CompTIA Security+ SY0-601 Exam Questions and Answers – Page 8 Part 2

The latest CompTIA Security+ (SY0-601) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-601) exam and earn CompTIA Security+ (SY0-601) certification.

Question 771

Exam Question

Harmful programs used to disrupt computer operation, gather sensitive information, or gain unauthorized access to computer systems are commonly referred to as:

A. Adware
B. Malware
C. Ransomware
D. Spyware

Correct Answer

B. Malware

Question 772

Exam Question

An attacker impersonating a software beta tester replies to a victim’s post in a forum thread discussing the best options for affordable productivity software. A while later, he/she follows up by sending the victim private message mentioning the discussion thread and offering free access to a closed beta version of a fake office app. Which social engineering principles apply to this attack scenario? (Select 3 answers)

A. Authority
B. Intimidation
C. Consensus
D. Scarcity
E. Familiarity
F. Trust
G. Urgency

Correct Answer

D. Scarcity
E. Familiarity
F. Trust

Question 773

Exam Question

The term “URL hijacking” (a.k.a. “Typosquatting”) refers to a practice of registering misspelled domain name closely resembling other well established and popular domain name in hopes of getting Internet traffic from users who would make errors while typing in the URL in their web browsers.

A. True
B. False

Correct Answer

A. True

Question 774

Exam Question

Which social engineering attack relies on identity theft?

A. Impersonation
B. Dumpster diving
C. Watering hole attack
D. Shoulder surfing

Correct Answer

A. Impersonation

Question 775

Exam Question

Which of the following is used in data URL phishing?

A. Prepending
B. Typosquatting
C. Pretexting
D. Domain hijacking

Correct Answer

A. Prepending

Question 776

Exam Question

Match a term on the left with its correct definition from the corresponding drop-down list.

Correct Answer

• Bracketing: Providing a high and low estimate in order to entice a more specific number
• Confidential bait: Pretending to divulge confidential information in hopes of receiving confidential information in return
• Deliberate false statements: Saying something wrong in the hopes that the person will correct the statement with true information
• Feigned ignorance: Pretending to be ignorant of a topic in order to exploit the person’s tendency to educate
• Denial of the obvious: Saying something wrong in the hopes that the person will correct the statement with true information
• Flattery: Using praise to coax a person into providing information

Question 777

Exam Question

What is tailgating?

A. Acquiring unauthorized access to confidential data
B. Looking over someone’s shoulder to get information
C. Gaining unauthorized access to restricted areas by following another person
D. Manipulating a user into disclosing confidential information

Correct Answer

C. Gaining unauthorized access to restricted areas by following another person

Question 778

Exam Question

A situation in which an unauthorized person can view another user’s display or keyboard to learn their password or other confidential information is referred to as:

A. Spear phishing
B. Tailgating
C. Shoulder surfing
D. Spoofing

Correct Answer

C. Shoulder surfing

Question 779

Exam Question

Phishing scams targeting a specific group of people are referred to as:

A. Vishing
B. Spear phishing
C. Spoofing
D. Whaling

Correct Answer

B. Spear phishing

Question 780

Exam Question

Which of the following terms is commonly used to describe an unsolicited advertising message?

A. Spyware
B. Adware
C. Malware
D. Spam

Correct Answer

D. Spam