SY0-601無料問題集「CompTIA Security+」

質問 1

An endpoint protection application contains critical elements that are used to protect a system from infection. Which of the following must be updated before completing a weekly endpoint check?

（A）Policy updates

（B）Policy engine

（C）Policy signatures

（D）Policy definitions

正解：D 解答を投票する

質問 2

A security analyst is investigating network issues between a workstation and a company server. The workstation and server occasionally experience service disruptions, and employees are forced to reconnect to the server. In addition, some reports indicate sensitive information is being leaked from the server to the public.
The workstation IP address is 192.168.1.103, and the server IP address is 192.168.1.101.
The analyst runs arp -a On a separate workstation and obtains the following results:

Which of the following is most likely occurring?

（A）Domain hijacking attack

（B）Evil twin attack

（C）On-path attack

（D）MAC flooding attack

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

Which of the following BEST describes a social-engineering attack that relies on an executive at a small business visiting a fake banking website where credit card and account details are harvested?

（A）Spam

（B）Pharming

（C）Invoice scam

（D）Whaling

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

A financial analyst is expecting an email containing sensitive information from a client. When the email arrives, the analyst receives an error and is unable to open the encrypted message. Which of the following is the most likely cause of the issue?

（A）The S'MIME plug-m is not enabled.

（B）The SSL certificate has expired.

（C）P0P3S is not supported.

（D）Secure I MAP was not implemented.

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

During a recent security assessment, a vulnerability was found in a common OS. The OS vendor was unaware of the issue and promised to release a patch within the next quarter. Which of the following best describes this type of vulnerability?

（A）Legacy operating system

（B）Weak configuration

（C）Zero day

（D）Supply chain

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

An organization has hired a security analyst to perform a penetration test The analyst captures 1Gb worth of inbound network traffic to the server and transfers the pcap back to the machine for analysis. Which of the following tools should the analyst use to further review the pcap?

（A）Nmap

（B）Neat

（C）Wireshark

（D）CURL

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 7

Which of the following incident response activities ensures evidence is properly handled?

（A）Chain of custody

（B）Legal hold

（C）E-discovery

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 8

Which of the following has been implemented when a host-based firewall on a legacy Linux system allows connections from only specific internal IP addresses?

（A）Transfer of risk

（B）SNMP traps

（C）Network segmentation

（D）Compensating control

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

Given the following snippet of Python code:

（A）Keylogger

（B）Logic bomb

（C）Backdoor

（D）Ransomware

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

A systems engineer thinks a business system has been compromised and is being used to exfiltrated data to a competitor The engineer contacts the CSIRT The CSIRT tells the engineer to immediately disconnect the network cable and to not do anything else Which of the following is the most likely reason for this request?

（A）The CSIRT thinks an insider threat is attacking the network

（B）Outages of business-critical systems cost too much money

（C）The CSIRT does not consider the systems engineer to be trustworthy

（D）Memory contents including fileles malware are lost when the power is turned off

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 11

Which of the technologies is used to actively monitor for specific file types being transmitted on the network?

（A）Data loss prevention

（B）Tcpreplay

（C）Honeynets

（D）File integrity monitoring

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 12

A company is developing a business continuity strategy and needs to determine how many staff members would be required to sustain the business in the case of a disruption.
Which of the following best describes this step?

（A）Tabletop exercise

（B）Capacity planning

（C）Geographic dispersion

（D）Redundancy

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 13

A company must ensure sensitive data at rest is rendered unreadable. Which of the following will the company most likely use?

（A）Tokenization

（B）Hashing

（C）Encryption

（D）Segmentation

正解：C 解答を投票する

質問 14

A network administrator deployed a DNS logging tool that logs suspicious websites that are visited and then sends a daily report based on various weighted metrics. Which of the following best describes the type of control the administrator put in place?

（A）Deterrent

（B）Preventive

（C）Corrective

（D）Detective

正解：D 解答を投票する

SY0-601 無料問題集「CompTIA Security+」

弊社を連絡する

関連リンク

トップ試験