Add to collection(s) Add to saved
  1. No category
Uploaded by gmathew753

Architecture and Design Security + Questions

advertisement 
3/14/23, 12:44 AM
SY0-601 Exam Simulation
Architecture and Design
Question #1 of 115
Test ID: 243608020
Question ID: 1345243
Which algorithm is used as the digital signature for the US government, and was developed by NIST and the NSA?
A) CTR
B) DSA
C) GCM
D) ECB
Question #2 of 115
Question ID: 1438688
Your company has decided to implement a biometric system to ensure that only authorized personnel are able to
access several secure areas at the facility. However, management is concerned that users will have privacy concerns
when the biometric system is implemented. You have been asked to recommend the least intrusive biometric system of
the listed options. Which option is considered the least intrusive?
A) fingerprint
B) voice print
C) iris scan
D) retinal scan
Question #3 of 115
Question ID: 1345224
You need to ensure that USB flash drives issued by your organization are protected by encryption. What should you
implement?
A) BitLocker To Go
B) Data Encryption Standard
C) Advanced Encryption Standard
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
1/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
D) Encrypting File System
Question #4 of 115
Question ID: 1487138
Your company has recently started adopting formal security policies to comply with several state regulations. One of the
security policies states that certain hardware is vital to the organization. As part of this security policy, you must ensure
that you have the required number of components plus one extra to plug into any system in case of failure. Which
strategy is this policy demonstrating?
A) fault tolerance
B) cold site
C) clustering
D) server redundancy
Question #5 of 115
Question ID: 1438720
Your organization is trying to decide whether to use RSA or ECC to encrypt cellular communications. What is an
advantage of ECC over the RSA algorithm?
A) ECC uses elliptic curves that improve its reliability.
B) ECC does not deal with the intricacies of digital signatures.
C) ECC requires fewer resources.
D) ECC uses elliptic curves instead of keys to provide security.
Question #6 of 115
Question ID: 1438727
Which of the following common use cases would address the issue of data leakage from a side-channel attack?
A) Supporting non-repudiation
B) Supporting high resiliency
C) Supporting integrity
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
2/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
D) Supporting confidentiality
Question #7 of 115
Question ID: 1345233
After researching different security mechanisms, your company decides to implement PGP instead of a formal PKI and
formal trust certificates. Which of the following is a characteristic of PGP?
A) the deployment of private keys for authentication and encryption
B) the establishment of a web of trust between the users
C) the use of certification authority (CA) servers
D) the use of trust domains by the servers and the clients
Question #8 of 115
Question ID: 1438698
You have implemented a backup plan that includes both full and incremental backups. What does an incremental
backup do?
A) It backs up all files.
B) It backs up all new files and any files that have changed since the last full or
incremental backup and resets the archive bit.
C) It backs up all files in a compressed format.
D) It backs up all new files and any files that have changed since the last full backup
without resetting the archive bit.
Question #9 of 115
Question ID: 1438692
E-commerce payment systems, like PayPal and Google Checkout, allow the user to use a single identity across
multiple platforms. Of which identity and access service is that an example?
A) Biometrics
B) Federation
C) Transitive trust
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
3/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
D) Keyboard cadence
Question #10 of 115
Question ID: 1487141
Which of the following comprises principles that build security into a facility by design?
A) UAV
B) object detection
C) two-person control
D) industrial camouflage
Question #11 of 115
Question ID: 1438689
Users are complaining that the new biometric identification system is difficult to use. They are saying that even though
the initial login worked fine, they have difficulty logging in later. In addition to user training, what should you investigate?
A) HOTP
B) CER
C) FRR
D) FAR
Question #12 of 115
Question ID: 1487135
As a system administrator, you have been tasked with determining which RAID system is appropriate for your
organization. To do this you must match the RAID configuration on the left with the appropriate functionality.
{UCMS id=5357069219659776 type=Activity}
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
4/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
Question #13 of 115
Question ID: 1438731
Which type of encryption algorithm is vulnerable to quantum computing?
A) Symmetric encryption
B) One-way encryption
C) Asymmetric encryption
D) Lattice-based encryption
Question #14 of 115
Question ID: 1438719
You are currently comparing stream ciphers and block ciphers. You have decided to use only block ciphers and hash
algorithms on your organization's network. Which cryptographic algorithm is a stream cipher?
A) MD5
B) RC5
C) RC6
D) RC4
Question #15 of 115
Question ID: 1438732
Why are asymmetric encryption algorithms particularly vulnerable to cryptanalysis by quantum computers?
A) Quantum computers can operate on larger data sets than classical computers
with comparable resources.
B) Quantum computers can perform complex mathematical operations faster than
classical computers with comparable resources.
C) Quantum computers can be upgraded more easily and less expensively than
classical computers with comparable budgets.
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
5/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
D) Quantum computers can perform simple mathematical operations faster than
classical computers with comparable resources.
Question #16 of 115
Question ID: 1345239
You are researching the RSA encryption algorithm. You need to provide some basic facts about this algorithm to your
organization's management team so they can decide if they want to implement it on the organization's network. Which
statement is NOT true of this algorithm?
A) RSA uses public and private key signatures for integrity verification.
B) An RSA algorithm is an example of symmetric cryptography.
C) RSA provides both encryption and authentication.
D) RSA can prevent man-in-the-middle attacks.
E) RSA encryption algorithms do not deal with discrete logarithms.
Question #17 of 115
Question ID: 1438678
Your company has recently decided to create a custom application instead of purchasing a commercial alternative. As
the security administrator, you have been asked to develop security policies and procedures on examining the written
code to discover any security holes that may exist. Which assessment type will be performed as a result of this new
policy?
A) secure code review
B) review design
C) vulnerability scanning
D) baseline reporting
Question #18 of 115
Question ID: 1345211
Your company has recently adopted a new security policy that states that all confidential e-mails must be signed using
a digital signature. Which three elements are provided by implementation of this technology? (Choose three.)
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
6/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
A) encryption
B) authentication
C) integrity
D) availability
E) non-repudiation
Question #19 of 115
Question ID: 1345212
After a recent security audit, several security issues were found. The auditor made suggestions on technologies that
your organization should deploy. One of the suggestions made is to deploy SKIP. Which statement is true of SKIP?
A) SKIP is only a key storage protocol.
B) SKIP works on a response-by-session basis.
C) SKIP deploys IKE for key distribution and management.
D) SKIP is a key distribution protocol.
Question #20 of 115
Question ID: 1345215
Your organization has recently adopted a new security policy. As part of this policy, you must implement the appropriate
technologies to provide confidentiality. Which technology provides this?
A) authentication
B) a disk array
C) asymmetric encryption
D) a digital signature
Question #21 of 115
Question ID: 1345245
Recently, your organization implemented a new security policy which states that watermarks must be used for all
copyrighted material. Which statement is true of a watermark?
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
7/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
A) A watermark cannot be embedded in an audio file.
B) A watermark cannot be removed.
C) A watermark is never visible to the naked human eye.
D) A watermark can enable you to detect copyright violations.
Question #22 of 115
Question ID: 1438729
Which cryptographic attacks attempt to produce the same hash value from a brute force attack using two inputs?
(Choose two.)
A) Collision
B) Weak Implementations
C) Replay
D) Birthday
Question #23 of 115
Question ID: 1487127
Match the descriptions on the left with the cloud deployments on the right.
{UCMS id=5643568213393408 type=Activity}
Question #24 of 115
Question ID: 1487137
Your company decides to implement a RAID-5 array on several file servers. Which feature is provided by this
deployment?
A) Distributed allocation
B) High availability
C) Scalability
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
8/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
D) Elasticity
Question #25 of 115
Question ID: 1438706
Which of the following describe an inherent vulnerability found in many drone and unmanned aerial vehicles?
A) Overwhelming the device with large amounts of data, causing it to crash
B) Forcing the device to follow a different flight plan using a rogue transmitter
C) Uploading malicious files, disconnecting the device from the remote controller
D) Downloading sensitive files from the device, as an unauthorized super user
Question #26 of 115
Question ID: 1487129
Which type of file contains low-level instructions to be executed directly on a specific system or computer platform?
A) Source
B) Script
C) Framework
D) Binary
Question #27 of 115
Question ID: 1487130
Why is reviewing script files for malicious code easier than reviewing binary files??
A) The interpretation process obfuscates and reduces the likelihood of reverse
engineering
B) Script files contain source code with human readable instructions
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
9/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
C) Script files use open-source frameworks with more widely available
documentation
D) The compilation process condenses the code into human readable instructions
Question #28 of 115
Question ID: 1345216
You are providing end-user security awareness training. As part of this training, you explain why the organization uses
asymmetric encryption and how it works. What is used to decrypt a file in this type of encryption?
A) plaintext
B) public key
C) private key
D) message digest
Question #29 of 115
Question ID: 1487125
Which of the following protection methods applies to data in processing or in use? (Choose all that apply.)
A) Physical protection
B) Hashing
C) Backup management
D) Access control
E) Fault tolerance
F) Encryption
Question #30 of 115
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
Question ID: 1438685
10/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
You are a security consultant. An organization hires you to implement a biometric system. This system should work in
conjunction with a password to provide increased security. Which method should you implement?
A) keystroke dynamics
B) password aging
C) password encryption
D) password checkers
Question #31 of 115
Question ID: 1487143
You need to remove data from a storage media that is used to store confidential information. Which method is NOT
recommended?
A) formatting
B) degaussing
C) zeroization
D) destruction
Question #32 of 115
Question ID: 1345223
Recently, several confidential messages from your company have been intercepted. Your company has decided to
implement PGP to encrypt files. Which type of model does this encryption use?
A) hierarchy
B) bus
C) web
D) ring
Question #33 of 115
Question ID: 1438722
You have been hired as a security consultant for a large corporation. During a meeting with the IT department, the IT
manager indicates that one of their applications uses a private key encryption standard that was developed in Russia
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
11/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
and uses 256-bit encryption keys. Which encryption standard does the application use?
A) CAST-128
B) IDEA
C) RC5
D) GOST
Question #34 of 115
Question ID: 1438708
Which two suppression methods are recommended when paper, laminates, and wooden furniture are the elements of a
fire in the facility? (Choose two.)
A) Soda acid
B) Dry powder
C) Water
D) Halon
Question #35 of 115
Question ID: 1438686
Your organization has recently adopted a new organizational security policy. As part of this new policy, management
has decided to implement an iris scanner wanting access to the secure data center. Which procedure does this use to
authenticate users?
A) It scans the shape of the user's face and compares the face scan with faces on
file.
B) It takes a picture of the user's eye and compares the picture with pictures on file.
C) It scans the blood vessels in the user's eye and compares the pattern with
patterns on file.
D) It scans the user's handwriting and compares the handwriting with a sample on
file.
Question #36 of 115
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
Question ID: 1345238
12/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
Management has asked you to implement an encryption algorithm that is based on the Diffie-Hellman key agreement.
Which encryption algorithm should you implement?
A) Knapsack
B) ElGamal
C) International Data Encryption Algorithm
D) HAVAL
Question #37 of 115
Question ID: 1345229
You have been asked to choose a hashing algorithm for your organization. You decide to implement SHA-1. Which size
checksum is produced by this algorithm?
A) 128-bit
B) 256-bit
C) 56-bit
D) 160-bit
Question #38 of 115
Question ID: 1487132
You are responsible for designing your company's identification, authentication, and authorization system to ensure that
the company's network is protected from unauthorized access. What is the purpose of authentication on this network?
A) verifying the identity of users
B) encrypting files
C) backing up data stored on hard disks
D) allowing users to access resources
Question #39 of 115
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
Question ID: 1345227
13/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
Your company needs to protect message integrity. Management decides that you need to implement an algorithm that
uses 160-bit checksums. Which algorithm should you implement?
A) SHA
B) AES
C) DES
D) MD5
Question #40 of 115
Question ID: 1438724
Which cipher uses a binary key and is often combined with or incorporated into a symmetric algorithm because it is not
secure when used by itself?
A) RIPEMD
B) substitution
C) ROT13
D) XOR
Question #41 of 115
Question ID: 1438673
Order the six phases of the software development life cycle from first to the last phase.
{UCMS id=5703176817737728 type=Activity}
Question #42 of 115
Question ID: 1345194
You need to design a backup plan for your company’s file server. You are most concerned with the restoration time.
Which of the following would take the least amount of time to restore?
A) Snapshots
B) Full backup
C) Differential backup
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
14/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
D) Incremental backup
Question #43 of 115
Question ID: 1487123
Management at your company has requested that you implement DLP. What is the purpose of this technology?
A) It protects against malware.
B) It monitors data on computers to ensure the data is not deleted or removed.
C) It allows organizations to use the Internet to host services and data remotely
instead of locally.
D) It implements hardware-based encryption.
Question #44 of 115
Question ID: 1438661
You are developing the configuration/change management plan for the company. Move the roles on the left to their
associated responsibilities in the process. (A single role may have multiple responsibilities.)
{UCMS id=5459879328219136 type=Activity}
Question #45 of 115
Question ID: 1438663
You have been hired as a security administrator for a large business. The previous security administrator left behind
documentation on the security policies and measures that the company implements. The network includes several
security devices, including a honeypot. Which active response to a hacker attack describes this device?
A) termination of a connection
B) termination of a process
C) network reconfiguration
D) deception
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
15/40
3/14/23, 12:44 AM
Question #46 of 115
SY0-601 Exam Simulation
Question ID: 1438728
Recently, your organization has experienced several password attacks. Management has asked you to provide
additional security to ensure that this does not happen again. You decide to implement a key stretching function. Which
of the following could you use? (Check all that apply.)
A) PBKDF2
B) Bcrypt
C) DES
D) 3DES
E) RSA
Question #47 of 115
Question ID: 1438702
Which of the following transmit data via Wi-Fi or Bluetooth only to a host device and are vulnerable to data interception
and attack?
A) UAV
B) Medical devices
C) Personal vehicles
D) Wearable technology
Question #48 of 115
Question ID: 1345173
You organization has decided the implement keyboard cadence as part of authentication. Of which type of
authentication factor is this an example?
A) Something you do
B) Something you know
C) Something you have
D) Something you are
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
16/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
Question #49 of 115
Question ID: 1345230
Management has asked you to implement MD5 to verify data integrity. However, you are concerned that MD5 is not
strong enough. Which size checksum does this algorithm produce?
A) 160-bit
B) 128-bit
C) 56-bit
D) 256-bit
Question #50 of 115
Question ID: 1438730
You are comparing cryptographic solutions to implement at your organization. Which two items should you focus on
when you are evaluating implementation versus algorithm selection? (Choose two.)
A) Crypto service providers
B) Crypto modules
C) Key strength
D) Key stretching
E) Security through obscurity
Question #51 of 115
Question ID: 1438660
You are developing a configuration management strategy. In what order would you develop the following aspects of
configuration management? Order the steps on the left into the correct sequence.
{UCMS id=5670352120184832 type=Activity}
Question #52 of 115
Question ID: 1487139
Which controls should you implement to mitigate the security risks of a Supervisory Control and Data Acquisition
(SCADA) systems? (Choose all that apply.)
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
17/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
A) firmware version control
B) application firewall
C) network segments
D) ACLs
Question #53 of 115
Question ID: 1438715
You need to apply a physical security control so that no electrical signals can escape the room. Which control should
you apply?
A) USB data blocker
B) Faraday cage
C) Protected cable distribution
D) Air gap
Question #54 of 115
Question ID: 1438707
When considering home or office alarm systems, which availability feature leaves them open to remote attacks?
A) Convenient power plug standard
B) Internet connection
C) Wi-Fi Protected Setup button
D) Cloud-based storage of images
Question #55 of 115
Question ID: 1438671
Which process allows you to deploy, configure, and manage data centers through scripts?
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
18/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
A) IaC
B) Waterfall
C) Immutable systems
D) Baselining
Question #56 of 115
Question ID: 1345174
You are training several IT professionals on security and access control. You need to explain to the professionals the
most common form of identification and authentication. What identification and authentication mechanism should you
explain?
A) smart cards
B) biometrics
C) two-factor authentication
D) user identification with reusable password
Question #57 of 115
Question ID: 1480184
You must properly protect the demilitarized zone (DMZ) from unnecessary traffic. Identify the DMZ in the following
graphic.
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
19/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
A) Network B
B) Network D
C) Network C
D) Network A
Question #58 of 115
Question ID: 1345202
You have a highly mobile workforce, and they often work in airplanes, airports, and other public places. Management is
concerned that unauthorized users can obtain information when personnel are using the devices in public places.
Which of these could be implemented to help mitigate risk?
A) Airgap
B) Key management
C) Logs
D) Screen filters
Question #59 of 115
Question ID: 1345234
Your company must implement a subnetwork that is highly secure. Management asks you to implement an encryption
method that is used only once for a single document. Which encryption method should you use?
A) Caesar cipher
B) OTP
C) DES
D) substitution cipher
Question #60 of 115
Question ID: 1438664
What is a honeypot?
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
20/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
A) a disruptive strategy that allows you to maximize the effectiveness of your decoy
B) an enterprise management software designed to mediate access to cloud
services
C) a skeleton of the network without any data or functionality
D) a computer system that draws in malicious actors to determine how attackers
break into systems
Question #61 of 115
Question ID: 1487136
A user accidentally installed a driver that had issues. You have been asked to return the computer to its state prior to
the driver installation. What is most likely the quickest method of meeting this requirement?
A) Live boot media
B) Snapshots
C) Master image
D) Memory dump
Question #62 of 115
Question ID: 1345197
Which of these options is particularly dangerous because it processes data with little or no latency?
A) SoC
B) RTOs
C) Home automation
D) Wearable technology
Question #63 of 115
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
Question ID: 1438679
21/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
As the lead for a software development team, you must establish secure development requirements. Which of the
following best practices must be included for secure software development? (Choose all that apply.)
A) Input sanitization should validate all characters against a whitelist
B) Input validation should be performed only on the server-side to limit client buffer
overflows
C) If a TLS connection fails, the connection should default back to standard HTTP
D) Session IDs should be included in the URL for web applications
E) Use only HTTP POST requests for sending web authentication credentials
Question #64 of 115
Question ID: 1345161
What are some disadvantages to using a cold site? (Choose all that apply.)
A) recovery time
B) testing availability
C) administration time
D) expense
Question #65 of 115
Question ID: 1438676
In which lower environment are the basic errors of an application detected and resolved?
A) Production
B) Staging
C) Development
D) Testing
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
22/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
Question #66 of 115
Question ID: 1438662
You are considering cloud services, and you concerned about the interaction of your security policies and those of the
hosting provider. What can alleviate your concern?
A) Cloud access security brokers
B) VDI
C) VM escape protection
D) Stress testing
Question #67 of 115
Question ID: 1438670
Your organization has discovered the cost savings associated with virtual machines and is encouraging rapid adoption.
Which concept should you implement before things get out of control?
A) VM sprawl avoidance
B) Cloud access security broker
C) VM escape protection
D) Cloud storage
Question #68 of 115
Question ID: 1345237
Your organization has decided to implement an encryption algorithm to protect data. One IT staff member suggests that
the organization use IDEA. Which strength encryption key is used in this encryption algorithm?
A) 256-bit
B) 64-bit
C) 56-bit
D) 128-bit
Question #69 of 115
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
Question ID: 1438684
23/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
You have been asked to implement a biometric method that analyzes both the physical motions that are performed
when a signature is signed and the specific features of a person's signature. Which biometric system should you
implement?
A) digital signature
B) hand geometry
C) signature dynamics
D) keystroke dynamics
Question #70 of 115
Question ID: 1438716
Which of the following would be an example of a design weakness?
A) Not including a DMZ
B) Failing to store private keys, public keys, or certificates securely
C) Not documenting new assets as the system grows
D) Not updating antivirus software
Question #71 of 115
Question ID: 1438683
You need to implement an authentication system that verifies the identity of the users. Which type of authentication
should you implement?
A) a password
B) a retinal scan
C) a smart card
D) a security token
Question #72 of 115
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
Question ID: 1438659
24/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
Which automation or scripting concept can reduce the risk that new equipment might not have all the same settings,
applications, and drivers as your existing equipment without changing vital user settings?
A) Automated courses of action
B) Configuration validation
C) Continuous monitoring
D) Templates
Question #73 of 115
Question ID: 1345162
Which two alternate data center facilities are the easiest to test? (Choose two.)
A) hot site
B) redundant site
C) cold site
D) warm site
Question #74 of 115
Question ID: 1345231
Management asks you to implement an encryption standard that uses a single 56-bit encryption key to encrypt 64-bit
blocks of data. Which encryption standard should you implement?
A) DES
B) SSL
C) TDES
D) Blowfish
Question #75 of 115
Question ID: 1438690
You are evaluating several biometric authentication systems. Which is the best metric to use to quantify the
effectiveness of the subject system?
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
25/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
A) FAR
B) HOTP
C) FRR
D) CER
Question #76 of 115
Question ID: 1438691
You are designing an access control system for a new company. The company has asked that you ensure that users
are authenticated with a central server. In addition, users should only have access to the files they need to perform their
jobs. When implementing access control, what is the appropriate order?
A) authentication, identification, authorization
B) identification, authentication, authorization
C) identification, authorization, authentication
D) authentication, authorization, identification
Question #77 of 115
Question ID: 1438666
What is the difference between a honeynet, honeypot, and honeytoken?
A) A honeynet is a disruptive strategy that allows you to maximize the effectiveness
of your decoys, a honeypot is an individual file or directory on a system, and a
honeytoken is a dynamically generated decoy used to slow down scanning.
B) A honeynet is a network of honeypots; a honeypot is a single system; and a
honeytoken is an individual file or directory on a system.
C) A honeynet is a collection of files on a specific attack strategy, a honeypot is a
folder that stores all the permissions for the honeynet, and a honeytoken is a
command used by the network admin to assign permissions to the honeynet
files.
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
26/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
D) A honeynet is a network made up of only virtual machines, a honeypot is section
of virtual machines on a network, and a honeytoken is mechanism used to
access a virtual machine on the network.
Question #78 of 115
Question ID: 1438721
Which encryption techniques are used by AES, DES, and Blowfish? (Choose two.)
A) PRNG
B) Symmetric algorithm
C) Random number generation
D) Diffusion
E) Asymmetric algorithm
Question #79 of 115
Question ID: 1438723
You have been asked to research the encryption algorithms available and make recommendations to management
about which to implement. One of the encryption algorithms that you are researching is RSA. Which type of encryption
algorithm does this algorithm represent?
A) asymmetric with authentication
B) asymmetric with authorization
C) symmetric with authentication
D) symmetric with digital signature
Question #80 of 115
Question ID: 1438717
What is the purpose of hot and cold aisles?
A) to provide an alternate location for IT services in case of disaster
B) to ensure that humidity remains at a certain level
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
27/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
C) to control airflow in the data center
D) to protect against electromagnetic interferences (EMI)
Question #81 of 115
Question ID: 1438713
Which intrusion detection system (IDS) uses a magnetic field to detect intrusions?
A) a passive infrared system
B) a photoelectric system
C) a proximity detector
D) an acoustical detection system
Question #82 of 115
Question ID: 1487124
Data may be subject to the laws and regulations of the nation in which it is collected, not necessarily where it is stored.
Which principle is being described?
A) Data sovereignty
B) Legal hold
C) Incident response plan
D) Chain of custody
Question #83 of 115
Question ID: 1345232
You have been hired as a security consultant. The company owner asks you to implement public key encryption to
protect messages traveling between two points. Which algorithm should you implement?
A) IDEA
B) RC5
C) RSA
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
28/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
D) Skipjack
Question #84 of 115
Question ID: 1487142
What is a physical barrier that acts as the first line of defense against an intruder?
A) a bollard
B) a lock
C) a mantrap
D) a fence
E) a turnstile
Question #85 of 115
Question ID: 1438734
Which description best applies to blockchain?
A) Type of cryptocurrency
B) Private ledger of transactions
C) Linked series of records
D) System of centralized wallets
Question #86 of 115
Question ID: 1438735
What is the role of nodes in a transaction using blockchain?
A) They initiate the blockchain
B) They request the transaction
C) They validate the transaction
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
29/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
D) They issue the cryptocurrency
Question #87 of 115
Question ID: 1345192
Your company has a backup solution that performs a full backup each Saturday evening and an incremental backup all
other evenings. A vital system crashes on Monday morning. How many backups will need to be restored?
A) one
B) three
C) four
D) two
Question #88 of 115
Question ID: 1487134
You are required to isolate vulnerabilities and minimize errors when securing your company's network. You decide to
use redundant technologies from various suppliers so that the company is not dependent on any single system. Which
strategy does this decision describe?
A) Control diversity
B) Defense-in-depth
C) Separation of duties
D) Vendor diversity
Question #89 of 115
Question ID: 1438733
You have recently been hired as a security administrator for your company. In the security documentation, it mentions
that message authentication code (MAC) is implemented. What does this ensure?
A) message availability
B) message confidentiality
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
30/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
C) message integrity
D) message replay
Question #90 of 115
Question ID: 1345217
As a security administrator, you are responsible for ensuring that your organization's IT staff understands the security
mechanisms employed on the network. You are currently documenting the security mechanisms as part of the IT
training. During the documentation, you realize that many of the IT staff do not understand the basic terms used in IT
security. You need to document the terms and definitions that you will use. What is a mathematical formula that is used
in cryptography to encrypt data?
A) ciphertext
B) key
C) plaintext
D) algorithm
Question #91 of 115
Question ID: 1438687
You have been hired as a security administrator by your company. You have recommended that the organization
implement a biometric system to control access to the server room. You recommend implementing a system that
identifies an employee by the pattern of blood vessels at the back of the employee's eyes. Which biometric system are
you recommending?
A) facial scan
B) retina scan
C) eye recognition
D) iris scan
Question #92 of 115
Question ID: 1487133
Match the authentication mechanisms on the left with the authentication types given on the right.
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
31/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
{UCMS id=5711433796943872 type=Activity}
Question #93 of 115
Question ID: 1438726
When implementing a security solution for mobile devices, which two common use cases are of primary concern?
(Choose two.)
A) Obfuscation
B) Authentication
C) Lower power devices
D) Low latency
E) Non-repudiation
Question #94 of 115
Question ID: 1345163
Which concept involves contracting with a third party who will provide a location and equipment to be used in the event
of an emergency?
A) Alternate processing sites
B) Disaster recovery plan
C) Offsite storage
D) Alternate business practices
Question #95 of 115
Question ID: 1487131
You are signing up for a new account on a web site. After you enter a password, the website prompts you to provide the
answers to security questions, such as the name of a childhood sweetheart or the color of your first car. What type of
multifactor authentication is this?
A) Something you have
B) Something you know
C) Something you are
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
32/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
D) Something you do
Question #96 of 115
Question ID: 1438675
In which lower environment are general security requirements verified in an application before being released to the
general public?
A) Staging
B) Production
C) Development
D) Testing
Question #97 of 115
Question ID: 1438712
Your organization protects its data center using a smart lock. Each user has a unique code to enter in the smart lock to
access the data center. The code is configured to only allow access during certain times and days. Which type of lock is
implemented?
A) mechanical lock
B) tumbler lock
C) cipher lock
D) combination lock
Question #98 of 115
Question ID: 1438703
Smart devices and Internet of Things (IoT) are growing rapidly. Which of these include embedded systems that are
security risks? (Choose all that apply.)
A) Printers
B) Home automation devices
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
33/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
C) Medical devices
D) Wearable technology
Question #99 of 115
Question ID: 1438693
You need to implement voice over IP (VoIP) and wireless services for your company. Which AAA implementation was
created to deal with these?
A) TACACS+
B) TACACS
C) Diameter
D) XTACACS
Question #100 of 115
Question ID: 1345214
You have been promoted to security administrator. Recently, management implemented a security policy that states
that symmetric cryptography must be used. However, your research indicates the asymmetric cryptography is a better
choice for your organization. Which statement is true of symmetric cryptography?
A) Symmetric cryptography uses different keys to encrypt and decrypt messages.
B) Symmetric cryptography provides better security compared to asymmetric
cryptography.
C) Symmetric cryptography does not require a secure mechanism to properly
deliver keys.
D) Symmetric cryptography is faster than asymmetric cryptography.
Question #101 of 115
Question ID: 1345236
You have been asked to implement the encryption standard that is used in the Clipper Chip. Which encryption standard
should you use?
A) Skipjack
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
34/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
B) AES
C) DES
D) Blowfish
Question #102 of 115
Question ID: 1438677
Which integrity strategy is used to ensure that application code has not been tampered with since it was checked in by
a developer?
A) Integration testing
B) Monitoring control
C) Unit testing
D) Versioning control
Question #103 of 115
Question ID: 1345228
You need to ensure that several confidential files are not changed. You decide to use an algorithm to create message
digests for the confidential files. Which algorithm should you use?
A) AES
B) IDEA
C) DES
D) SHA-1
Question #104 of 115
Question ID: 1438694
Your users often forget their passwords and ask for assistance. You send a link to reset the password. You would like to
incorporate a time limit for the user to respond to the link. Which would you incorporate?
A) HOTP
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
35/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
B) ABAC
C) FRR
D) TOTP
Question #105 of 115
Question ID: 1438725
You have been hired as a security consultant. One of your recommendations is that the organization should implement
encryption for all data, including data at rest, data in use, and data in transit. Which security service does this provide?
A) integrity
B) accountability
C) confidentiality
D) availability
Question #106 of 115
Question ID: 1487140
Which technology will phreakers attack?
A) NAT
B) Web servers
C) VoIP
D) firewalls
Question #107 of 115
Question ID: 1438701
Which phrase describes adjusting load capacity on a virtual machine by adding additional processor and memory
resources?
A) Diagonal scaling
B) Horizontal scaling
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
36/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
C) Scaling up
D) Scaling out
Question #108 of 115
Question ID: 1487128
Your company needs to select the appropriate cloud model and category to deploy. Match the cloud model or category
with its appropriate description.
{UCMS id=5100296546025472 type=Activity}
Question #109 of 115
Question ID: 1487126
Your company needs to be able to provide employees access to a suite of applications. However, you do not want the
employees to install a local copy of the applications. Which method should you use to deploy the suite of applications?
A) Virtualization
B) Software as a Service
C) Platform as a Service
D) Infrastructure as a Service
Question #110 of 115
Question ID: 1438680
As the project lead for a development project, you must ensure that web application code is protected against the
OWASP Top 10 exploits. Which of the following best practices should you follow? (Choose three.)
A) Perform input sanitization and validation to protect against injection attacks
B) Create application passwords that meet complexity requirements to protect
against brute force attacks
C) Separate untrusted data from active browser content to mitigate XSS attacks
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
37/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
D) Verify the effectiveness of client-side access controls using SAST and DAST
tools
E) Maintain a reliable patch management policy to mitigate known software
vulnerabilities
Question #111 of 115
Question ID: 1345241
You are the security administrator for an organization. Management decides that all communications on the network
should be encrypted using the data encryption standard (DES) or Triple DES (3DES) algorithm. Which statement is true
of these algorithms?
A) A 56-bit DES encryption is 256 times more secure than a 40-bit DES encryption.
B) A Triple DES (3DES) algorithm uses 48 rounds of computation.
C) A DES algorithm uses 32 rounds of computation.
D) The effective key size of DES is 64 bits.
Question #112 of 115
Question ID: 1487144
Which cryptographic technique changes multiple output bits when you change a single input bit?
A) Diffusion
B) IV
C) Salting
D) Confusion
Question #113 of 115
Question ID: 1438665
What is the difference between production honeypots and research honeypots?
A) Production honeypots are only utilized in production environments. Research
honeypots are only used in research-based environments.
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
38/40
3/14/23, 12:44 AM
SY0-601 Exam Simulation
B) Production honeypots protect data produced by artificial means. Research
honeypots protect data that is used solely for research purposes.
C) Production honeypots are a disruptive strategy that allows you to maximize the
effectiveness of decoys. Research honeypots use open-source strategies to
learn attackers’ techniques.
D) Production honeypots mitigate risks to production systems by aiding in attack
prevention, detection, and response. Research honeypots are informationgathering resources.
Question #114 of 115
Question ID: 1345204
Your organization has a security policy in place that states that all precautions should be taken to prevent physical theft
of mobile devices. Which precaution would prevent this?
A) Store mobile devices in a locked cabinet.
B) Install a remote sanitation application on each mobile device.
C) Implement password protection on each mobile device.
D) Implement a screen lock on each mobile device.
Question #115 of 115
Question ID: 1438681
When users log in to the network locally, they must provide their username and password. When users log in to the
network remotely, they must provide their username, password, and smart card.
Which two statements are true regarding your organization's security? (Choose two.)
A) The remote network login uses three-factor authentication.
B) The local network login uses two-factor authentication.
C) The local network login uses one-factor authentication.
D) The remote network login uses two-factor authentication.
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
39/40
3/14/23, 12:44 AM
https://www.kaplanlearn.com/education/test/print/73818772?testId=243608020
SY0-601 Exam Simulation
40/40
Related documents
The benefits of exercise and The dangers of lack of exercise
The benefits of exercise and The dangers of lack of exercise
605 tree obstacle course
605 tree obstacle course
Activity 2
Activity 2
Untitled document
Untitled document
Cylo
Cylo
17.1 Case Study Worksheet1
17.1 Case Study Worksheet1
isitvivid
isitvivid
Download
advertisement