ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam SY0-701 All Questions

View all questions & answers for the SY0-701 exam
Go to Exam

Exam SY0-701 topic 1 question 76 discussion

Actual exam question from CompTIA's SY0-701
Question #: 76
Topic #: 1
[All SY0-701 Questions]

HOTSPOT -
Select the appropriate attack and remediation from each drop-down list to label the corresponding attack with its remediation.

INSTRUCTIONS -
Not all attacks and remediation actions will be used.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Show Suggested Answer Hide Answer
Suggested Answer:
by Th3irdEye at May 16, 2024, 7:17 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Th3irdEye
Highly Voted 8 months ago
I think the 3rd line is wrong. It should be: Database server / Worm / Change the default application password The prompt talks about compromising an SQL database with well known credentials. So you need to change the app default password to fix this. It also talks about the attack being self propagating which would make it a worm. I believe the rest of the answers are correct.
upvoted 40 times
...
c80f5c5
Highly Voted 7 months, 1 week ago
These are the answers I got when I took a Sec+ bootcamp for work, they went over this lab during the course. 1. Botnet - Enable DDos 2. RAT - Implement Host based IPS 3. Worm - Change default application password 4. Keylogger - Disable remote access services 5. Backdoor - Conduct code review I've seen various answers around the web. I'm going with these.
upvoted 26 times
GnawingCow
3 weeks ago
How would keylogger equate to disabling remote access services? Keyloggers do not rely on remote access services (like RDP, VNC, etc.) to operate. Instead, they typically record keystrokes locally and then send the collected data over the network to a remote attacker, either via an internet connection, email, or other methods. 2FA, on the other hand, if implemented correctly would render a keylogger useless
upvoted 3 times
GnawingCow
3 weeks ago
Furthermore, RAT = Remote Access Trojan. I believe disabling remote access services makes more sense for this option
upvoted 3 times
...
...
...
darpanne
Most Recent 3 weeks, 4 days ago
A. Botnet - Enable DDos B. RAT - Implement Host based IPS C. Worm - Change default application password D. Keylogger - Disable remote access services E. Backdoor - Conduct code review
upvoted 1 times
...
PAWarriors
4 months, 1 week ago
Correct order: A. Botnet - Enable DDos B. RAT - Implement Host based IPS C. Worm - Change default application password D. Keylogger - Disable remote access services E. Backdoor - Conduct code review
upvoted 2 times
...
a4e15bd
4 months, 4 weeks ago
1- Botnet - Enable DDoS 2. RAT - Disable remote services 3. Worm - Change default application password 4. Keylogger - Enable MFA 5. Backdoor - Conduct a code review.
upvoted 6 times
...
chasingsummer
4 months, 4 weeks ago
These make sense to me: 1. Botnet > Enable DDoS protection 2. RAT > Implement a host-based IPS 3. Worm > Change the default application password 4. Keylogger > Implement 2FA using push notification 5. Backdoor > Conduct a code review
upvoted 2 times
...
Zayrdis
6 months ago
Upon vast research these make the best sense. 1. Botnet - Enable DDos 2. RAT - Disable remote access services 3. Worm - Change default application password 4. Keylogger - Implement a host-based IPS 5. Backdoor - Conduct code review
upvoted 11 times
...
Etc_Shadow28000
7 months ago
1 An attacker sends multiple SYN packets from multiple sources. - Botnet - Enable DDoS protection 2 The attack establishes a connection, which allows remote commands to be executed. - Attack Identified. RAT Remote Access Trojan - BEST Preventive or Remediation Action. Disable remote access services 3 The attack is self-propagating and compromises a SQL database using well-known credentials as it moves through the network. - Attack Identified. Worm - BEST Preventive or Remediation Action. Patch vulnerable systems 4 The attacker uses hardware to remotely monitor a user’s input activity to harvest credentials. - Attack Identified. Keylogger - BEST Preventive or Remediation Action. Conduct a code review 5 The attacker embeds hidden access in an internally developed application that bypasses account login. - Attack Identified. Backdoor - BEST Preventive or Remediation Action. Implement a host-based IPS
upvoted 7 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago