CompTIA Security+ Practice Tests
eBook - ePub

CompTIA Security+ Practice Tests

Exam SY0-601

David Seidl

Partager le livre
  1. English
  2. ePUB (adapté aux mobiles)
  3. Disponible sur iOS et Android
eBook - ePub

CompTIA Security+ Practice Tests

Exam SY0-601

David Seidl

DĂ©tails du livre
Aperçu du livre
Table des matiĂšres
Citations

À propos de ce livre

Get ready for a career in IT security and efficiently prepare for the SY0-601 exam with a single, comprehensive resource

CompTIA Security+ Practice Tests: Exam SY0-601, Second Edition efficiently prepares you for the CompTIA Security+ SY0-601 Exam with one practice exam and domain-by-domain questions. With a total of 1, 000 practice questions, you'll be as prepared as possible to take Exam SY0-601.

Written by accomplished author and IT security expert David Seidl, the 2 nd Edition of CompTIA Security+ Practice Tests includes questions covering all five crucial domains and objectives on the SY0-601 exam:

  • Attacks, Threats, and Vulnerabilities
  • Architecture and Design
  • Implementation
  • Operations and Incident Response
  • Governance, Risk, and Compliance

Perfect for anyone looking to prepare for the SY0-601 Exam, upgrade their skills by earning a high-level security certification (like CASP+, CISSP, or CISA), as well as anyone hoping to get into the IT security field, CompTIA Security+ Practice Tests allows for efficient and comprehensive preparation and study.

Foire aux questions

Comment puis-je résilier mon abonnement ?
Il vous suffit de vous rendre dans la section compte dans paramĂštres et de cliquer sur « RĂ©silier l’abonnement ». C’est aussi simple que cela ! Une fois que vous aurez rĂ©siliĂ© votre abonnement, il restera actif pour le reste de la pĂ©riode pour laquelle vous avez payĂ©. DĂ©couvrez-en plus ici.
Puis-je / comment puis-je télécharger des livres ?
Pour le moment, tous nos livres en format ePub adaptĂ©s aux mobiles peuvent ĂȘtre tĂ©lĂ©chargĂ©s via l’application. La plupart de nos PDF sont Ă©galement disponibles en tĂ©lĂ©chargement et les autres seront tĂ©lĂ©chargeables trĂšs prochainement. DĂ©couvrez-en plus ici.
Quelle est la différence entre les formules tarifaires ?
Les deux abonnements vous donnent un accĂšs complet Ă  la bibliothĂšque et Ă  toutes les fonctionnalitĂ©s de Perlego. Les seules diffĂ©rences sont les tarifs ainsi que la pĂ©riode d’abonnement : avec l’abonnement annuel, vous Ă©conomiserez environ 30 % par rapport Ă  12 mois d’abonnement mensuel.
Qu’est-ce que Perlego ?
Nous sommes un service d’abonnement Ă  des ouvrages universitaires en ligne, oĂč vous pouvez accĂ©der Ă  toute une bibliothĂšque pour un prix infĂ©rieur Ă  celui d’un seul livre par mois. Avec plus d’un million de livres sur plus de 1 000 sujets, nous avons ce qu’il vous faut ! DĂ©couvrez-en plus ici.
Prenez-vous en charge la synthÚse vocale ?
Recherchez le symbole Écouter sur votre prochain livre pour voir si vous pouvez l’écouter. L’outil Écouter lit le texte Ă  haute voix pour vous, en surlignant le passage qui est en cours de lecture. Vous pouvez le mettre sur pause, l’accĂ©lĂ©rer ou le ralentir. DĂ©couvrez-en plus ici.
Est-ce que CompTIA Security+ Practice Tests est un PDF/ePUB en ligne ?
Oui, vous pouvez accĂ©der Ă  CompTIA Security+ Practice Tests par David Seidl en format PDF et/ou ePUB ainsi qu’à d’autres livres populaires dans Informatica et Guide di certificazione nell'informatica. Nous disposons de plus d’un million d’ouvrages Ă  dĂ©couvrir dans notre catalogue.

Informations

Éditeur
Sybex
Année
2021
ISBN
9781119735441
Édition
2
Sujet
Informatica
Sous-sujet
Guide di certificazione nell'informatica

Chapter 1
Threats, Attacks, and Vulnerabilities

THE COMPTIA SECURITY+ EXAM SY0-601 TOPICS COVERED IN THIS CHAPTER INCLUDE THE FOLLOWING:
  • 1.1 Compare and contrast different types of social engineering techniques
  • 1.2 Given a scenario, analyze potential indicators to determine the type of attack
  • 1.3 Given a scenario, analyze potential indicators associated with application attacks
  • 1.4 Given a scenario, analyze potential indicators associated with network attacks
  • 1.5 Explain different threat actors, vectors, and intelligence sources
  • 1.6 Explain the security concerns associated with various types of vulnerabilities
  • 1.7 Summarize the techniques used in security assessments
  • 1.8 Explain the techniques used in penetration testing
  1. Ahmed is a sales manager with a major insurance company. He has received an email that is encouraging him to click on a link and fill out a survey. He is suspicious of the email, but it does mention a major insurance association, and that makes him think it might be legitimate. Which of the following best describes this attack?
    1. Phishing
    2. Social engineering
    3. Spear phishing
    4. Trojan horse
  2. You are a security administrator for a medium-sized bank. You have discovered a piece of software on your bank's database server that is not supposed to be there. It appears that the software will begin deleting database files if a specific employee is terminated. What best describes this?
    1. Worm
    2. Logic bomb
    3. Trojan horse
    4. Rootkit
  3. You are responsible for incident response at Acme Bank. The Acme Bank website has been attacked. The attacker used the login screen, but rather than enter login credentials, they entered some odd text: ' or '1' = '1 . What is the best description for this attack?
    1. Cross-site scripting
    2. Cross-site request forgery
    3. SQL injection
    4. ARP poisoning
  4. Users are complaining that they cannot connect to the wireless network. You discover that the WAPs are being subjected to a wireless attack designed to block their Wi-Fi signals. Which of the following is the best label for this attack?
    1. IV attack
    2. Jamming
    3. WPS attack
    4. Botnet
  5. Frank is deeply concerned about attacks to his company's e-commerce server. He is particularly worried about cross-site scripting and SQL injection. Which of the following would best defend against these two specific attacks?
    1. Encrypted web traffic
    2. Input validation
    3. A firewall
    4. An IDS
  6. You are responsible for network security at Acme Company. Users have been reporting that personal data is being stolen when using the wireless network. They all insist they only connect to the corporate wireless access point (AP). However, logs for the AP show that these users have not connected to it. Which of the following could best explain this situation?
    1. Session hijacking
    2. Clickjacking
    3. Rogue access point
    4. Bluejacking
  7. What type of attack depends on the attacker entering JavaScript into a text area that is intended for users to enter text that will be viewed by other users?
    1. SQL injection
    2. Clickjacking
    3. Cross-site scripting
    4. Bluejacking
  8. Rick wants to make offline brute-force attacks against his password file very difficult for attackers. Which of the following is not a common technique to make passwords harder to crack?
    1. Use of a salt
    2. Use of a pepper
    3. Use of a purpose-built password hashing algorithm
    4. Encrypting password plain text using symmetric encryption
  9. What term is used to describe spam over Internet messaging services?
    1. SPIM
    2. SMSPAM
    3. IMSPAM
    4. TwoFaceTiming
  10. Susan is analyzing the source code for an application and discovers a pointer de-reference and returns NULL. This causes the program to attempt to read from the NULL pointer and results in a segmentation fault. What impact could this have for the application?
    1. A data breach
    2. A denial-of-service condition
    3. Permissions creep
    4. Privilege escalation
  11. Teresa is the security manager for a mid-sized insurance company. She receives a call from law enforcement, telling her that some computers on her network participated in a massive denial-of-service (DoS) attack. Teresa is certain that none of the employees at her company would be involved in a cybercrime. What would best explain this scenario?
    1. It is a result of social engineering.
    2. The machines all have backdoors.
    3. The machines are bots.
    4. The machines are infected with crypto-viruses.
  12. Unusual outbound network traffic, geographical irregularities, and increases in database read volumes are all examples of what key element of...

Table des matiĂšres