CompTIA Security+ SY0-601 Practice Questions with 100% correct Answers

Document Content and Description Below

CompTIA Security+ SY0-601 Practice Questions with 100% correct Answers The user installed Trojan horse malware. -Answer- A user used an administrator account to download and install a software appl... ication. After the user launched the .exe extension installer file, the user experienced frequent crashes, slow computer performance, and strange services running when turning on the computer. What most likely happened to cause these issues? A worm -Answer- A security operations center (SOC) analyst investigates the propagation of a memory-resident virus across the network and notices a rapid consumption of network bandwidth, causing a Denial of Service (DoS). What type of virus is this? PUP (potentially unwanted program) -Answer- A user purchased a laptop from a local computer shop. After powering on the laptop for the first time, the user noticed a few programs like Norton Antivirus asking for permission to install. How would an IT security specialist classify these programs? -Uses lightweight shellcode -Uses low observable characteristic attacks -Answer- A fileless malicious software can replicate between processes in memory on a local host or over network shares. What other behaviors and techniques would classify malware as fileless rather than a normal virus? (Select all that apply.) -Computer Bots, -Command & Control -Answer- An attacker is planning to set up a backdoor that will infect a set of specific computers at an organization, to inflict a set of other intrusion attacks remotely. Which of the following will support the attackers' plan? (Select all that apply.) -Launch a Distributed Denial of Service (DDoS) attack -Establish a connection with a Command and Control server -Launch a mass-mail spam attack -Answer- If a user's computer becomes infected with a botnet, which of the following can this compromise allow the attacker to do? (Select all that apply.) Have up-to-date backups. -Answer- If a user's device becomes infected with cryptomalware, which of the following is the best way to mitigate this compromise? A logic bomb -Answer- A security specialist discovers a malicious script on a computer. The script is set to execute if the administrator's account becomes disabled. What type of malware did the specialist discover? Spyware infected the computers. -Answer- End-users at an organization contact the cybersecurity department. After downloading a file, they are being redirected toshopping websites they did not intend to navigate to, and built-in webcams turn on. The security team confirms the issue as malicious, and notes modified DNS (Domain Name System) queries that go to nefarious websites hosting malware. What most likely happened to the users' computers? A Remote Access Trojan (RAT) -Answer- An attacker installs Trojan malware that can execute remote backdoor commands, such as the ability to upload files and install software to a victim PC. What type of Trojan malware is this? Password spraying attack -Answer- A hacker is trying to gain remote access to a company computer by trying brute force password attacks using a few common passwords in conjunction with multiple usernames. What specific type of password attack is the hacker most likely performing? -A rainbow table -A dictionary word -Answer- An attacker can exploit a weakness in a password protocol to calculate the hash of a password. Which of the following can the attacker match the hash to, as a means to obtain the password? (Select all that apply.) A rainbow table attack -Answer- Which of the following attacks do security professionals expose themselves to, if they do not salt passwords with a random value? Clone it. -Answer- How can an attacker make unauthorized use of acquired user and account details from a user's smart card? Skimming -Answer- What type of attack is occurring when a counterfeit card reader is in use? Cross-site scripting (XSS) -Answer- An attacker discovered an input validation vulnerability on a website, crafted a URL with additional HTML code, and emailed the link to a victim. The victim unknowingly defaced (vandalized) the web site after clicking on the malicious URL. No other malicious operations occurred outside of the web application's root directory. This scenario is describing which type of attack? DLL injection -Answer- An attacker escalated privileges to a local administrator and used code refactoring to evade antivirus detection. The attacker then allowed one process to attach to another and forced the operating system to load a malicious binary package. What did the attacker successfully perform? [Show More]

Last updated: 1 year ago

Preview 1 out of 17 pages