SYO-501無料問題集「CompTIA Security+ Certification」

質問 1

Which of the following is a benefit of credentialed vulnerability scans?

（A）The vulnerability scanner is able to inventory software on the target.

（B）Black-box testing can be performed.

（C）A scan will reveal data loss in real time.

（D）Credentials provide access to scan documents to identify possible data theft.

正解：A 解答を投票する

質問 2

An administrator performs a workstation audit and finds one that has non-standard software installed. The administrator then requests a report to see if a change request was completed for the installed software. The report shows a request was completed. Which of the following has the administrator found?

（A）A license compliance violation

（B）A baseline deviation

（C）An insider threat

（D）Unauthorized software

正解：B 解答を投票する

質問 3

A security analyst is asked to check the configuration of the company's DNS service on the server. Which of the following command line tools should the analyst use to perform the Initial assessment?

（A）tcpdump

（B）ipconfig/ifconfig

（C）tracert

（D）nslookup/dlg

正解：C 解答を投票する

質問 4

An organization has the following password policies:
* Passwords must be at least 16 characters long.
* Three tailed login attempts will lock the account (or live minutes.
* Passwords must have one uppercase letter, one lowercase letter, and one non-alphanumeric symbol.
A database server was recently breached, and the incident response team suspects the passwords were compromised. Users with permission on that database server were forced to change their passwords for that server. Unauthorized and suspicious logins are now being detected on the same server. Which of the following is MOST likely the issue, and what should be done?

（A）Service accounts are being used to log onto the server; restrict service account permissions to read/ write.

（B）Some users have reset their account to a previously used password; implement a password history policy.

（C）Single sign-on is allowing remote logins to the database server; disable single sign-on until it can be properly configured.

（D）Users are logging in after working hours; implement a time-of-day restriction for the database servers.

正解：D 解答を投票する

質問 5

After successfully breaking into several networks and infecting multiple machines with malware. hackers contact the network owners, demanding payment to remove the infection and decrypt files. The hackers threaten to publicly release information about the breach if they are not paid. Which of the following BEST describes these attackers?

（A）Hacktivists

（B）Insiders

（C）Organized crime

（D）Gray hat hackers

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

The Chief Information Officer (CIO) has determined the company's new PKI will not use OCSP. The purpose of OCSP still needs to be addressed. Which of the following should be implemented?

（A）Build an online intermediate CA.

（B）Implement stapling.

（C）Install a CRL.

（D）Implement a key escrow.

正解：C 解答を投票する

質問 7

A security consultant is analyzing data from a recent compromise. The following data points are documented: Access to data on share drives and certain networked hosts was lost after an employee logged in to an interactive session as a privileged user.
The data was unreadable by any known commercial software.
The issue spread through the enterprise via SMB only when certain users accessed dat a. Removal instructions were not available from any major antivirus vendor.
Which of the following types of malware is this an example of?

（A）Worm

（B）RAT

（C）Keylogger

（D）Backdoor

（E）Ransomware

正解：E 解答を投票する

質問 8

A network administrator wants to gather information on the security of the network servers in the DMZ. The administrator runs the following command:

Which of the following actions is the administrator performing?

（A）Grabbing the web server banner

（B）Accessing the web server management console

（C）Logging into the web server

（D）Harvesting cleartext credentials

正解：A 解答を投票する

質問 9

A researcher has been analyzing large data sets for the last ten months. The researcher works with colleagues from other institutions and typically connects via SSH to retrieve additional dat a. Historically, this setup has worked without issue, but the researcher recently started getting the following message:

Which of the following network attacks Is the researcher MOST likely experiencing?

（A）MAC cloning

（B）Man-in-the-middle

（C）Evil twin

（D）ARP poisoning

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

A security analyst is determining the point of compromise after a company was hacked. The analyst checks the server logs and sees that a user account was logged in at night, and several large compressed files were exfiltrated. The analyst then discovers the user last logged in four years ago and was terminated. Which of the following should the security analyst recommend to prevent this type of attack in the future? (Choose two.)

（A）Enable a login banner prohibiting unauthorized use

（B）Create a honeypot to catch the hacker

（C）Disable all user accounts that are not logged in to for 180 days

（D）Perform an audit of all company user accounts

（E）Restrict the compromised user account

（F）Review and update the firewall settings

正解：D、E 解答を投票する

質問 11

A security administrator suspects an employee has been emailing proprietary information to a competitor. Company policy requires the administrator to capture an exact copy of the employee's hard disk. Which of the following should the administrator use?

（A）dnaenum

（B）logger

（C）chmod

（D）dd

正解：D 解答を投票する

質問 12

Which of the following concepts ensure ACL rules on a directory are functioning as expected? (Select TWO).

（A）Non-repudiation

（B）Auditing

（C）Authentication

（D）Accounting

（E）Authorization

正解：B、D 解答を投票する

質問 13

A security analyst is performing a BIA.
The analyst notes that in a disaster, failover systems must be up and running within 30 minutes. The failover systems must use backup data that is no older than one hour. Which of the following should the analyst include in the business continuity plan?

（A）A maximum RPO of 60 minutes

（B）A maximum MTBF of 30 minutes

（C）A maximum MTTR of 30 minutes

（D）A maximum RTO of 60 minutes

（E）An SLA guarantee of 60 minutes

正解：A 解答を投票する

質問 14

A technician suspects that a desktop was compromised with a rootkit. After removing lhe hard drive from the desktop and running an offline file integrity check, the technician reviews the following output:

Based on the above output, which of the following is the malicious file?

（A）lsass.exe

（B）notepad.exe

（C）kernel.dll

（D）httpd.axe

正解：C 解答を投票する

質問 15

A company is implementing a tool to mask all PII when moving data from a production server to a testing server. Which of the following security techniques is the company applying?

（A）Data sanitization

（B）Data wiping

（C）Data obfuscation

（D）Steganograpgy

正解：A 解答を投票する

質問 16

Company engineers regularly participate in a public Internet forum with other engineers throughout the industry. Which of the following tactics would an attacker MOST likely use in this scenario?

（A）Credential harvesting

（B）Watering-hole attack

（C）Pharming

（D）Hybrid warfare

正解：B 解答を投票する

SYO-501 無料問題集「CompTIA Security+ Certification」

弊社を連絡する

関連リンク

トップ試験