The latest CompTIA Security+ (SY0-601) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-601) exam and earn CompTIA Security+ (SY0-601) certification.
Question 61
The Chief Financial Officer (CFO) of an insurance company received an email from Ann, the company’s Chief Executive Officer (CEO), requesting a transfer of $10,000 to an account. The email states Ann is on vacation and has lost her purse, containing cash and credit cards. Which of the following social-engineering techniques is the attacker using?
A. Phishing
* B. Whaling
C. Typo squatting
D. Pharming
Question 62
A company wants to deploy PKI on its Internet-facing website. The applications that are currently deployed are:
- www.company.com (main website)
- contactus.company.com (for locating a nearby location)
- quotes.company.com (for requesting a price quote)
The company wants to purchase one SSL certificate that will work for all the existing applications and any future applications that follow the same naming conventions, such as store.company.com. Which of the following certificate types would BEST meet the requirements?
A. SAN
* B. Wildcard
C. Extended validation
D. Self-signed
Question 63
A host was infected with malware. During the incident response, Joe, a user, reported that he did not receive any emails with links, but he had been browsing the Internet all day. Which of the following would MOST likely show where the malware originated?
* A. The DNS logs
B. The web server logs
C. The SIP traffic logs
D. The SNMP logs
Question 64
A recently discovered zero-day exploit utilizes an unknown vulnerability in the SMB network protocol to rapidly infect computers. Once infected, computers are encrypted and held for ransom. Which of the following would BEST prevent this attack from reoccurring?
* A. Configure the perimeter firewall to deny inbound external connections to SMB ports.
B. Ensure endpoint detection and response systems are alerting on suspicious SMB connections.
C. Deny unauthenticated users access to shared network folders.
D. Verify computers are set to install monthly operating system, updates automatically.
Question 65
Joe, an employee, receives an email stating he won the lottery. The email includes a link that requests a name, mobile phone number, address, and date of birth be provided to confirm Joe’s identity before sending him the prize. Which of the following BEST describes this type of email?
A. Spear phishing
B. Whaling
* C. Phishing
D. Vishing
Question 66
A user enters a password to log in to a workstation and is then prompted to enter an authentication code.
Which of the following MFA factors or attributes are being utilized in the authentication process? (Choose two.)
* A. Something you know
* B. Something you have
C. Somewhere you are
D. Someone you know
E. Something you are
F. Something you can do
Question 67
When selecting a technical solution for identity management, an architect chooses to go from an in-house solution to a third-party SaaS provider. Which of the following risk management strategies is this an example of?
* A. Transference
B. Avoidance
C. Acceptance
D. Mitigation
Question 68
A company recently experienced a data breach and the source was determined to be an executive who was charging a phone in a public area. Which of the following would MOST likely have prevented this breach?
A. A firewall
B. A device pin
C. A USB data blocker
* D. Biometrics
Question 69
An analyst visits an Internet forum looking for information about a tool. The analyst finds a thread that appears to contain relevant information. One of the posts says the following:
Which of the following BEST describes the attack that was attempted against the forum readers?
A. SQLi attack
B. DLL attack
* C. XSS attack
D. API attack
Question 70
A network administrator would like to configure a site-to-site VPN utilizing IPsec. The administrator wants the tunnel to be established with data integrity, encryption, authentication, and anti-replay functions.
Which of the following should the administrator use when configuring the VPN?
A. AH
B. EDR
* C. ESP
D. DNSSEC