\ |\ |\ |\
A Trusted Platform Module (TPM) is used by UEFI as part of the
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
boot process to validate the boot objects and programs or to
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
document what is started so that boot attestation can occur. A
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
hardware security module (HSM) is used to create, store, and
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
manage encryption keys and certificates. An intrusion prevention
|\ |\ |\ |\ |\ |\ |\ |\
system (IPS) and a next‐generation firewall (NGFW) are both
|\ |\ |\ |\ |\ |\ |\ |\ |\
network security devices. |\ |\
*Sarah is a cybersecurity analyst at a growing e‐commerce
|\ |\ |\ |\ |\ |\ |\ |\ |\
company. She's tasked with enhancing the company's email
|\ |\ |\ |\ |\ |\ |\ |\
security measures. The management wants to ensure that email
|\ |\ |\ |\ |\ |\ |\ |\ |\
messages from their domain are verified for their authenticity
|\ |\ |\ |\ |\ |\ |\ |\ |\
and can't be tampered with, and that other sites know how to
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
handle emails from their domain. Which protocol(s) should Sarah
|\ |\ |\ |\ |\ |\ |\ |\ |\
deploy?
A. SPF only
|\ |\
B. DKIM only
|\ |\
C. SPF and DKIM
|\ |\ |\
