Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CompTIA Security+ Certification Exam SY0-601 > 6 > Flashcards

6 Flashcards

1
Q

Which of the following answers does not refer to an email communication threat vector?

A

Skimming

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following mitigates the risk of supply chain attacks?

A

Vendor/Intermediary checks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Examples of social media threat vectors include:

A
  • PII harvesting
  • Social engineering
  • Identity/account theft
  • Malicious URLs
    ** All of the above **
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following terms refers to threat intelligence gathered from publicly available sources?

A

** OSINT **
(Open Source Intelligence (OSINT) is the collection, analysis, and dissemination of information that is publicly available and legally accessible. Right now, OSINT is used by a organizations, including governments, businesses, and non-governmental organizations)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following answers refer to vulnerability databases?

A
  • CVE (Common Vulnerabilities and Exposures (CVE) is a list of publicly disclosed vulnerabilities and exposures that is maintained by MITRE.)
  • NVD (The National Vulnerability Database (NVD) is a database, maintained by NIST, that is fully synchronized with the MITRE CVE list)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following statements does not apply to dark web?

A

Forms a large part of the deep web

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A type of forensic evidence that can be used to detect unauthorized access attempts or other malicious activities is called:

A

** IoC **
During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following terms refers to a US government initiative for real-time sharing of cyber threat indicators?

A

** AIS **
(Automated Indicator Sharing (AIS) is a service the Cybersecurity and Infrastructure Security Agency (CISA) provides to enablereal-time exchange of machine-readable cyber threat indicators and defensive measures between public and private-sector organizations.)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is STIX?

A

Common language for describing cyber threat information

STIX (Structured Threat Information eXpression) is a standardized XML programming language for conveying data about cybersecurity threats in a common language that can be easily understood by humans and security technologies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following terms refers to a dedicated transport mechanism for cyber threat information?

A

TAXII

TAXII, short for Trusted Automated eXchange of Intelligence Information, defines how cyber threat information can be shared via services and message exchanges

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

GitHub is an example of:

A

File/code repository

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A type of formal document that describes the specifications for a particular technology is known as:

A

RFC

A Request for Comments (rfc) is a publication in a series from the principal technical development and standards-setting bodies for the Internet, most prominently the Internet Engineering Task Force

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which of the following describes the behavior of a threat actor?

A

TTPs

(Tactics, Techniques, and Procedures)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A type of attack aimed at exploiting vulnerability that is present in already released software but unknown to the software developer is called:

A

Zero-day attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following answers refers to a deprecated encryption protocol?

A

** SSL **

The deprecated encryption protocol among the options you provided is SSL (Secure Sockets Layer). SSL has been largely replaced by its successor, TLS (Transport Layer Security), due to vulnerabilities and security issues found in SSL. TLS is a more secure and up-to-date protocol for securing data transmission over the internet.
It is essential to use TLS instead of SSL to ensure the security and privacy of data in transit.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

FTP, HTTP, IMAP, POP, SMTP, and Telnet are all examples of cleartext (i.e. unencrypted) network protocols.

A

True

17
Q

The importance of changing default usernames and passwords can be illustrated on the example of certain network devices (such as routers) which are often shipped with default and well-known admin credentials that can be looked up on the web.

A

True

18
Q

Vulnerability scanning: (Select all that apply)

A
  • Identifies lack of security controls
  • Identifies common misconfigurations
  • Passively tests security controls
19
Q

An antivirus software identifying non-malicious file as a virus due to faulty virus signature file is an example of:

A

** False positive error **

A false positive state is when the IDS identifies an activity as an attack but the activity is acceptable behavior. A false positive is a false alarm.

20
Q

Which of the following terms refers to a situation where no alarm is raised when an attack has taken place?

A

** False negative **

A false negative state is the most serious and dangerous state. This is when the IDS identifies an activity as acceptable when the activity is actually an attack.

21
Q

An industry standard for assessing the severity of computer system security vulnerabilities is known as:

A

** CVSS **
The Common Vulnerability Scoring System is a free and open industry standard for assessing the severity of computer system security vulnerabilities.
CVSS attempts to assign severity scores to vulnerabilities, allowing responders to prioritize responses and resources according to threat

22
Q

Which type of server is used for collecting diagnostic and monitoring data from networked devices?

A

Syslog Server

23
Q

A security solution designed to detect anomalies in the log and event data collected from multiple network devices is called:

A

** SIEM **

Security information and event management, SIEM for short, is a solution that helps organizations detect, analyze, and respond to security threats before they harm business operations.

24
Q

Which of the following tools enables automated response to security incidents?

A

** SOAR **

SOARs can make alerts more manageable by centralizing security data, enriching events, and automating responses. As a result, SOCs can process more alerts while reducing response times. SOCs can use SOAR playbooks to define standard, scalable incident response workflows for common threats.

25
Q

Penetration testing: (Select all that apply)

A
  • Actively tests security controls
  • Exploits vulnerabilities

CompTIA Security+ Certification Exam SY0-601 (26 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions