SY0-601 Study test questions and
answers 2024-2025
A Certificate Revocation List (CRL) has a publish period set to 24 hours. Based on the
normal procedures for a CRL, what is the most applicable validity period for this
certificate? - ANSWER-*26 hours*
1 hour
23 hours
72 hours
A client contacts a server for a data transfer. Instead of requesting TLS1.3
authentication, the client claims legacy systems require the use of SSL. What type of
attack might a data transfer using this protocol facilitate? - ANSWER-Credential
harvesting
Key stretching
Phishing
*Man-in-the-middle*
A company has a critical encryption key that has an M-of-N control configuration for
protection. Examine the examples and select the one that correctly illustrates the proper
configuration for this type of protection of critical encryption keys. - ANSWER-M=1 and
N=5
*M=3 and N=5*
M=6 and N=5
M=0 and N=5
A company has an annual contract with an outside firm to perform a security audit on
their network. The purpose of the annual audit is to determine if the company is in
compliance with their internal directives and policies for security control. What broad
class of security control that accurately demonstrates the purpose of the audit? -
ANSWER-*Managerial*
Technical
Physical
Compensating
,A company technician goes on vacation. While the technician is away, a critical patch
released for Windows servers is not applied. According to the National Institute of
Standards and Technology (NIST), what does the delay in applying the patch create on
the server? - ANSWER-Control
Risk
Threat
*Vulnerability*
A contractor has been hired to conduct penetration testing on a company's network.
They have decided to try to crack the passwords on a percentage of systems within the
company. They plan to annotate the type of data that is on the systems that they can
successfully crack to prove the ease of access to data. Evaluate the penetration steps
and determine which are being utilized for this task. (Select all that apply.) - ANSWER-
*Test security controls*
Bypass security controls
Verify a threat exists
*Exploit vulnerabilities*
A contractor has been hired to conduct security reconnaissance on a company. The
contractor browses the company's website to identify employees and then finds their
Facebook pages. Posts found on Facebook indicate a favorite bar that employees
frequent. The contractor visits the bar and learns details of the company's security
infrastructure through small talk. What reconnaissance phase techniques does the
contractor practice? (Select all that apply.) - ANSWER-*Open Source Intelligence
(OSINT)*
Scanning
*Social engineering*
Persistence
A Department of Defense (DoD) security team identifies a data breach in progress,
based on some anomalous log entries, and take steps to remedy the breach and
harden their systems. When they resolve the breach, they want to publish the cyber
threat intelligence (CTI) securely, using standardized language for other government
agencies to use. The team will transmit threat data feed via which protocol? - ANSWER-
Structured Threat Information eXpression (STIX)
Automated Indicator Sharing (AIS)
, *Trusted Automated eXchange of Indicator Information (TAXII)*
A code repository protocol
A gaming company decides to add software on each title it releases. The company's
objective is to require the CD to be inserted during use. This software will gain
administrative rights, change system files, and hide from detection without the
knowledge or consent of the user. Consider the malware characteristics and determine
which is being used. - ANSWER-Spyware
Keylogger
*Rootkit*
Trojan
A hacker is able to install a keylogger on a user's computer. What is the hacker
attempting to do in this situation? - ANSWER-Key management
Encryption
Obfuscation
*Steal confidential information*
A hacker set up a Command and Control network to control a compromised host. What
is the ability of the hacker to use this remote connection method as needed known as? -
ANSWER-Weaponization
*Persistence*
Reconnaissance
Pivoting
A hospital must balance the need to keep patient privacy information secure and the
desire to analyze the contents of patient records for a scientific study. What
cryptographic technology can best support the hospital's needs? - ANSWER-Blockchain
Quantum computing is not yet sufficiently secure to run current cryptographic ciphers.
Perfect forward security (PFS)
Homomorphic encryption
answers 2024-2025
A Certificate Revocation List (CRL) has a publish period set to 24 hours. Based on the
normal procedures for a CRL, what is the most applicable validity period for this
certificate? - ANSWER-*26 hours*
1 hour
23 hours
72 hours
A client contacts a server for a data transfer. Instead of requesting TLS1.3
authentication, the client claims legacy systems require the use of SSL. What type of
attack might a data transfer using this protocol facilitate? - ANSWER-Credential
harvesting
Key stretching
Phishing
*Man-in-the-middle*
A company has a critical encryption key that has an M-of-N control configuration for
protection. Examine the examples and select the one that correctly illustrates the proper
configuration for this type of protection of critical encryption keys. - ANSWER-M=1 and
N=5
*M=3 and N=5*
M=6 and N=5
M=0 and N=5
A company has an annual contract with an outside firm to perform a security audit on
their network. The purpose of the annual audit is to determine if the company is in
compliance with their internal directives and policies for security control. What broad
class of security control that accurately demonstrates the purpose of the audit? -
ANSWER-*Managerial*
Technical
Physical
Compensating
,A company technician goes on vacation. While the technician is away, a critical patch
released for Windows servers is not applied. According to the National Institute of
Standards and Technology (NIST), what does the delay in applying the patch create on
the server? - ANSWER-Control
Risk
Threat
*Vulnerability*
A contractor has been hired to conduct penetration testing on a company's network.
They have decided to try to crack the passwords on a percentage of systems within the
company. They plan to annotate the type of data that is on the systems that they can
successfully crack to prove the ease of access to data. Evaluate the penetration steps
and determine which are being utilized for this task. (Select all that apply.) - ANSWER-
*Test security controls*
Bypass security controls
Verify a threat exists
*Exploit vulnerabilities*
A contractor has been hired to conduct security reconnaissance on a company. The
contractor browses the company's website to identify employees and then finds their
Facebook pages. Posts found on Facebook indicate a favorite bar that employees
frequent. The contractor visits the bar and learns details of the company's security
infrastructure through small talk. What reconnaissance phase techniques does the
contractor practice? (Select all that apply.) - ANSWER-*Open Source Intelligence
(OSINT)*
Scanning
*Social engineering*
Persistence
A Department of Defense (DoD) security team identifies a data breach in progress,
based on some anomalous log entries, and take steps to remedy the breach and
harden their systems. When they resolve the breach, they want to publish the cyber
threat intelligence (CTI) securely, using standardized language for other government
agencies to use. The team will transmit threat data feed via which protocol? - ANSWER-
Structured Threat Information eXpression (STIX)
Automated Indicator Sharing (AIS)
, *Trusted Automated eXchange of Indicator Information (TAXII)*
A code repository protocol
A gaming company decides to add software on each title it releases. The company's
objective is to require the CD to be inserted during use. This software will gain
administrative rights, change system files, and hide from detection without the
knowledge or consent of the user. Consider the malware characteristics and determine
which is being used. - ANSWER-Spyware
Keylogger
*Rootkit*
Trojan
A hacker is able to install a keylogger on a user's computer. What is the hacker
attempting to do in this situation? - ANSWER-Key management
Encryption
Obfuscation
*Steal confidential information*
A hacker set up a Command and Control network to control a compromised host. What
is the ability of the hacker to use this remote connection method as needed known as? -
ANSWER-Weaponization
*Persistence*
Reconnaissance
Pivoting
A hospital must balance the need to keep patient privacy information secure and the
desire to analyze the contents of patient records for a scientific study. What
cryptographic technology can best support the hospital's needs? - ANSWER-Blockchain
Quantum computing is not yet sufficiently secure to run current cryptographic ciphers.
Perfect forward security (PFS)
Homomorphic encryption
