Security+ SY0-601 Certification Practice Exam Study Questions And Answers 2023

Which of the following is an important aspect of evidence-gathering? Back up all log files and audit trails. Purge transaction logs. Restore damaged data from backup media. Monitor user access to compromised systems. - Back up all log files and audit trails. Which of the following items would be implemented at the Network layer of the security model? Wireless networks Network plans Firewalls using ACLs Penetration testing - Penetration testing Prepare to Document means establishing the process you will use to document your network. Which of the following makes this documentation more useful? Identify the choke points on the network. Automate administration as much as possible. Identify who is responsible for each device. Have a printed hard copy kept in a secure location. - Have a printed hard copy kept in a secure location. You assign access permissions so that users can only access the resources required to accomplish their specific work tasks. Which security principle are you complying with? Cross-training Job rotation Need to know Principle of least privilege - Principle of least privilege A recreation of historical events is made possible through which of the following? Incident reports Audits Audit trails Penetration testing - Audit trails An attacker uses an exploit to push a modified hosts file to client systems. This hosts file redirects traffic from legitimate tax preparation sites to malicious sites to gather personal and financial information. Which kind of exploit has been used in this scenario? Man-in-the-middle Reconnaissance DNS poisoning Domain name kiting - DNS poisoning When you inform an employee that he or she is being terminated, which of the following is the most important activity? Disable his or her network access Allow him or her to collect their personal items Allow him or her to complete their current work projects Give him or her two weeks' notice - Disable his or her network access Which protocol does HTTPS use to offer greater security in web transactions? Kerberos IPsec SSL Telnet - SSL How often should change-control management be implemented? Any time a production system is altered. At regular intervals throughout the year. Only when changes are made that affect senior management. Only when a production system is altered greatly. - Any time a production system is altered. A user copies files from her desktop computer to a USB flash device and puts the device into her pocket. Which of the following security risks is most pressing? Non-repudiation Confidentiality Availability Integrity - Confidentiality Which ISO publication lays out guidelines for selecting and implementing security controls? 31000 27002 27701 You are cleaning your desk at work. You toss several stacks of paper in the trash, including a sticky note with your password written on it. Which of the following types of non-technical password attacks have you enabled? Social engineering Dumpster diving Shoulder surfing Password guessing - Dumpster diving Which of the following functions does a single quote (') perform in an SQL injection? Indicates that everything after the single quote is a comment Indicates that the comment has ended and data is being entered Indicates that code is ending and a comment is being entered Indicates that data has ended and a command is beginning - Indicates that data has ended and a command is beginning You have detected and identified a security event. What's the first step you should complete? Isolation Segmentation Playbook Containment - Containment Which access control model is based on assigning attributes to objects and using Boolean logic to grant access based on the attributes of the subject? Mandatory Access Control (MAC) Role-Based Access Control (RBAC) Attribute-Based Access Control (ABAC) Rule-Based Access Control - Attribute-Based Access Control (ABAC) Which of the following types of auditing verifies that systems are utilized appropriately and in accordance with written organizational policies? Financial audit PoLP Internal audit Usage audit - Usage audit Which EAP implementation is MOST secure? EAP-MD5 LEAP EAP-FAST EAP-TLS - EAP-TLS Extensible Authentication Protocol - Transport Layer Security Which type of reconnaissance is dumpster diving? Active Passive Packet sniffing OSINT - Passive no active modification/querying is involved