Show
You are using an out of date browser. It may not display this or other websites correctly. CompTIA Security+ (SY0-601) Certmaster
Apr 25, 20151,841
22,193327
Hint: The PDF is way easier to read, just sign up / register to get it free. VirusTotal for PDF / scan: https://www.virustotal.com/gui/file...87ab9cbe5aa3fe3b0e8d7d0b7ef1ef72d90/relations This is strictly intended for
studying purposes only - to help you know what the questions are and to study the answers further to best understand material. QA_Assessment_Security_Plus.pdf
Hint: The PDF is way easier to read, just sign up / register to get it free. This is strictly intended for studying purposes only - to help you know what the questions are and to study the answers further to best understand material. A support technician reviews a computer's boot integrity capabilities and discovers that the system supports a measured boot process. Which statement accurately describes this process? Measured boot is configured with digital certificates from valid OS vendors.(No) Engineers are considering network options that will maintain data transfers between systems within the same cloud-based data-center. They also look to configure security on these systems. Which of the following would ensure this type of implementation? (Select all that apply.) Set up efficient east-west traffic. (Yes) Select the vulnerabilities that can influence routing. (Select all that apply.) Source routing (Yes)
Apr 25, 20151,841 22,193327
Found these changes to the certmaster....thanks for this upload this was super helpful: A support technician reviews a computer's boot integrity capabilities and discovers that the system supports a measured boot process. Which statement accurately describes this process?
Measured boot is configured with digital certificates from valid OS vendors.(No) Engineers are considering network options that will maintain data transfers between systems within the same cloud-based data-center. They also look to configure
security on these systems. Which of the following would ensure this type of implementation? (Select all that apply.) Set up efficient east-west traffic. (Yes) Select the vulnerabilities that can influence routing. (Select all that apply.) Source routing (Yes) much love your way
can anyone tell me how to get the adobe?
Apr 25, 20151,84122,193327
can anyone tell me how to get the adobe?
Which of the following is used to review application code for signatures of known issues before it is packaged as an executable? A. Static code analysis (yes) Got this today.
Lol wtf man, just open the document in Google Chrome or use a free PDF viewer.. do you need me to help you using TeamViewer?
Apr 25, 20151,84122,193327
Which of the following is used to review application code for signatures of known issues before it is packaged as an executable? A. Static code analysis (yes) Got this today. appreciate you posting those questions and saving me a lot of time and struggle can anyone tell me how to get the adobe? If you need direct assistance, I will connect with you via TeamViewer. Just let me know!
Had a new question that isnt listed yet today: A network administrator set up a basic packet filtering firewall using an open-source application running on a Linux virtual machine. The immediate benefit to this deployment is the quick configuration of basic firewall rules. What other functionality would influence a decision to deploy a stateless, rather than stateful, firewall?
(Select all that apply.) Hardware-specific features (no)
A penetration tester is testing a network's vulnerability. One of the tests the penetration tester is checking the ability to inject packets. Which of the following tools allow for packet injection? (Select all that apply.)
Hint: The PDF is way easier to read, just sign up / register to get it free. This is strictly intended for studying purposes only - to help you know what the questions are and to study the answers further to best understand material. I would like to thank you for posting this. Deeply appreciative as I used this in a pinch to renew. Again, thank you.
Found this question. Select the vulnerabilities that can influence routing. (Select all that traffic blocking(no) Also, THANKS to whoever created this site . You have no idea how grateful I am. Putting this question here because it's in the PDF but not searchable from this
webpage . A company with multiple types of archived encrypted data is looking to Key escrow A penetration tester is testing a network's vulnerability. One of the tests the penetration tester is checking is the ability to inject packets. Which of the following tools allow
for packet injection? (Select all that apply.) hping (yes) A penetration tester is experimenting with Network Mapper (Nmap) on a test network as a privileged user. The tester would like to know the operating system of a target device and scan for commonly used ports. Select the nmap commands that will be useful in this case. (Select all that apply.) nmap xxx.xxx.x.x -sF (no) A government agency is getting rid of older workstations. The agency will donate these workstations, along with other excess computer systems, to nearby schools. Management reminds the systems administrators about the data sanitization and disposal policy. What policy items are applicable for these IT systems, prior to donating to the schools? (Select all that apply.) Use a data sanitization tool (yes)
Appreciate the effort that went into this. Many thanks.
A network administrator for a large oil company has discovered that a host on the company network has been compromised by an attacker spoofing digital certificates. Recommend an immediate response to prevent further spoofing of the host. A. Remove all root certificates from the host (No)
Heads up: the answer to this question has been recently changed by CompTIA: An attacker used an illegal access point (AP) with a very strong signal near a wireless network. If the attacker performed a jamming attack, which of the following would mitigate this type of network disruption? (Select all that apply.) A. Boost the signal of the legitimate equipment.
(wrong) This directly contradicts the course material and does make any sense. A spectrum analyzer cannot mitigate this type of attack, therefore the originally correct answers (A + B) are technically correct. CompTIA is playing games here with changing the answer to a technically incorrect solution. Question has been
re-written by CompTIA: Which Redundant Array of Independent Disks (RAID) combines mirroring and striping and improves performance or redundancy? An application maintains social security numbers and birth dates in a
database to track medical records across multiple offices. To maintain the personally identifiable information (PII), which of the following de-identification methods should the application adopt? A. Data masking (wrong) Identify the command that will output the first 15 lines in a log file called hostnames where the system writes in chronological order starting from the top of the file.
tail -n 15 /var/log/hostnames (wrong) Identify the command that will output the last 15 lines in the log file called hostnames. tail -n 15 /var/log/hostnames (correct) A lot of changes have been made to the test.. A cloud customer prefers separating storage resources that hold different sets of data in virtual private clouds (VPCs). One of those data sets must comply with Health Insurance Portability and Accountability Act (HIPAA) guidelines for patient data. How should the customer configure these VPCs to ensure the highest degree of network security? A. Use separate VPCs for each network segment. (correct) Employees have the ability to download certain applications onto their workstations to complete work functions. The CIO enacted a policy to ensure that no modifications to the application have occurred. What method of validation did the CIO implement? A. Input validation (wrong) 82.5% complete A. Root (correct) A public key infrastructure (PKI) is being set up for a logistics company, utilizing OpenSSL hosted on Red Hat Enterprise Linux. Which of the following commands can the team use, when setting up the PKI, to create an encrypted RSA private key? A. openssl genrsa -aes256 -out server.key 1024 (correct) An administrator deploys a basic network intrusion detection system (NIDS) device to identify known attacks. What detection method does this device use? A.
Signature-based (correct) A cloud administrator deploys two cloud servers on the Amazon Web Services (AWS) platform, each in a separately defined virtual network. How does the administrator get both servers to communicate with each other without using an Internet gateway? A. Set up a public subnet. (wrong) Consider the principles of web server hardening and determine which actions a system administrator should take when deploying a new web server in a demilitarized zone (DMZ). (Select all that apply.) A. Establish a guest zone (correct)
New format for listed questions: new: Which of the following provides attestation and is signed by a trusted platform module (TPM)? -Measured boot new: Systems administrators want to set up a way to perform remote administration from home. Rather than installing a software agent, the solution should use an underlying technology that is available to an application, such as a web browser. Which option would best support these
requirements? -HTML5 new: What are the differences between WPA and WPA2? (Select all that apply.) -Unlike WPA, WPA2 supports an encryption algorithm based on the Advanced Encryption Standard (AES) instead of the version of RC4 "patched" with the Temporal Key Integrity Protocol (TKIP). new: An authoritative Domain Name System (DNS) server for a zone creates a Resource Records Set (RRSet) signed with a zone signing key. What is the result of this action? DNS Security Extensions update: Domain 4.0 Operations
and Incident Response Assessment old answers: New Answers: old answers: New Answers: Update: Domain 5.0 Governance, Risk, and Compliance Assessment An application maintains social security numbers and birth dates in a database to track medical records across multiple offices. To maintain the personally identifiable information (PII), which of the following de-identification methods should the application adopt? -Tokenization
This thread helped me to get my recert done in a time crunch!! Thak you to all that contributed to post!! Greatly appreciated!!
There are some updated "wording" and answers to some of these questions. I made it through 1.0 and 2.0 today and noted a few changes/rewording of questions. Took the PDF Download and exported it to Word to update the Study Guide. Is there a way to reupload it for others? Thanks!
Heads up: the answer to this question has been recently changed by CompTIA: An attacker used an illegal access point (AP) with a very strong signal near a wireless network. If the attacker performed a jamming attack, which of the following would mitigate this type of network
disruption? (Select all that apply.) A. Boost the signal of the legitimate equipment. (wrong) This directly contradicts the course material and does make any sense. A spectrum analyzer cannot mitigate this type of attack, therefore the originally correct answers (A + B) are technically correct. CompTIA is playing
games here with changing the answer to a technically incorrect solution. Question has been re-written by CompTIA: Which Redundant Array of Independent Disks (RAID) combines mirroring and striping and improves performance or redundancy? An application maintains social security numbers and birth dates in a database to track medical records across multiple offices. To maintain the personally identifiable information (PII), which of the following de-identification methods should the application adopt? A. Data masking (wrong) Identify the command that will output the first 15 lines
in a log file called hostnames where the system writes in chronological order starting from the top of the file. tail -n 15 /var/log/hostnames (wrong) Identify the command that will output the last 15 lines in the log file called hostnames. tail -n 15 /var/log/hostnames (correct) A lot of changes have been made to the test.. A cloud customer prefers separating storage resources that hold different sets of data in virtual private clouds (VPCs). One of those data sets must comply with Health Insurance Portability and Accountability Act (HIPAA) guidelines for patient data. How should the customer configure these VPCs to ensure the highest degree of network security? A. Use separate VPCs for each
network segment. (correct) Employees have the ability to download certain applications onto their workstations to complete work functions. The CIO enacted a policy to ensure that no modifications to the application have occurred. What method of validation did the CIO implement? A. Input validation (wrong) 82.5% complete A. Root (correct) A public key infrastructure (PKI) is
being set up for a logistics company, utilizing OpenSSL hosted on Red Hat Enterprise Linux. Which of the following commands can the team use, when setting up the PKI, to create an encrypted RSA private key? A. openssl genrsa -aes256 -out server.key 1024 (correct) An administrator deploys a basic
network intrusion detection system (NIDS) device to identify known attacks. What detection method does this device use? A. Signature-based (correct) A cloud administrator deploys two cloud servers on the Amazon Web Services (AWS) platform, each in a separately defined virtual network. How does the administrator get both servers to communicate with each other without using an Internet
gateway? A. Set up a public subnet. (wrong) Consider the principles of web server hardening and determine which actions a system administrator should take when deploying a new web server in a demilitarized zone (DMZ). (Select all that apply.) A. Establish a guest zone (correct) An attacker used an illegal access point (AP) with a very strong signal near a wireless network. If the attacker performed a jamming attack, which of the following would mitigate this type of network disruption? (Select all
that apply.) A. Boost the signal of the legitimate equipment. (correct)
What is the primary reason that routing on the Internet is redundant?What is the primary reason that routing on the Internet is redundant? Networks are still available in case of a path or router failure.
What does it mean when a routing system is redundant?When data is sent from one part of the network to another, the data is broken into blocks of bits (packets) that contain enough information so that each packet can be rerouted if necessary. A routing system is redundant because there are multiple paths available for packets to travel through the internet.
Which of the following is most likely to be a benefit to users of the application?Which of the following is most likely to be a benefit to users of the application? Users of the application may see health benefits as a result of the application encouraging them to exercise with each other.
Which of the following best describes the ability of the two computers to communicate with each other across the Internet?Which of the following best describes the ability of the two computers to communicate with each other across the Internet? The computers can communicate directly because Internet communication uses standard protocols.
|