CompTIA Security+ (SYO-601) Sample Exam Questions
1
If your company has to introduce a new enterprise mobility strategy for all users. With the strategy, employees will have to choose a mobile device from a company-approved list. Which of these is the appropriate deployment model for the enterprise to use?
2
You have with you, numerous computers using the NTLM authentication protocol for client authentication. User passwords with at least 16 characters are required by the Network policy. Identify the hash algorithm used for password authentication?
3
In an organization, users are allowed to use company-issued tablets to access the network, with the permission to install only approved apps on the devices. What MDM feature would provide functionality meeting this requirement?
4
In a company users are now allowed to user mobile devices on the company network. A screen appears when users are connected to the company Wi-Fi, defining terms of use, and users have to click to acknowledge the agreement. The user is only allowed to connect to the network If he agrees to the terms by clicking Yes. This is an example of what?
5
A Layer 2 switch is used by an organization to segment a network with a seprate network segment assigned of each department. The conference room contains a wireless AP. What should you use if you are to make sure a user can only access resources in their own VLAN upon connecting his laptop computer to the wireless AP in the conference room?
6
Using the agile method for application development, what are the two advantages you can get? (opt any two)
7
Some gaps have been highlighted upon completing a security audit of a company. Recommendations from the report suggest upgrading some network components. The following requirements have been provided by the company: * A security device must be implemented consolidating various functions to protect the network, malicious websites to be filtered, and SPAM messages to be stopped. * Implement A tool using real-time and historical analysis to be implemented to identify malware and security incidents. Which of the following set of devices and tools is BEST suited for that purpose?
8
a friend of yours on a social network sends you a direct message telling you about a scheme offering a $100 gift card if you are one of the first 25 to respond to a survey. Upon clicking the link, you realize a malware has infected your machine. Identify the two attack principles you think have contributed to the effectiveness of this attack? (opt any two)
9
Your website has been targeted repeatedly by cross-site request forgery (XSIRF) attacks. What would you do in order to prevent these from occurring again?
10
Identify a solution that has been implemented to provide higher security in the DH protocol?
11
According to a user, an application is failing detailed messaging is displayed that includes data dumps, stack traces, and detailed codes. What type of vulnerability does this result from?
12
An organization gets to know that it has been several months since it is under attack from an APT. Identify which which type of attack was used for initial breach?
13
Where do you think loop protection be enabled when using a set of switches to implement a VLAN?
14
In a defense in depth strategy, which of the following is at the outermost (topmost) level?
15
A USB drive is found by a company’s competitor in a trash can during a site visit, and after viewing the contents of the drive he learns some critical company secrets. How can you best mitigate this risk?
16
At a datacenter a user has been challenged by three different authentication methods as visible in the exhibit. Identify the option that BEST describes the multifactor authentication policy in use?
17
A small network is setup by a company, and the network will use smart cards for logon. Identify the authentication protocol that provides native support for this type of logon?
18
In the process of a server application under development, some errors are discovered to leave the application running in an unstable condition. One such error is a divide by zero error. The application should respond more appropriately to errors including generating error message when they appear. Which of the following would you implement?
19
If you are to devise an incident management plan for DoS attack on the company's ecommerce servers, what should be the primary goal of that incident management plan?
20
A handful of employees received e-mails from an online auction site, as it seemed. Upon clicking the call to action link users are required to put in their personal information. Upon investigation, it is discovered that the link does not go to the auction site, but to a duplicate site set up by an attacker. What is the type of this attack type?
21
While reconfiguring your firewall to support a perimeter network, you deploy two Web servers on the that perimeter network. Which of the following would you choose if you want to deploy a security tool that can help reconfigure the network automatically in response to detected threats?
22
Identify the hash algorithm used by common implementations of CHAP.
23
When implementing a vendor diversity policy, what are the two advantages? (opt any two.))
24
A security audit has been carried recently, and a portion of its results are reflected in the table in the exhibit. What steps would you take to rectify the vulnerability shown in the exhibit?
25
Identify the protocol that is meant for use with passwords while also helping mitigate dictionary and brute-force attacks? (opt any two).
26
While deploying PKI within your company, you need to meet legal reporting requirements. What should you do if you want to implement a way to provide decryption keys to a third party on an as-needed basis to meet those requirements?
27
There is a datacenter with several computers, and you need to determine environmental control requirements for it. Can you identify the role of an HVAC system in this environment? (opt any two)
28
An organization is to set up two-factor authentication for an application that is cloud-based. The two things that should be included in the authentication are a one-time use and limited time password delivered to the user through the Google Authenticator mobile app. What type of authentication should the company use if the password is to be based on a shared key and the current date and time?
29
The exhibit shows an administrator is connected to an access point. To configure 802.1x settings, which security mode should the administrator select?
30
In a business continuity planning (BCP), during which aspect are Tabletop exercises used?