ExamCompass CompTIA Practice Exams (/./) CompTIA Security+ Certification Exam SY0-601 Practice Test 2 What is a PUP? (Select 3 answers) A type of computer program not explicitly classified as malware by AV software ( Your answer) An application downloaded and installed without the user's consent (illegal app) ( Your answer) A type of software that may adversely affect the computer's security and performance, compromise user's privacy, or display unsolicited ads ( Your answer) An application downloaded and installed with the user's consent (legal app) ( Missed) A type of computer program explicitly classified as malware by AV applications A type of free, utility software often bundled with a paid app Your answer to this question is incorrect or incomplete. Which type of malware resides only in RAM? Rootkit ( Your answer) Fileless virus ( Missed) Backdoor Logic bomb Your answer to this question is incorrect or incomplete. What is the function of a C2 server? Spam distribution Botnet control ( Your answer) Authentication, Authorization, and Accounting (AAA) Penetration testing You correctly answered this question. A malware-infected network host under remote control of a hacker is commonly referred to as: Trojan Worm Bot ( Your answer) Honeypot You correctly answered this question. Which of the following applies to a collection of intermediary compromised systems that can be used as a platform for a DDoS attack? Botnet ( Your answer) Intranet Honeynet Extranet You correctly answered this question. Which of the following is an example of cryptomalware? Backdoor Ransomware ( Your answer) Keylogger Rootkit You correctly answered this question. Malicious code activated by a specific event is called: Spyware Backdoor Rootkit Logic bomb ( Your answer) You correctly answered this question. Malicious software collecting information about users without their knowledge/consent is known as: Cryptomalware Adware Ransomware Spyware ( Your answer) You correctly answered this question. Which of the following is an example of spyware? Keylogger ( Your answer) Vulnerability scanner Computer worm Packet sniffer You correctly answered this question. Which type of Trojan enables unauthorized remote access to a compromised system? pcap RAT ( Your answer) MaaS pfSense You correctly answered this question. A collection of software tools used by a hacker to mask intrusion and obtain administrator-level access to a computer or computer network is known as: Rootkit ( Your answer) Spyware Backdoor Trojan You correctly answered this question. Which of the following refers to an undocumented (and often legitimate) way of gaining access to a program, online service, or an entire computer system? Logic bomb Trojan horse ( Your answer) Rootkit Backdoor ( Missed) Your answer to this question is incorrect or incomplete. A short list of commonly used passwords tried against large number of user accounts is a characteristic feature of: Replay attack Dictionary attack Spraying attack ( Your answer) Birthday attack You correctly answered this question. Which password attack bypasses account-lockout policies? Birthday attack Spraying attack ( Your answer) Dictionary attack Replay attack You correctly answered this question. Which password attack takes advantage of a predefined list of words? Birthday attack Replay attack Dictionary attack ( Missed) Brute-force attack ( Your answer) Your answer to this question is incorrect or incomplete. One of the measures for bypassing the failed logon attempt account lockout policy is to capture any relevant data that might contain the password and brute force it offline. True ( Your answer) False You correctly answered this question. An attack against encrypted data that relies heavily on computing power to check all possible keys and passwords until the correct one is found is known as: Replay attack Brute-force attack ( Your answer) Dictionary attack Birthday attack You correctly answered this question. Rainbow tables are lookup tables used to speed up the process of password guessing. True ( Your answer) False You correctly answered this question. Which of the following refers to the contents of a rainbow table entry? Hash/Password ( Your answer) IP address/Domain name Username/Password Account name/Hash You correctly answered this question. In cryptography, the term "Plaintext" is used to describe data in an unencrypted form. True ( Your answer) False You correctly answered this question. Due to added functionality in its plug, malicious USB cable can be used for: GPS tracking Capturing keystrokes ( Your answer) Sending and receiving commands Delivering and executing malware Any of the above ( Missed) Your answer to this question is incorrect or incomplete. Which of the following terms is used to describe the theft of personal data from a payment card? Pivoting Skimming ( Your answer) Phishing Bluejacking You correctly answered this question. The practice of making an unauthorized copy of a payment card is referred to as: Rooting Cloning ( Your answer) Replication Copying You correctly answered this question. An AI feature that enables it to accomplish tasks based on training data without explicit human instructions is called: API ML ( Your answer) RAD VR You correctly answered this question. Which cryptographic attack relies on the concepts of probability theory? KPA Brute-force Dictionary Birthday ( Your answer) You correctly answered this question. Your Final Report Total marks 27 Total Questions 25 Questions correctly answered 20 Success ratio 80% Marks secured 22 Percentage secured 81.48% Security+
