The latest CompTIA Security+ (SY0-601) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-601) exam and earn CompTIA Security+ (SY0-601) certification.
Table of Contents
- Question 371
- Exam Question
- Correct Answer
- Question 372
- Exam Question
- Correct Answer
- Question 373
- Exam Question
- Correct Answer
- Question 374
- Exam Question
- Correct Answer
- Question 375
- Exam Question
- Correct Answer
- Question 376
- Exam Question
- Correct Answer
- Question 377
- Exam Question
- Correct Answer
- Question 378
- Exam Question
- Correct Answer
- Question 379
- Exam Question
- Correct Answer
- Question 380
- Exam Question
- Correct Answer
Question 371
Exam Question
FTP, HTTP, IMAP, POP, SMTP, and Telnet are all examples of cleartext (i.e. unencrypted) network protocols.
A. True
B. False
Correct Answer
A. True
Question 372
Exam Question
A type of attack aimed at exploiting vulnerability that is present in already released software but unknown to the software developer is called:
A. Xmas attack
B. Zero-day attack
C. IV attack
D. Replay attack
Correct Answer
B. Zero-day attack
Question 373
Exam Question
A type of formal document that describes the specifications for a particular technology is known as:
A. RFQ
B. RFC
C. RFI
D. RFP
Correct Answer
B. RFC
Question 374
Exam Question
Which of the following terms refers to a dedicated transport mechanism for cyber threat information?
A. TCP/IP
B. STIX
C. TAXII
D. S/MIME
Correct Answer
C. TAXII
Question 375
Exam Question
Which of the following terms refers to a US government initiative for real-time sharing of cyber threat indicators?
A. NVD
B. AIS
C. TTP
D. CVSS
Correct Answer
B. AIS
Question 376
Exam Question
Which of the following statements does not apply to dark web?
A. Requires specific software to access its contents
B. Forms a large part of the deep web
C. Not indexed by traditional search engines
D. Frequently associated with illegal activities
Correct Answer
B. Forms a large part of the deep web
Question 377
Exam Question
Which of the following terms refers to threat intelligence gathered from publicly available sources?
A. IoC
B. OSINT
C. RFC
D. CVE/NVD
Correct Answer
B. OSINT
Question 378
Exam Question
Which of the following mitigates the risk of supply chain attacks?
A. Disaster Recovery Plan (DRP)
B. Vendor/intermediary checks
C. Business Continuity Plan (BCP)
D. Incident Response Plan (IRP)
Correct Answer
B. Vendor/intermediary checks
Question 379
Exam Question
Which of the following answers refer(s) to wireless threat vector(s)? (Select all that apply)
A. Network protocol vulnerabilities (WEP/WPA)
B. Rogue AP / Evil twin
C. Default security configurations
D. Malicious email attachments
E. Vulnerabilities in network security standards (WPS)
Correct Answer
A. Network protocol vulnerabilities (WEP/WPA)
B. Rogue AP / Evil twin
C. Default security configurations
E. Vulnerabilities in network security standards (WPS)
Question 380
Exam Question
Which of the following terms best describes threat actors that engage in illegal activities to get the know-how and gain market advantage?
A. Insiders
B. Nation states / APTs
C. Criminal syndicates
D. Competitors
Correct Answer
D. Competitors