SY0-601 Free Practice Test

- (Exam Topic 3)
Joe, a user at a company, clicked an email link led to a website that infected his workstation. Joe, was connected to the network, and the virus spread to the network shares. The protective measures failed to stop this virus, and It has continues to evade detection. Which of the following should administrator implement to protect the environment from this malware?

1. A. Install a definition-based antivirus.
2. B. Implement an IDS/IPS
3. C. Implement a heuristic behavior-detection solution.
4. D. Implement CASB to protect the network shares.

Correct Answer: C
Heuristic analysis is also one of the few methods capable of combating polymorphic viruses — the term for malicious code that constantly changes and adapts. Heuristic analysis is incorporated into advanced security solutions offered by companies like Kaspersky Labs to detect new threats before they cause harm, without the need for a specific signature. https://usa.kaspersky.com/resource-center/definitions/heuristic-analysis

- (Exam Topic 3)
A security analyst is reviewing a new website that will soon be made publicly available. The analyst sees the following in the URL:
http://dev-site.comptia.org/home/show.php?sessionID=77276554&loc=us
The analyst then sends an internal user a link to the new website for testing purposes, and when the user clicks the link, the analyst is able to browse the website with the following URL:
http://dev-site.comptia.org/home/show.php?sessionID=98988475&loc=us Which of the following application attacks is being tested?

1. A. Pass-the-hash
2. B. Session replay
3. C. Object deference
4. D. Cross-site request forgery

Correct Answer: B

- (Exam Topic 1)
Which of the following should be monitored by threat intelligence researchers who search for leaked credentials?

1. A. Common Weakness Enumeration
2. B. OSINT
3. C. Dark web
4. D. Vulnerability databases

Correct Answer: C

- (Exam Topic 2)
Which of the following controls is used to make an organization initially aware of a data compromise?

1. A. Protective
2. B. Preventative
3. C. Corrective
4. D. Detective

Correct Answer: D
https://purplesec.us/security-controls/

- (Exam Topic 6)
Which of the following describes where an attacker can purchase DDoS or ransomware services?

1. A. Threat intelligence
2. B. Open-source intelligence
3. C. Vulnerability database
4. D. Dark web

Correct Answer: D
The best option to describe where an attacker can purchase DDoS or ransomware services is the dark web. The dark web is an anonymous, untraceable part of the internet where a variety of illicit activities take place, including the purchase of DDoS and ransomware services. According to the CompTIA Security+ SY0-601 Official Text Book, attackers can purchase these services anonymously and without the risk of detection or attribution. Additionally, the text book recommends that organizations monitor the dark web to detect any possible threats or malicious activity.