The latest CompTIA Security+ (SY0-601) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-601) exam and earn CompTIA Security+ (SY0-601) certification.
Table of Contents
- Question 361
- Exam Question
- Correct Answer
- Question 362
- Exam Question
- Correct Answer
- Question 363
- Exam Question
- Correct Answer
- Question 364
- Exam Question
- Correct Answer
- Question 365
- Exam Question
- Correct Answer
- Question 366
- Exam Question
- Correct Answer
- Question 367
- Exam Question
- Correct Answer
- Question 368
- Exam Question
- Correct Answer
- Question 369
- Exam Question
- Correct Answer
- Question 370
- Exam Question
- Correct Answer
Question 361
Exam Question
In cybersecurity exercises, purple team combines the roles of all other teams (i.e. red, blue, and white).
A. True
B. False
Correct Answer
B. False
Question 362
Exam Question
In cybersecurity exercises, the defending team is referred to as:
A. Red team
B. Blue team
C. White team
D. Purple team
Correct Answer
B. Blue team
Question 363
Exam Question
Which of the following statements does not apply to the concept of OSINT?
A. Gaining advantage over competitors
B. Passive reconnaissance in penetration testing
C. Preparation before launching a cyberattack
D. Active reconnaissance in penetration testing
Correct Answer
D. Active reconnaissance in penetration testing
Question 364
Exam Question
In penetration testing, active reconnaissance involves gathering any type of publicly available information that can be used later for exploiting vulnerabilities found in the targeted system.
A. True
B. False
Correct Answer
B. False
Question 365
Exam Question
Which of the following terms is used to describe a penetration test in which the person conducting the test has a limited access to information on the internal workings of the targeted system?
A. Black-box testing
B. Fuzz testing
C. Gray-box testing
D. White-box testing
Correct Answer
C. Gray-box testing
Question 366
Exam Question
A penetration test performed by an authorized professional with the full prior knowledge on how the system that is to be tested works is called:
A. Black-hat hacking
B. White-box testing
C. Black-box testing
D. White-hat hacking
Correct Answer
B. White-box testing
Question 367
Exam Question
Which of the following tools enables automated response to security incidents?
A. NIDS
B. SOAR
C. HIDS
D. SIEM
Correct Answer
B. SOAR
Question 368
Exam Question
Which type of server is used for collecting diagnostic and monitoring data from networked devices?
A. Proxy server
B. UC server
C. Syslog server
D. ICS server
Correct Answer
C. Syslog server
Question 369
Exam Question
Which of the following terms refers to a situation where no alarm is raised when an attack has taken place?
A. False negative
B. Truepositive
C. False positive
D. Truenegative
Correct Answer
A. False negative
Question 370
Exam Question
Vulnerability scanning: (Select all that apply)
A. Identifies lack of security controls
B. Actively tests security controls
C. Identifies common misconfigurations
D. Exploits vulnerabilities
E. Passively tests security controls
Correct Answer
A. Identifies lack of security controls
C. Identifies common misconfigurations
E. Passively tests security controls