©BRIGHTSTARS EXAM SOLUTIONS
10/22/2024 12:14 PM
Jason Udemy CompTIA Security+ (SY0-601)
Practice Exam #3 Questions And Answers
100% Pass.
A macOS user is browsing the internet in Google Chrome when they see a notification that says,
"Windows Enterprise Defender: Your computer is infected with a virus, please click here to
remove it!" What type of threat is this user experiencing?
Pharming
Worm
Rogue anti-virus
Phishing - answer✔Rogue anti-virus
OBJ-1.1: Rogue anti-virus is a form of malicious software and internet fraud that misleads users
into believing there is a virus on their computer and to pay money for a fake malware removal
tool (that actually introduces malware to the computer). It is a form of scareware that
manipulates users through fear and a form of ransomware. Since the alert is being displayed on a
macOS system but appears to be meant for a Windows system, it is obviously a scam or fake
alert and most likely a rogue anti-virus attempting to infect the system. Phishing is an email-
based social engineering attack in which the attacker sends an email from a supposedly reputable
source, such as a bank, to try to elicit private information from the victim. Phishing attacks target
an indiscriminate large group of random people. A worm is a standalone malware computer
program that replicates itself to spread to other computers. Often, it uses a computer network to
spread itself, relying on security failures on the target computer to access it. A worm can spread
on its own, whereas a virus needs a host program or user interaction to propagate itself.
Pharming is a type of social engineering attack that redirects a request for a website, typically an
e-commerce site, to a similar-looking, but fake, website. The attacker uses DNS spoofing to
redirect the user to the fake site.
, ©BRIGHTSTARS EXAM SOLUTIONS
10/22/2024 12:14 PM
Which of the following methods should a cybersecurity analyst use to locate any instances on the
network where passwords are being sent in cleartext?
SIEM event log monitoring
Full packet capture
Net flow capture
Software design documentation review - answer✔Full Packet Capture
OBJ-4.3: Full packet capture records the complete payload of every packet crossing the network.
The other methods will not provide sufficient information to detect a cleartext password being
sent. A net flow analysis will determine where communications occurred, by what protocol, to
which devices, and how much content was sent. Still, it will not reveal anything about the
content itself since it only analyzes the metadata for each packet crossing the network. A SIEM
event log being monitored might detect that an authentication event has occurred. Still, it will not
necessarily reveal if the password was sent in cleartext, as a hash value, or in the ciphertext. A
software design documentation may also reveal the designer's intentions for authentication when
they created the application, but this only provides an 'as designed' approach for a given software
and does not provide whether the 'as-built' configuration was implemented securely.
When you purchase an exam voucher at diontraining.com, the system only collects your name,
email, and credit card information. Which of the following privacy methods is being used by
Dion Training?
Anonymization
Tokenization
Data masking
Data minimization - answer✔Data minimization
OBJ-5.5: Data minimization involves limiting data collection to only what is required to fulfill a
specific purpose. Reducing what information is collected reduces the amount and type of
information that must be protected. Since we only need your name and email to deliver the
voucher and your credit card to receive payment for the voucher, we do not collect any
additional information, such as your home address or phone number. Data masking can mean
that all or part of a field's contents are redacted, by substituting all character strings with x, for
example. Tokenization means that all or part of data in a field is replaced with a randomly
, ©BRIGHTSTARS EXAM SOLUTIONS
10/22/2024 12:14 PM
generated token. The token is stored with the original value on a token server or token vault,
separate from the production database. An authorized query or app can retrieve the original value
from the vault, if necessary, so tokenization is a reversible technique. Data anonymization is the
process of removing personally identifiable information from data sets so that the people whom
the data describe remain anonymous.
Which of the following types of attacks occurs when an attacker calls up people over the phone
and attempts to trick them into providing their credit card information?
Hoax
Phishing
Spear phishing
Vishing
Pharming - answer✔Vishing
OBJ-1.1: Vishing is the fraudulent practice of making phone calls or leaving voice messages
purporting to be from reputable companies to induce individuals to reveal personal information,
such as bank details and credit card numbers.
A new smartphone supports users' ability to transfer a photograph by simply placing their phones
near each other and "tapping" the two phones together. What type of technology does this most
likely rely on?
BT
NFC
RF
IR - answer✔NFC
OBJ-1.4: Near-field communication (NFC) is a set of communication protocols that enable two
electronic devices, one of which is usually a portable device such as a smartphone, to establish
communication by bringing them within 4 cm of each other. This is commonly used for
contactless payment systems, transferring contacts, or transferring a file from one device to
another. Bluetooth (BT) is a wireless technology standard used for exchanging data between
fixed and mobile devices over short distances using UHF radio waves in the industrial, scientific,
and medical radio bands from 2.402 GHz to 2.480 GHz and building a personal area network
, ©BRIGHTSTARS EXAM SOLUTIONS
10/22/2024 12:14 PM
(PAN). Bluetooth is commonly used when connecting wireless devices like mice, trackpads,
headphones, and other devices. Infrared (IR) was a wireless networking standard supporting
speeds up to about 4 Mbps with a direct line of sight for communications. Infrared sensors are
used in mobile devices and with IR blasters to control appliances. While infrared (IR) used to be
commonly used to connect wireless mice and keyboards to a laptop in the 1990s, it has fallen out
of favor in the last 10-15 years since Bluetooth is more reliable and does not require a direct line
of sight between the device and the laptop. Radio frequency (RF) is the propagation of radio
waves at different frequencies and wavelengths. For example, Wi-Fi network products use a
frequency of either 2.4 GHz or 5 GHz.
You are working in a doctor's office and have been asked to set up a kiosk to allow customers to
check in for their appointments. The kiosk should be secured, and only customers to access a
single application used for the check-in process. You must also ensure that the computer will
automatically log in whenever the system is powered on or rebooted. Which of the following
types of accounts should you configure for this kiosk?
Administrator
Guest
Remote Desktop User
Power User - answer✔Guest
A software assurance test analyst performs a dynamic assessment on an application by
automatically generating random data sets and inputting them in an attempt to cause an error or
failure condition. Which technique is the analyst utilizing?
Static code analysis
Known bad data injection
Fuzzing
Sequential data sets - answer✔Fuzzing
OBJ-3.2: Fuzzing is an automated software assessment technique that involves providing invalid,
unexpected, or random data as inputs to a computer program. The program is then monitored for
exceptions (crashes), failing built-in code assertions, or finding potential memory leaks. Static
code analysis is a method of debugging by examining source code before a program is run.
Known bad data injection is a technique where data known to cause an exception or fault is
entered as part of the testing / assessment with known bad data injections. You would not use
randomly generated data sets, though.
