Administrators have allowed employees to access their company email from personal computers. However, the administrators are concerned that these computers are another attack Surface and can result in user accounts being breached by foreign actors. Which of the following actions would provide the MOST secure solution?

Enable an option in the administration center so accounts can be locked if they are accessed from different geographical areas.

Implement a 16-character minimum length and 30-day expiration password policy.

Set up a global mail rule to disallow the forwarding of any company email to email addresses outside the organization,

Enforce a policy that allows employees to be able to access their email only while they are connected to the Internet via VPN.

After a phishing scam for 9 user's credentials, the red team was able to craft a payload to deploy on @ server. The attack allowed the installation of malicious software that initiates @ new remote session. Which of the following types of attacks has occurred?

Application programming interface

Several large orders of merchandise were recently purchased on an e-commerce company's website. The totals for each of the transactions were negative values, resulting in credits on the customer’s accounts. Which of the following should be implemented to prevent similar situations in the future?

Make sure transactions that are submitted within very short time periods are prevented from being processed.

Ensure input validation is in place to prevent the use of invalid characters and values.

Calculate all possible values to be added together and ensure the use of the proper integer in the code.

Configure the web application firewall to look for and block session replay attacks.

A user recently entered a username and password into a recruiting application website that had been forged to look like the legitimate site Upon investigation, a security analyst the identifies the following: • The legitimate websites IP address is 10.1.1.20 and eRecruit local resolves to the IP • The forged website's IP address appears to be 10.2.12.99. based on NetFtow records • AH three at the organization's DNS servers show the website correctly resolves to the legitimate IP • DNS query logs show one of the three DNS servers returned a result of 10.2.12.99 (cached) at the approximate time of the suspected compromise. Which of the following MOST likely occurred?

An SSL strip MITM attack was performed

A reverse proxy was used to redirect network traffic

An attacker temporarily pawned a name server

An ARP poisoning attack was successfully executed

A small business just recovered from a ransomware attack against its file servers by purchasing the decryption keys from the attackers. The issue was triggered by a phishing email and the IT administrator wants to ensure it does not happen again. Which of the following should the IT administrator do FIRST after recovery?

Scan the NAS for residual or dormant malware and take new daily backups that are tested on a frequent basis.

Restrict administrative privileges and patch all systems and applications.

Rebuild all workstations and install new antivirus software.

Implement application whitelisting and perform user application hardening.

SYO-601 Domain 1 Practice Questions 1-30

Authored by Darrielle Flemming-Robinson

Instructional Technology

12th Grade

Used 4+ times

SYO-601 Domain 1 Practice Questions 1-30

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

20 questions

Show all answers

MULTIPLE SELECT QUESTION

45 sec • 1 pt

A Chief Security Officer (CSO) is concerned that cloud-based services are not adequately
protected from advanced threats and malware The CSO believes there is a high risk that
a data breach could occur in the near future due to the lack of detective and preventive
controls Which of the following should be implemented to BEST address the CSO's
concerns? {Select TWO)

AWAF

Containerization

An NG-SWG

Segmentation

ACASB

MULTIPLE CHOICE QUESTION

45 sec • 1 pt

Which of the following is a targeted attack aimed at compromising users within a
specific industry or group?

Watering hole

Typosquatting

Hoax

Impersonation

MULTIPLE CHOICE QUESTION

45 sec • 1 pt

A global pandemic is forcing a private organization to close some business units and reduce staffing at others. Which of the following would be BEST to help the
organization’s executives determine the next course of action?

An incident response plan

A communication’s plan

A disaster recovery plan

A business continuity plan

MULTIPLE CHOICE QUESTION

45 sec • 1 pt

A major political party experienced a server breach. The hacker then publicly posted stolen intimal communications concerning campaign strategies to give the opposition party an advantage. Which of the following BEST describes these threat actors?

Semi-authorized hackers

State actors

Script kiddies

Advanced persistent threats

MULTIPLE CHOICE QUESTION

45 sec • 1 pt

A security analyst is reviewing application logs to determine the source of a breach and locates the following log:
https://www.comptia.com/login.php?id=’%20or%20’1’1=’1
Which Of the following has been observed?

DLL Injection

API attack

SQLI

XSS

MULTIPLE CHOICE QUESTION

45 sec • 1 pt

A security Analyst was asked to investigate a situation after SOC started to receive alerts from the SIEM. The analyst first looks at the domain controller and finds the following events at the left:
Based on the analyst findings, which of the following attacks is being executed?

credential harvesting

keylogger

brute-force

spraying

MULTIPLE CHOICE QUESTION

45 sec • 1 pt

A security analyst is performing a forensic investigation compromised account
credentials. Using the Event Viewer, the analyst able to detect the following message, ‘’Special privileges assigned to new login.’’ Several of these messages did not have a valid logon associated with the user before these privileges were assigned. Which of the following attacks is MOST likely being detected?

Pass-the-hash

Buffer overflow

Cross-site scripting

Session replay

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

17 questions

Table Saw Test

Quiz

•

9th - 12th Grade

23 questions

Concrete

Quiz

•

9th - 12th Grade

24 questions

Feb 14, 20205QUIZ

Quiz

•

11th Grade - University

15 questions

SSL INTERNET SECURITY

Quiz

•

11th - 12th Grade

20 questions

PLTW Design Game

Quiz

•

9th - 12th Grade

15 questions

MIL ACTIVITY

Quiz

•

12th Grade

20 questions

Test 1 - Pathway to Certification Review

Quiz

•

9th - 12th Grade

20 questions

IT17 Steering & Suspension

Quiz

•

12th Grade

Popular Resources on Wayground

20 questions

"What is the question asking??" Grades 3-5

Quiz

•

1st - 5th Grade

20 questions

“What is the question asking??” Grades 6-8

Quiz

•

6th - 8th Grade

10 questions

Fire Safety Quiz

Quiz

•

12th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

34 questions

STAAR Review 6th - 8th grade Reading Part 1

Quiz

•

6th - 8th Grade

20 questions

“What is the question asking??” English I-II

Quiz

•

9th - 12th Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

47 questions

8th Grade Reading STAAR Ultimate Review!

Quiz

•

8th Grade

Discover more resources for Instructional Technology

14 questions

Fire Safety Quiz

Quiz

•

9th - 12th Grade

SYO-601 Domain 1 Practice Questions 1-30

Which of the following is a targeted attack aimed at compromising users within aspecific industry or group?

A global pandemic is forcing a private organization to close some business units and reduce staffing at others. Which of the following would be BEST to help theorganization’s executives determine the next course of action?

A major political party experienced a server breach. The hacker then publicly posted stolen intimal communications concerning campaign strategies to give the opposition party an advantage. Which of the following BEST describes these threat actors?

A security analyst is reviewing application logs to determine the source of a breach and locates the following log:https://www.comptia.com/login.php?id=’%20or%20’1’1=’1Which Of the following has been observed?

A security Analyst was asked to investigate a situation after SOC started to receive alerts from the SIEM. The analyst first looks at the domain controller and finds the following events at the left:Based on the analyst findings, which of the following attacks is being executed?

A security administrator checks the table of a network switch, which shows the following output. Which of the following is happening to this switch?

After a phishing scam for 9 user&#39;s credentials, the red team was able to craft a payload to deploy on @ server. The attack allowed the installation of malicious software that initiates @ new remote session. Which of the following types of attacks has occurred?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Instructional Technology

Which of the following is a targeted attack aimed at compromising users within a
specific industry or group?

A global pandemic is forcing a private organization to close some business units and reduce staffing at others. Which of the following would be BEST to help the
organization’s executives determine the next course of action?

A security analyst is reviewing application logs to determine the source of a breach and locates the following log:
https://www.comptia.com/login.php?id=’%20or%20’1’1=’1
Which Of the following has been observed?

A security Analyst was asked to investigate a situation after SOC started to receive alerts from the SIEM. The analyst first looks at the domain controller and finds the following events at the left:
Based on the analyst findings, which of the following attacks is being executed?

After a phishing scam for 9 user's credentials, the red team was able to craft a payload to deploy on @ server. The attack allowed the installation of malicious software that initiates @ new remote session. Which of the following types of attacks has occurred?