CompTIA Security+ SY0-601 Cert Guide
ST
– 5th Edition
UV
TEST BANK
IA
_A
PP
Omar Santos
RO
Comprehensive Test Bank for Instructors and
VE
Students
D?
© Omar Santos
All rights reserved. Reproduction or distribution without permission is prohibited.
??
©STUDYSTREAM
, CompTIA Security+ SY0-601 Cert Guide 5th Edition Omar Santos
ST
Chapter 1: Comparing and Contrasting Different Types of Social
Engineering Techniques
UV
1. Which of these is an example of social engineering?
A. Phishing
B. Virus
C. Worm
D. Trojan horse
IA
Answer: A
2. Impersonating someone’s identity for the purpose of gaining information is called:
_A
A. Phishing
B. Spear phishing
C. Pretexting
D. Tailgating
PP
Answer: C
3. Smishing attacks are carried out using what medium?
A. Email
B. Text messages
RO
C. Websites
D. Voice
Answer: B
4. Which of these describes a threat actor redirecting a victim from a valid website to a malicious
VE
fake?
A. Pharming
B. Tailgating
C. Dumpster diving
D?
D. Phishing
Answer: A
5. Whaling is most similar to which other kind of attack?
A. Credential harvesting
??
B. Watering hole attack
C. Shoulder surfing
D. Phishing
, Answer: D
6. Which of these is NOT a type of social engineering attack?
ST
A. Prepending
B. Piggybacking
C. Spear phishing
D. Pretexting
UV
Answer: A
7. Which kind of attack targets users based on the common websites they frequent?
A. Pretexting
B. Watering hole attack
IA
C. Eavesdropping
D. Vishing
Answer: B
_A
8. A social engineer calls an IT specialist sounding panicked and stating that they are an employee who
needs to get into their email account right away to address a time-sensitive request from an
important client. Which motivation technique are they using?
A. Urgency
PP
B. Scarcity
C. Authority
D. Intimidation
Answer: A
RO
9. Which of these is NOT a best practice for avoiding social media attacks?
A. Never share passwords or PINs.
B. Shield keypads and screens when entering authentication information.
C. Examine any unknown removable media to make sure it does not contain malware.
VE
D. Shred any sensitive information destined for garbage or recycling.
Answer: C
10. What government funded research association provides a set of matrices that document the
tactics attackers use to compromise systems?
D?
A. The MITRE Corporation
B. W3C
C. The Social Engineering Toolkit
D. MAL*WAR
??
Answer: A
, Chapter 2: Analyzing Potential Indicators to Determine the Type of
Attack
ST
1. Ransomware is a type of what?
A. Cryptoviral extortion
UV
B. Distributed denial of service attack
C. Worm
D. Trojan horse
Answer: A
2. Which of these is a program that appears useful but allows an attacker administrator-level access to
IA
a system?
A. Worm
B. Keylogger
_A
C. Rainbow table
D. Remote access Trojan (RAT)
Answer: D
3. What is the purpose of a rootkit?
PP
A. Encrypt important files and ask for payment to decrypt them
B. Spread virus code by attaching to executable files
C. Install at a low level and then perform malicious operations without being detected
D. Secretly record all keystrokes, including passwords
RO
Answer: C
4. Which of these is a key characteristic of a worm?
A. Replicates by attaching itself to executable files
B. Self-replicates
VE
C. Is able to crack weak passwords
D. Appears to be a legitimate program but contains malware
Answer: B
D?
5. A keylogger is a form of what type of malware?
A. Spyware
B. Logic bomb
C. Virus
??
D. Ransomware
Answer: A
ST
– 5th Edition
UV
TEST BANK
IA
_A
PP
Omar Santos
RO
Comprehensive Test Bank for Instructors and
VE
Students
D?
© Omar Santos
All rights reserved. Reproduction or distribution without permission is prohibited.
??
©STUDYSTREAM
, CompTIA Security+ SY0-601 Cert Guide 5th Edition Omar Santos
ST
Chapter 1: Comparing and Contrasting Different Types of Social
Engineering Techniques
UV
1. Which of these is an example of social engineering?
A. Phishing
B. Virus
C. Worm
D. Trojan horse
IA
Answer: A
2. Impersonating someone’s identity for the purpose of gaining information is called:
_A
A. Phishing
B. Spear phishing
C. Pretexting
D. Tailgating
PP
Answer: C
3. Smishing attacks are carried out using what medium?
A. Email
B. Text messages
RO
C. Websites
D. Voice
Answer: B
4. Which of these describes a threat actor redirecting a victim from a valid website to a malicious
VE
fake?
A. Pharming
B. Tailgating
C. Dumpster diving
D?
D. Phishing
Answer: A
5. Whaling is most similar to which other kind of attack?
A. Credential harvesting
??
B. Watering hole attack
C. Shoulder surfing
D. Phishing
, Answer: D
6. Which of these is NOT a type of social engineering attack?
ST
A. Prepending
B. Piggybacking
C. Spear phishing
D. Pretexting
UV
Answer: A
7. Which kind of attack targets users based on the common websites they frequent?
A. Pretexting
B. Watering hole attack
IA
C. Eavesdropping
D. Vishing
Answer: B
_A
8. A social engineer calls an IT specialist sounding panicked and stating that they are an employee who
needs to get into their email account right away to address a time-sensitive request from an
important client. Which motivation technique are they using?
A. Urgency
PP
B. Scarcity
C. Authority
D. Intimidation
Answer: A
RO
9. Which of these is NOT a best practice for avoiding social media attacks?
A. Never share passwords or PINs.
B. Shield keypads and screens when entering authentication information.
C. Examine any unknown removable media to make sure it does not contain malware.
VE
D. Shred any sensitive information destined for garbage or recycling.
Answer: C
10. What government funded research association provides a set of matrices that document the
tactics attackers use to compromise systems?
D?
A. The MITRE Corporation
B. W3C
C. The Social Engineering Toolkit
D. MAL*WAR
??
Answer: A
, Chapter 2: Analyzing Potential Indicators to Determine the Type of
Attack
ST
1. Ransomware is a type of what?
A. Cryptoviral extortion
UV
B. Distributed denial of service attack
C. Worm
D. Trojan horse
Answer: A
2. Which of these is a program that appears useful but allows an attacker administrator-level access to
IA
a system?
A. Worm
B. Keylogger
_A
C. Rainbow table
D. Remote access Trojan (RAT)
Answer: D
3. What is the purpose of a rootkit?
PP
A. Encrypt important files and ask for payment to decrypt them
B. Spread virus code by attaching to executable files
C. Install at a low level and then perform malicious operations without being detected
D. Secretly record all keystrokes, including passwords
RO
Answer: C
4. Which of these is a key characteristic of a worm?
A. Replicates by attaching itself to executable files
B. Self-replicates
VE
C. Is able to crack weak passwords
D. Appears to be a legitimate program but contains malware
Answer: B
D?
5. A keylogger is a form of what type of malware?
A. Spyware
B. Logic bomb
C. Virus
??
D. Ransomware
Answer: A
