SY0-601トレーニング最新認定問題をゲットCompTIA Security+合格目指せ2024年03月05日
認定トレーニングSY0-601試験問題集テストエンジン
試験自体は、90の多肢選択問題とパフォーマンスベースの問題から構成されています。試験時間は90分で、合格点は900点満点中750点です。試験は任意のPearson VUEテストセンターまたはオンラインで受験できます。試験費用は370ドルで、有効期間は3年間です。3年後は、継続教育クレジットを取得するか、試験を再受験することで認証を更新できます。
Comptia Security+(SY0-601)認定試験は、コアセキュリティ機能を実行し、ITセキュリティキャリアを追求するために必要な知識とスキルを検証するグローバルに認められたサイバーセキュリティ認証です。この認定試験は、セキュリティアナリスト、セキュリティエンジニア、ネットワーク管理者、システム管理者など、セキュリティ業界でのキャリアを促進したい専門家向けに設計されています。 SY0-601試験では、ネットワークセキュリティ、暗号化、アイデンティティとアクセス管理、リスク管理など、幅広いセキュリティトピックをカバーしています。
質問 # 98
A security engineer updated an application on company workstations. The application was running before the update, but it is no longer launching successfully. Which of the following most likely needs to be updated?
- A. Approved fist
- B. Quarantine list
- C. Blocklist
- D. Deny list
正解:A
解説:
Approved list is a list of applications or programs that are allowed to run on a system or network. An approved list can prevent unauthorized or malicious software from running and compromising the security of the system or network. An approved list can also help with patch management and compatibility issues. If the security engineer updated an application on the company workstations, the application may need to be added or updated on the approved list to be able to launch successfully. Reference: 1 CompTIA Security+ Certification Exam Objectives, page 10, Domain 2.0: Architecture and Design, Objective 2.4: Explain the importance of embedded and specialized systems security 2 CompTIA Security+ Certification Exam Objectives, page 12, Domain 3.0: Implementation, Objective 3.1: Implement secure network architecture concepts 3 https://www.comptia.org/blog/what-is-application-whitelisting
質問 # 99
A company is concerned about individuals dnvmg a car into the building to gam access Which of the following security controls would work BEST to prevent this from happening?
- A. Access control vestibule
- B. Bollard
- C. Signage
- D. Alarms
- E. Camera
正解:B
解説:
Explanation
A bollard would work best to prevent individuals from driving a car into the building. A bollard is a short, vertical post that can be used to block vehicles from entering a designated area. It is specifically designed to stop cars from crashing into buildings or other structures.
質問 # 100
A security analyst was deploying a new website and found a connection attempting to authenticate on the site's portal. While Investigating The incident, the analyst identified the following Input in the username field:
Which of the following BEST explains this type of attack?
- A. Code to execute a race condition on the server
- B. DLL injection to hijack administrator services
- C. SQLi on the field to bypass authentication
- D. Execution of a stored XSS on the website
正解:C
質問 # 101
As part of the building process for a web application, the compliance team requires that all PKI certificates are rotated annually and can only contain wildcards at the secondary subdomain level. Which of the following certificate properties will meet these requirements?
- A. HTTPS://.comptia.org, Valid from April 10 00:00:00 2021 - April 8 12:00:00 2022
- B. HTTPS:// app1.comptia.org, Valid from April 10 00:00:00 2021-April 8 12:00:00 2022
- C. HTTPS://app1.comptia.org, Valid from April 10 00:00:00 2021-April 8 12:00:00 2022
- D. HTTPS://.comptia.org, Valid from April 10 00:00:00 2021 - April 8 12:00:00
正解:A
解説:
PKI certificates are digital certificates that use public key infrastructure (PKI) to verify the identity and authenticity of a sender and a receiver of data1. PKI certificates can be used to secure web applications with HTTPS, which is a protocol that encrypts and protects the data transmitted over the internet1.
One of the properties of PKI certificates is the domain name, which is the name of the website or web application that the certificate is issued for2. The domain name can be either a specific name, such as app1.comptia.org, or a wildcard name, such as *.comptia.org2. A wildcard name means that the certificate can be used with multiple subdomains of a domain, such as payment.comptia.org or contact.comptia.org2.
Another property of PKI certificates is the validity period, which is the time span during which the certificate is valid and can be used3. The validity period is determined by the certificate authority (CA) that issues the certificate, and it usually ranges from one to three years3. The validity period can be checked by looking at the valid from and valid to dates on the certificate3.
Based on these properties, the certificate that will meet the requirements of rotating annually and only containing wildcards at the secondary subdomain level is A. HTTPS://*.comptia.org, Valid from April 10 00:00:00 2021 - April 8 12:00:00 2022. This certificate has a wildcard character (*) at the secondary subdomain level, which means it can be used with any subdomain of comptia.org2. It also has a validity period of one year, which means it needs to be rotated annually3.
質問 # 102
A security architect is required to deploy to conference rooms some workstations that will allow sensitive data to be displayed on large screens. Due to the nature of the data, it cannot be stored in the conference rooms. The fiieshare is located in a local data center. Which of the following should the security architect recommend to BEST meet the requirement?
- A. VDI and thin clients
- B. Fog computing and KVMs
- C. Private cloud and DLP
- D. Full drive encryption and thick clients
正解:A
質問 # 103
A company just developed a new web application for a government agency. The application must be assessed and authorized prior to being deployed. Which of the following is required to assess the vulnerabilities resident in the application?
- A. Static code analysis
- B. Common Vulnerabilities and Exposures
- C. Non-credentialed scans
- D. Repository transaction logs
正解:A
質問 # 104
A security analyst is reviewing the output of a web server log and notices a particular account is attempting to transfer large amounts of money:
GET
http://yourbank.com/transfer.do?acctnum=08764 6959
&amount=500000 HTTP/1.1
GET
http://yourbank.com/transfer.do?acctnum=087646958
&amount=5000000 HTTP/1.1
GET
http://yourbank.com/transfer.do?acctnum=-087646958
&amount=1000000 HTTP/1.1
GET
http://yourbank.com/transfer.do?acctnum=087646953
&amount=500 HTTP/1.1
Which of the following types of attacks is most likely being conducted?
- A. SQLi
- B. Spear phishing
- C. API
- D. CSRF
正解:D
解説:
Explanation
CSRF stands for Cross-Site Request Forgery, which is an attack that forces an end user to execute unwanted actions on a web application in which they are currently authenticated1. In this case, the attacker may have tricked the user into clicking a malicious link or visiting a malicious website that sends forged requests to the web server of the bank, using the user's session cookie or other credentials. The web server then performs the money transfer requests as if they were initiated by the user, without verifying the origin or validity of the requests.
A: SQLi. This is not the correct answer, because SQLi stands for SQL Injection, which is an attack that exploits a vulnerability in a web application's database layer, where malicious SQL statements are inserted into an entry field for execution2. The output of the web server log does not show any SQL statements or commands.
B: CSRF. This is the correct answer, because CSRF is an attack that exploits the trust a web server has in a user's browser, where malicious requests are sent to the web server using the user's credentials1. The output of the web server log shows multiple GET requests with different account numbers and amounts, which may indicate a CSRF attack.
C: Spear phishing. This is not the correct answer, because spear phishing is an attack that targets a specific individual or organization with a personalized email or message that contains a malicious link or attachment3.
The output of the web server log does not show any email or message content or headers.
D: API. This is not the correct answer, because API stands for Application Programming Interface, which is a set of rules and specifications that allow software components to communicate and exchange data. API is not an attack method, but rather a way of designing and developing software applications.
質問 # 105
A researcher has been analyzing large data sets for the last ten months. The researcher works with colleagues from other institutions and typically connects via SSH to retrieve additional dat a. Historically, this setup has worked without issue, but the researcher recently started getting the following message:
Which of the following network attacks is the researcher MOST likely experiencing?
- A. ARP poisoning
- B. MAC cloning
- C. Man-in-the-middle
- D. Evil twin
正解:C
解説:
the message is basically saying the known_hosts that your client uses has a tuple that no longer matches this server, usually because the server is presenting a new key to the client, though it could be the same key on a new ip also. Which could be the result of a MITM attack. (key changed) https://serverfault.com/questions/193631/ssh-into-a-box-with-a-frequently-changed-ip (ip changed) https://stackabuse.com/how-to-fix-warning-remote-host-identification-has-changed-on-mac-and-linux/
質問 # 106
The application development team is in the final stages of developing a new healthcare application. The team has requested copies of current PHI records to perform the final testing.
Which of the following would be the best way to safeguard this information without impeding the testing process?
- A. Installing a FIM on the application server
- B. Deploying DLP tools
- C. Implementing a content filter
- D. Anonymizing the data
正解:D
解説:
Anonymizing the data is the process of removing personally identifiable information (PII) from data sets, so that the people whom the data describe remain anonymous12. Anonymizing the data can safeguard the PHI records without impeding the testing process, because it can protect the privacy of the patients while preserving the data integrity and statistical accuracy for the application development team12. Anonymizing the data can be done by using techniques such as data masking, pseudonymization, generalization, data swapping, or data perturbation12.
Implementing a content filter is not the best way to safeguard the information, because it is a technique that blocks or allows access to certain types of content based on predefined rules or policies3. A content filter does not remove or encrypt PII from data sets, and it may not prevent unauthorized access or leakage of PHI records.
Deploying DLP tools is not the best way to safeguard the information, because it is a technique that monitors and prevents data exfiltration or transfer to unauthorized destinations or users. DLP tools do not remove or encrypt PII from data sets, and they may not be sufficient to protect PHI records from internal misuse or negligence.
Installing a FIM on the application server is not the best way to safeguard the information, because it is a technique that detects and alerts changes to files or directories on a system. FIM does not remove or encrypt PII from data sets, and it may not prevent unauthorized access or modification of PHI records.
質問 # 107
A security analyst wants to fingerpnnt a web server Which of the following tools will the security analyst MOST likely use to accomplish this task?
- A. dig 192.168.0.10
- B. nmap -p1-65S35 192.168.0.10
- C. ping 192.168.0.10
- D. cur1
--htad http://192.168.0.10
正解:D
解説:
Explanation
HTTP/1.1 301 Moved Permanently
Server: cloudflare
Date: Thu, 01 Sep 2022 22:36:50 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://1.1.1.1/
CF-RAY: 74417cb04d6b9a50-MFE
質問 # 108
A systems administrator needs to install a new wireless network for authenticated guest access. The wireless network should support 802. IX using the most secure encryption and protocol available.
Perform the following steps:
1. Configure the RADIUS server.
2. Configure the WiFi controller.
3. Preconfigure the client for an
incoming guest. The guest AD
credentials are:
User: guest01
Password: guestpass
正解:
解説:
See the explanation below for the solution.
Explanation
Wifi Controller
SSID: CORPGUEST
SHARED KEY: Secret
AAA server IP: 192.168.1.20
PSK: Blank
Authentication type: WPA2-EAP-PEAP-MSCHAPv2
Controller IP: 192.168.1.10
Radius Server
Shared Key: Secret
Client IP: 192.168.1.10
Authentication Type: Active Directory
Server IP: 192.168.1.20
Wireless Client
SSID: CORPGUEST
Username: guest01
Userpassword: guestpass
PSK: Blank
Authentication type: WPA2-Enterprise
質問 # 109
Select the appropriate attack and remediation from each drop-down list to label the corresponding attack with its remediation.
INSTRUCTIONS
Not all attacks and remediation actions will be used.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
正解:
解説:

質問 # 110
he Chief Information Secunty Officer came across a news arbcle outining a mechan'sm thal allows certan OS passwords to be bypassed The security team was then tasked with determining which method could be used to prevent data loss in the corporate environment in case an attacker bypasses authentication Which of the following will accomplish this objective?
- A. TPM
- B. Proper patch management protocols
- C. FDE
- D. Input validations
正解:C
質問 # 111
In the middle of a cyberattack, a security engineer removes the infected devices from the network and locks down all compromised accounts. In which of the following incident response phases is the security engineer currently operating?
- A. Recovery
- B. Eradication
- C. Identification
- D. Containment
- E. Lessons learned
- F. Preparation
正解:D
質問 # 112
A company recently added a DR site and is redesigning the network. Users at the DR site are having issues browsing websites.
INSTRUCTIONS
Click on each firewall to do the following:
1. Deny cleartext web traffic
2. Ensure secure management protocols are used.
3. Resolve issues at the DR site.
The ruleset order cannot be modified due to outside constraints.
Hat any time you would like to bring back the initial state of the simulation, please dick the Reset All button.
In Firewall 1, HTTP inbound Action should be DENY. As shown below
In Firewall 2, Management Service should be DNS, As shown below.
正解:
解説:
In Firewall 3, HTTP Inbound Action should be DENY, as shown below
質問 # 113
A security analyst is reviewing application logs to determine the source of a breach and locates the following log:
Which Of the following has been observed?
- A. DLL Injection
- B. XSS
- C. API attack
- D. SQLI
正解:D
質問 # 114
A security analyst sees the following log output while reviewing web logs:
Which of the following mitigation strategies would be BEST to prevent this attack from being successful?
- A. Input validation
- B. Stored procedures
- C. Code signing
- D. Secure cookies
正解:A
質問 # 115
......
この試験は、ネットワークセキュリティ、暗号化、アイデンティティとアクセス管理、リスク管理、セキュリティ運用など、セキュリティに関連する幅広いトピックをカバーするように設計されています。これは、基本的なセキュリティの概念から、機密情報を保護するために使用されるより高度なセキュリティ対策まで、ITセキュリティのすべての側面をカバーする包括的な試験です。
合格確定、ガイドで準備SY0-601試験:https://www.goshiken.com/CompTIA/SY0-601-mondaishu.html
CompTIA Security+ SY0-601無料最新のリアル試験問題と回答:https://drive.google.com/open?id=1oq8gKrLs925jDLKdsLG1-sRiMGp5e4IL