CompTIA SY0-601 Quiz 31 Topic 2 Questions 151-155

Question: 1

A company recently experienced an attack during which its main website was Directed to the attacker's web server, allowing the attacker to harvest credentials from unsuspecting customers, Which of the following should the

company implement to prevent this type of attack from occurring In the future?

AIPsec

BSSL/TLS

CONSSEC

DSMIME

Show Answer

Question: 2

A network analyst is investigating compromised corporate information. The analyst leads to a theory that network traffic was intercepted before being transmitted to the internet. The following output was captured on an internal host:

q2_SY0-601

Based on the IoCS, which of the following was the MOST likely attack used to compromise the network communication?

ADenial of service

BARP poisoning

CCommand injection

DMAC flooding

Show Answer

Question: 3

A security engineer at an offline government facility is concerned about the validity of an SSL certificate. The engineer wants to perform the fastest check with the least delay to determine if the certificate has been revoked. Which of the following would BEST these requirement?

A .RA

B .OCSP

CCRL
D . CSR

Show Answer

Question: 4

organization's vulnerabilities. Which of the following would BEST meet this need?

ACVE

BSIEM

CSOAR

DCVSS

Show Answer

Question: 5

The security administrator has installed a new firewall which implements an implicit DENY policy by default.

AINSTRUCTIONS:
Click on the firewall and configure it to allow ONLY the following communication.
1. The Accounting workstation can ONLY access the web server on the public network over the default HTTPS port. The accounting workstation should not access other networks.
2. The HR workstation should be restricted to communicate with the Financial server ONLY, over the default SCP port
3. The Admin workstation should ONLY be able to access the servers on the secure network over the default TFTP port.
Instructions: The firewall will process the rules in a top-down manner in order as a first match The port number must be typed in and only one port number can be entered per rule Type ANY for all ports. The original firewall configuration can be reset at any time by pressing the reset button. Once you have met the simulation requirements, click save and then Done to submit.

Hot Area:

Section: Network Security

Show Answer

A company recently experienced an attack during which its main website was Directed to the attacker's web server, allowing the attacker to harvest credentials from unsuspecting customers, Which of the following should thecompany implement to prevent this type of attack from occurring In the future?

A security engineer at an offline government facility is concerned about the validity of an SSL certificate. The engineer wants to perform the fastest check with the least delay to determine if the certificate has been revoked. Which of the following would BEST these requirement?A .RAB .OCSP

organization's vulnerabilities. Which of the following would BEST meet this need?

The security administrator has installed a new firewall which implements an implicit DENY policy by default.

CompTIA SY0-601 Quiz:31 Topic:2 Questions:151-155

A security engineer at an offline government facility is concerned about the validity of an SSL certificate. The engineer wants to perform the fastest check with the least delay to determine if the certificate has been revoked. Which of the following would BEST these requirement?
A .RA
B .OCSP