CompTIA Security+ SY0-601 Cert Guide
TU
– 5th Edition
TEST BANK
V
IA
?_
AP
Omar Santos
Comprehensive Test Bank for Instructors and
PR
Students
OV
© Omar Santos
All rights reserved. Reproduction or distribution without permission is prohibited.
ED
??
?
©Medexcellence
, CompTIA Security+ SY0-601 Cert Guide 5th Edition Omar Santos
Chapter 1: Comparing and Contrasting Different Types of Social
TU
Engineering Techniques
1. Which of these is an example of social engineering?
V
A. Phishing
B. Virus
C. Worm
IA
D. Trojan horse
Answer: A
2. Impersonating someone’s identity for the purpose of gaining information is called:
?_
A. Phishing
B. Spear phishing
C. Pretexting
AP
D. Tailgating
Answer: C
3. Smishing attacks are carried out using what medium?
A. Email
PR
B. Text messages
C. Websites
D. Voice
Answer: B
OV
4. Which of these describes a threat actor redirecting a victim from a valid website to a malicious
fake?
A. Pharming
B. Tailgating
ED
C. Dumpster diving
D. Phishing
Answer: A
5. Whaling is most similar to which other kind of attack?
??
A. Credential harvesting
B. Watering hole attack
C. Shoulder surfing
D. Phishing
?
, Answer: D
6. Which of these is NOT a type of social engineering attack?
A. Prepending
TU
B. Piggybacking
C. Spear phishing
D. Pretexting
Answer: A
V
7. Which kind of attack targets users based on the common websites they frequent?
A. Pretexting
IA
B. Watering hole attack
C. Eavesdropping
D. Vishing
?_
Answer: B
8. A social engineer calls an IT specialist sounding panicked and stating that they are an employee who
needs to get into their email account right away to address a time-sensitive request from an
important client. Which motivation technique are they using?
AP
A. Urgency
B. Scarcity
C. Authority
D. Intimidation
PR
Answer: A
9. Which of these is NOT a best practice for avoiding social media attacks?
A. Never share passwords or PINs.
B. Shield keypads and screens when entering authentication information.
OV
C. Examine any unknown removable media to make sure it does not contain malware.
D. Shred any sensitive information destined for garbage or recycling.
Answer: C
10. What government funded research association provides a set of matrices that document the
ED
tactics attackers use to compromise systems?
A. The MITRE Corporation
B. W3C
C. The Social Engineering Toolkit
??
D. MAL*WAR
Answer: A
?
, Chapter 2: Analyzing Potential Indicators to Determine the Type of
Attack
TU
1. Ransomware is a type of what?
A. Cryptoviral extortion
B. Distributed denial of service attack
C. Worm
V
D. Trojan horse
Answer: A
IA
2. Which of these is a program that appears useful but allows an attacker administrator-level access to
a system?
A. Worm
?_
B. Keylogger
C. Rainbow table
D. Remote access Trojan (RAT)
Answer: D
AP
3. What is the purpose of a rootkit?
A. Encrypt important files and ask for payment to decrypt them
B. Spread virus code by attaching to executable files
PR
C. Install at a low level and then perform malicious operations without being detected
D. Secretly record all keystrokes, including passwords
Answer: C
4. Which of these is a key characteristic of a worm?
OV
A. Replicates by attaching itself to executable files
B. Self-replicates
C. Is able to crack weak passwords
D. Appears to be a legitimate program but contains malware
Answer: B
ED
5. A keylogger is a form of what type of malware?
A. Spyware
B. Logic bomb
??
C. Virus
D. Ransomware
Answer: A
?
TU
– 5th Edition
TEST BANK
V
IA
?_
AP
Omar Santos
Comprehensive Test Bank for Instructors and
PR
Students
OV
© Omar Santos
All rights reserved. Reproduction or distribution without permission is prohibited.
ED
??
?
©Medexcellence
, CompTIA Security+ SY0-601 Cert Guide 5th Edition Omar Santos
Chapter 1: Comparing and Contrasting Different Types of Social
TU
Engineering Techniques
1. Which of these is an example of social engineering?
V
A. Phishing
B. Virus
C. Worm
IA
D. Trojan horse
Answer: A
2. Impersonating someone’s identity for the purpose of gaining information is called:
?_
A. Phishing
B. Spear phishing
C. Pretexting
AP
D. Tailgating
Answer: C
3. Smishing attacks are carried out using what medium?
A. Email
PR
B. Text messages
C. Websites
D. Voice
Answer: B
OV
4. Which of these describes a threat actor redirecting a victim from a valid website to a malicious
fake?
A. Pharming
B. Tailgating
ED
C. Dumpster diving
D. Phishing
Answer: A
5. Whaling is most similar to which other kind of attack?
??
A. Credential harvesting
B. Watering hole attack
C. Shoulder surfing
D. Phishing
?
, Answer: D
6. Which of these is NOT a type of social engineering attack?
A. Prepending
TU
B. Piggybacking
C. Spear phishing
D. Pretexting
Answer: A
V
7. Which kind of attack targets users based on the common websites they frequent?
A. Pretexting
IA
B. Watering hole attack
C. Eavesdropping
D. Vishing
?_
Answer: B
8. A social engineer calls an IT specialist sounding panicked and stating that they are an employee who
needs to get into their email account right away to address a time-sensitive request from an
important client. Which motivation technique are they using?
AP
A. Urgency
B. Scarcity
C. Authority
D. Intimidation
PR
Answer: A
9. Which of these is NOT a best practice for avoiding social media attacks?
A. Never share passwords or PINs.
B. Shield keypads and screens when entering authentication information.
OV
C. Examine any unknown removable media to make sure it does not contain malware.
D. Shred any sensitive information destined for garbage or recycling.
Answer: C
10. What government funded research association provides a set of matrices that document the
ED
tactics attackers use to compromise systems?
A. The MITRE Corporation
B. W3C
C. The Social Engineering Toolkit
??
D. MAL*WAR
Answer: A
?
, Chapter 2: Analyzing Potential Indicators to Determine the Type of
Attack
TU
1. Ransomware is a type of what?
A. Cryptoviral extortion
B. Distributed denial of service attack
C. Worm
V
D. Trojan horse
Answer: A
IA
2. Which of these is a program that appears useful but allows an attacker administrator-level access to
a system?
A. Worm
?_
B. Keylogger
C. Rainbow table
D. Remote access Trojan (RAT)
Answer: D
AP
3. What is the purpose of a rootkit?
A. Encrypt important files and ask for payment to decrypt them
B. Spread virus code by attaching to executable files
PR
C. Install at a low level and then perform malicious operations without being detected
D. Secretly record all keystrokes, including passwords
Answer: C
4. Which of these is a key characteristic of a worm?
OV
A. Replicates by attaching itself to executable files
B. Self-replicates
C. Is able to crack weak passwords
D. Appears to be a legitimate program but contains malware
Answer: B
ED
5. A keylogger is a form of what type of malware?
A. Spyware
B. Logic bomb
??
C. Virus
D. Ransomware
Answer: A
?
