CompTIA Security+ Practice Tests
eBook - ePub

CompTIA Security+ Practice Tests

Exam SY0-601

David Seidl

Condividi libro
  1. English
  2. ePUB (disponibile sull'app)
  3. Disponibile su iOS e Android
eBook - ePub

CompTIA Security+ Practice Tests

Exam SY0-601

David Seidl

Dettagli del libro
Anteprima del libro
Indice dei contenuti
Citazioni

Informazioni sul libro

Get ready for a career in IT security and efficiently prepare for the SY0-601 exam with a single, comprehensive resource

CompTIA Security+ Practice Tests: Exam SY0-601, Second Edition efficiently prepares you for the CompTIA Security+ SY0-601 Exam with one practice exam and domain-by-domain questions. With a total of 1, 000 practice questions, you'll be as prepared as possible to take Exam SY0-601.

Written by accomplished author and IT security expert David Seidl, the 2 nd Edition of CompTIA Security+ Practice Tests includes questions covering all five crucial domains and objectives on the SY0-601 exam:

  • Attacks, Threats, and Vulnerabilities
  • Architecture and Design
  • Implementation
  • Operations and Incident Response
  • Governance, Risk, and Compliance

Perfect for anyone looking to prepare for the SY0-601 Exam, upgrade their skills by earning a high-level security certification (like CASP+, CISSP, or CISA), as well as anyone hoping to get into the IT security field, CompTIA Security+ Practice Tests allows for efficient and comprehensive preparation and study.

Domande frequenti

Come faccio ad annullare l'abbonamento?
È semplicissimo: basta accedere alla sezione Account nelle Impostazioni e cliccare su "Annulla abbonamento". Dopo la cancellazione, l'abbonamento rimarrà attivo per il periodo rimanente già pagato. Per maggiori informazioni, clicca qui
È possibile scaricare libri? Se sì, come?
Al momento è possibile scaricare tramite l'app tutti i nostri libri ePub mobile-friendly. Anche la maggior parte dei nostri PDF è scaricabile e stiamo lavorando per rendere disponibile quanto prima il download di tutti gli altri file. Per maggiori informazioni, clicca qui
Che differenza c'è tra i piani?
Entrambi i piani ti danno accesso illimitato alla libreria e a tutte le funzionalità di Perlego. Le uniche differenze sono il prezzo e il periodo di abbonamento: con il piano annuale risparmierai circa il 30% rispetto a 12 rate con quello mensile.
Cos'è Perlego?
Perlego è un servizio di abbonamento a testi accademici, che ti permette di accedere a un'intera libreria online a un prezzo inferiore rispetto a quello che pagheresti per acquistare un singolo libro al mese. Con oltre 1 milione di testi suddivisi in più di 1.000 categorie, troverai sicuramente ciò che fa per te! Per maggiori informazioni, clicca qui.
Perlego supporta la sintesi vocale?
Cerca l'icona Sintesi vocale nel prossimo libro che leggerai per verificare se è possibile riprodurre l'audio. Questo strumento permette di leggere il testo a voce alta, evidenziandolo man mano che la lettura procede. Puoi aumentare o diminuire la velocità della sintesi vocale, oppure sospendere la riproduzione. Per maggiori informazioni, clicca qui.
CompTIA Security+ Practice Tests è disponibile online in formato PDF/ePub?
Sì, puoi accedere a CompTIA Security+ Practice Tests di David Seidl in formato PDF e/o ePub, così come ad altri libri molto apprezzati nelle sezioni relative a Informatica e Guide di certificazione nell'informatica. Scopri oltre 1 milione di libri disponibili nel nostro catalogo.

Informazioni

Editore
Sybex
Anno
2021
ISBN
9781119735441
Edizione
2
Argomento
Informatica
Categoria
Guide di certificazione nell'informatica

Chapter 1
Threats, Attacks, and Vulnerabilities

THE COMPTIA SECURITY+ EXAM SY0-601 TOPICS COVERED IN THIS CHAPTER INCLUDE THE FOLLOWING:
  • 1.1 Compare and contrast different types of social engineering techniques
  • 1.2 Given a scenario, analyze potential indicators to determine the type of attack
  • 1.3 Given a scenario, analyze potential indicators associated with application attacks
  • 1.4 Given a scenario, analyze potential indicators associated with network attacks
  • 1.5 Explain different threat actors, vectors, and intelligence sources
  • 1.6 Explain the security concerns associated with various types of vulnerabilities
  • 1.7 Summarize the techniques used in security assessments
  • 1.8 Explain the techniques used in penetration testing
  1. Ahmed is a sales manager with a major insurance company. He has received an email that is encouraging him to click on a link and fill out a survey. He is suspicious of the email, but it does mention a major insurance association, and that makes him think it might be legitimate. Which of the following best describes this attack?
    1. Phishing
    2. Social engineering
    3. Spear phishing
    4. Trojan horse
  2. You are a security administrator for a medium-sized bank. You have discovered a piece of software on your bank's database server that is not supposed to be there. It appears that the software will begin deleting database files if a specific employee is terminated. What best describes this?
    1. Worm
    2. Logic bomb
    3. Trojan horse
    4. Rootkit
  3. You are responsible for incident response at Acme Bank. The Acme Bank website has been attacked. The attacker used the login screen, but rather than enter login credentials, they entered some odd text: ' or '1' = '1 . What is the best description for this attack?
    1. Cross-site scripting
    2. Cross-site request forgery
    3. SQL injection
    4. ARP poisoning
  4. Users are complaining that they cannot connect to the wireless network. You discover that the WAPs are being subjected to a wireless attack designed to block their Wi-Fi signals. Which of the following is the best label for this attack?
    1. IV attack
    2. Jamming
    3. WPS attack
    4. Botnet
  5. Frank is deeply concerned about attacks to his company's e-commerce server. He is particularly worried about cross-site scripting and SQL injection. Which of the following would best defend against these two specific attacks?
    1. Encrypted web traffic
    2. Input validation
    3. A firewall
    4. An IDS
  6. You are responsible for network security at Acme Company. Users have been reporting that personal data is being stolen when using the wireless network. They all insist they only connect to the corporate wireless access point (AP). However, logs for the AP show that these users have not connected to it. Which of the following could best explain this situation?
    1. Session hijacking
    2. Clickjacking
    3. Rogue access point
    4. Bluejacking
  7. What type of attack depends on the attacker entering JavaScript into a text area that is intended for users to enter text that will be viewed by other users?
    1. SQL injection
    2. Clickjacking
    3. Cross-site scripting
    4. Bluejacking
  8. Rick wants to make offline brute-force attacks against his password file very difficult for attackers. Which of the following is not a common technique to make passwords harder to crack?
    1. Use of a salt
    2. Use of a pepper
    3. Use of a purpose-built password hashing algorithm
    4. Encrypting password plain text using symmetric encryption
  9. What term is used to describe spam over Internet messaging services?
    1. SPIM
    2. SMSPAM
    3. IMSPAM
    4. TwoFaceTiming
  10. Susan is analyzing the source code for an application and discovers a pointer de-reference and returns NULL. This causes the program to attempt to read from the NULL pointer and results in a segmentation fault. What impact could this have for the application?
    1. A data breach
    2. A denial-of-service condition
    3. Permissions creep
    4. Privilege escalation
  11. Teresa is the security manager for a mid-sized insurance company. She receives a call from law enforcement, telling her that some computers on her network participated in a massive denial-of-service (DoS) attack. Teresa is certain that none of the employees at her company would be involved in a cybercrime. What would best explain this scenario?
    1. It is a result of social engineering.
    2. The machines all have backdoors.
    3. The machines are bots.
    4. The machines are infected with crypto-viruses.
  12. Unusual outbound network traffic, geographical irregularities, and increases in database read volumes are all examples of what key element of...

Indice dei contenuti