Free Access to CompTIA.SY0-601.v2024-03-22.q381 with Valid Practice Test (Page 72)

Question 351

An employee received multiple messages on a mobile device. The messages instructing the employee to pair the device to an unknown device. Which of the following BEST describes What a malicious person might be doing to cause this issue to occur?

A.Jamming
B.Bluesnarfing
C.Evil twin
D.Rogue access point

Question 352

An engineer wants to inspect traffic to a cluster of web servers in a cloud environment Which of the following solutions should the engineer implement? (Select two).

A.CASB
B.WAF
C.Load balancer
D.VPN
E.TLS
F.DAST

Correct Answer: B,C

Explanation
A web application firewall (WAF) is a solution that inspects traffic to a cluster of web servers in a cloud environment and protects them from common web-based attacks, such as SQL injection, cross-site scripting, and denial-of-service1. A WAF can be deployed as a cloud service or as a virtual appliance in front of the web servers. A load balancer is a solution that distributes traffic among multiple web servers in a cloud environment and improves their performance, availability, and scalability2. A load balancer can also perform health checks on the web servers and route traffic only to the healthy ones. The other options are not relevant to this scenario. A CASB is a cloud access security broker, which is a solution that monitors and controls the use of cloud services by an organization's users3. A VPN is a virtual private network, which is a solution that creates a secure and encrypted connection between two networks or devices over the internet. TLS is Transport Layer Security, which is a protocol that provides encryption and authentication for data transmitted over a network. DAST is dynamic application security testing, which is a method of testing web applications for vulnerabilities by simulating attacks on them.
References:
1: https://www.imperva.com/learn/application-security/what-is-a-web-application-firewall-waf/
2:
https://www.imperva.com/learn/application-security/load-balancing/ 3:
https://www.imperva.com/learn/application-security/cloud-access-security-broker-casb/ :
https://www.imperva.com/learn/application-security/vpn-virtual-private-network/ :
https://www.imperva.com/learn/application-security/transport-layer-security-tls/ :
https://www.imperva.com/learn/application-security/dynamic-application-security-testing-dast/ :
https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-traffic-ins
https://docs.microsoft.com/en-us/azure/private-link/inspect-traffic-with-azure-firewall :
https://docs.microsoft.com/en-us/azure/architecture/example-scenario/gateway/application-gateway-before-azure

Question 353

A security analyst receives a SIEM alert that someone logged in to the appadmin test account, which is only used for the early detection of attacks. The security analyst then reviews the following application log:

Which of the following can the security analyst conclude?

A.An injection attack is being conducted against a user authentication system.
B.A service account password may have been changed, resulting in continuous failed logins within the application.
C.A replay attack is being conducted against the application.
D.A credentialed vulnerability scanner attack is testing several CVEs against the application.

Question 354

A network engineer notices the VPN concentrator overloaded and crashes on days when there are a lot of remote workers. Senior management has placed greater importance on the availability of VPN resources for the remote workers than the security of the end users' traffic. Which of the following would be BEST to solve this issue?

A.L2TP
B.Always On
C.Split tunneling
D.iPSec

Question 355

A recently discovered zero-day exploit utilizes an unknown vulnerability in the SMB network protocol to rapidly infect computers.
Once infected, computers are encrypted and held for ransom. Which of the following would BEST prevent this attack from reoccurring?

A.Ensure endpoint detection and response systems are alerting on suspicious SMB connections.
B.Deny unauthenticated users access to shared network folders.
C.Configure the perimeter firewall to deny inbound external connections to SMB ports.
D.Verify computers are set to install monthly operating system, updates automatically.

Question 351

Question 352

Question 353

Question 354

Question 355

Download PDF File