Pass Your CompTIA Security+ SY0-601 Exam Easy!

100% Real CompTIA Security+ SY0-601 Exam Questions & Answers, Accurate & Verified By IT Experts

Instant Download, Free Fast Updates, 99.6% Pass Rate

SY0-601 Premium Bundle

$79.99

CompTIA SY0-601 Premium Bundle

SY0-601 Premium File: 849 Questions & Answers

Last Update: Feb 12, 2024

SY0-601 Training Course: 201 Video Lectures

SY0-601 PDF Study Guide: 920 Pages

SY0-601 Bundle gives you unlimited access to "SY0-601" files. However, this does not replace the need for a .vce exam simulator. To download VCE exam simulator click here
CompTIA SY0-601 Premium Bundle
CompTIA SY0-601 Premium Bundle

SY0-601 Premium File: 849 Questions & Answers

Last Update: Feb 12, 2024

SY0-601 Training Course: 201 Video Lectures

SY0-601 PDF Study Guide: 920 Pages

$79.99

SY0-601 Bundle gives you unlimited access to "SY0-601" files. However, this does not replace the need for a .vce exam simulator. To download your .vce exam simulator click here

CompTIA Security+ SY0-601 Exam Screenshots

CompTIA Security+ SY0-601 Practice Test Questions in VCE Format

File Votes Size Date
File
CompTIA.realtests.SY0-601.v2024-02-05.by.cooper.197q.vce
Votes
5
Size
1.82 MB
Date
Feb 05, 2024
File
CompTIA.selftestengine.SY0-601.v2022-01-27.by.julian.179q.vce
Votes
1
Size
1.64 MB
Date
Jan 27, 2022
File
CompTIA.questionpaper.SY0-601.v2021-12-22.by.megan.154q.vce
Votes
1
Size
1.45 MB
Date
Dec 22, 2021
File
CompTIA.examanswers.SY0-601.v2021-12-08.by.wangtao.136q.vce
Votes
1
Size
1.08 MB
Date
Dec 08, 2021
File
CompTIA.questionspaper.SY0-601.v2021-10-28.by.julian.119q.vce
Votes
1
Size
757.19 KB
Date
Oct 28, 2021
File
CompTIA.realtests.SY0-601.v2021-09-02.by.yusuf.106q.vce
Votes
1
Size
717.05 KB
Date
Sep 02, 2021
File
CompTIA.braindumps.SY0-601.v2021-04-05.by.edward.97q.vce
Votes
1
Size
390.13 KB
Date
Apr 06, 2021
File
CompTIA.actualtests.SY0-601.v2020-11-23.by.freya.42q.vce
Votes
1
Size
431.29 KB
Date
Nov 23, 2020

CompTIA Security+ SY0-601 Practice Test Questions, Exam Dumps

CompTIA SY0-601 CompTIA Security+ exam dumps vce, practice test questions, study guide & video training course to study and pass quickly and easily. CompTIA SY0-601 CompTIA Security+ exam dumps & practice test questions and answers. You need avanset vce exam simulator in order to study the CompTIA Security+ SY0-601 certification exam dumps & CompTIA Security+ SY0-601 practice test questions in vce format.

1.2 Potential indicators of attacks

6. Adversarial artificial intelligence (AI)

In this video we're going to be talking about adversarial machine learning. Let's get into this. So adversarial machine learning is basically having machine learning or artificial intelligence do things that it's not supposed to be doing. In other words, it is working against itself. So let's get into exactly what machine learning is. First of all, machine learning really is something that's affecting all aspects of your life. Right now, computers are becoming more automated, and it's helping us do more things. For example, self-driving cars A self-driving car has a lot of machine learning to learn the streets, learn the patterns, know where to go, know the stop signs, know the speed limits, or whatever. Machine learning helps computers identify human faces. It helps to identify that as a dog and that as a cat. It helps us with things such as detecting spam. It assists us in determining what is a virus and what is not. So this is something that really affects the way we use computers. And as time has progressed, this will start to affect more of our lives, making this topic a hot topic. Make sure you know what it is. So adversarial machine learning is about hacking these types of systems and having the outcome not be the desired outcome. Let me show you an example of this. So there are a couple of examples of this thing here that make it pretty easy to understand. So they went out and got a turtle. This is the 3D-printed turtle. They took a turtle, slightly modified this toy turtle, and fooled the deep learning zooming on this. It makes it easier to see. And what they did was trick these deep learning algorithms into thinking this was a rifle. Now, neither I nor you can see that. I guess I could see a little bit of it, but they manipulated it very slightly to make you think that it is a rifle. And the other thing—the other one here—that I found interesting was the stop sign. I think this one here is good to know. So what they did was discover that by adding small black and white stickers to a stop sign, they made them invisible to computer vision algorithms. This would have a drastic effect, for example, on self-driving cars because now a self-driving car, instead of seeing a stop sign, doesn't see anything and goes right past the stop sign. This, of course, can have drastic effects on your physical safety. So now viruses are not just about stealing your data. Now it might just be killing you. It's pretty serious stuff. So as you can imagine, this is about to become a really big thing in our field of security. Wikipedia We're going to take a look at three strategies and why they want to do this. Number one, evasion attacks. So when they do this, it leads to evasion attacks. Basically, what happens is that they're trying to evade certain things. So, for example, machine learning is able to detect if that email is spam. It's also able to detect if that software is malware. So in an evasion attack, when it comes to this topic, what they're going to do is manipulate that email or manipulate that malware, making the antimalware and anti-spam believe that it's legitimate software or legitimate email, getting right past the filters. Another one is called poisoning. This one deals with contamination of the training data or manipulating the training data within these systems. So the training data is how the system will learn. Training data is really simple. Like, if you want a computer to detect that that's a turtle and that's a person, just keep showing pictures of people holding turtles and showing a picture of a cow and a turtle; eventually the machine will learn, "Okay, so those are what turtles look like, and those are not turtles." But what you could do is contaminate this training data, retraining the machine. So, for example, in this one, they're mentioning the ID system. IDs is a train to detect intrusion. So let's say an ID knows that a pattern of, like, this type of traffic is good. I'm sorry. That right. So what you can do is retrain it to say this pattern of traffic is actually good. So in this one, it's basically getting it right. So you're poisoning the training data to make the system see something different. The other one is model Steven. In this one here, you're going to probe a black box, machine learning, in order to reconstruct a whole different model to train it on. So it's a whole different model of training. All right. Machine learning, like self-driving cars, I believe will have a much greater impact on our daily lives and routines in our society today. Machine learning, of course, affects everything from logging into your phone with facial recognition to your health. Right. even buying things online. Machine learning tells you what products Amazon wants to sell you or what movie to watch on Netflix. But if these data get contaminated, then it may produce undesirable results. So what are some ways to fix this? Well, one thing to do is to secure the machine algorithms, the machine learning algorithms, by securing them and ensuring that the data that is being fed to them is correct. That way, by securing it and making sure the data is fed to it, you're going to ensure that it produces the correct results. For example, knowing that that thing isn't a stop sign. Nothing there. All right, so it's a pretty interesting topic. I think what I went over in this video is more than enough. what you need to know for your exam. I think I went overboard on it. But as I was doing research to do this video I found it really interesting. And I did find some pretty interesting data. not just for these pictures. I try to keep it simple, just for the exact purpose, but do some research on this. You'll be really surprised to know what's out there. And even though I've been doing security for a long time, it scared the hell out of me.

7. Malicious USB cables, drives and Card Cloning

In this video, we're going to be talking about some physical attacks that you should be familiar with for your exam. Let's get started. So the first one up is a malicious USB cable. Sounds crazy, see, right? a malicious USB cable. What's that about? So they have USB cables—just a normal USB cable. I have one here. I have one. Some messy set of cables I have here. So here, I have a USB cable. Imagine you have a USB cable like this that you plug in. Let's say you just give it to somebody to use, and they plug it in to connect some device. And then, through the cable, you're able to execute commands through the cable to the person's computer. Sounds crazy, right? This actually does exist.Let me show you, guys. Here's one of them. So this one here is called a USB Ninja cable. You can tell it's not a normal cable at $75 for a USB cable. And look at what this does. This is a ninja cable. They said it's a pen testing tool. Of course, I don't want to say it's a hacking tool. It looks like a regular USB cable until a wireless remote control triggers you to deliver our choice of attack payload to the computer. So imagine they give you a USB, which you believe to be a USB cable, but now the attacker can connect to the cable and inject malicious software on your computer. I think that's pretty cool stuff, the USB cable. These are fairly newer ones. Another attack we should be aware of is one that is a little older but is becoming increasingly well-known. Also, there is a company named Hack Five. They make a lot of interesting work, and you guys can check out Hackfight.org for a lot of interesting pen testing. So I won't go into it in this video, but there are a lot of interesting pen testing tools available here. A USB rubber ducky is a well-known invention. A USB Rubber Ducky looks basically like a normal USB thumb drive. So basically, when you people plug it in, it allows attackers to then connect to your machine, steal your data, and install malware on it. So imagine plugging seamlessly into a computer and installing backdoors, documenting infrastructure, and capturing credentials all by just plugging in this USB stick on their computer. So the USB Rubber Ducky basically injects keystrokes into the computer. The user is unaware because it simply flashes on them. They won't even know that their computer was fully infected. And now the computers are open for an attacker to go in and attack the machine.It's kind of pricey there, at $49. Because imagine if you give this to someone. You're probably not going to get it back because they're going to think it's some kind of USB stick. Okay? The last thing here I want to talk about is card cloning or skimming. So what this does is credit cards. So if people have credit cards, they may give If you give it to someone, they will swipe the card, and they may steal the data. So I want to show you guys. Look at this. On the left side of this page, on the left, is the actual real-life card reader. And right here is an ATM machine, by the way. And then right here, you have a skimming device. You can see it's attached there. And people don't know. They take their credit cards and they put them in, and they get their money and they take it out. But what that thing is doing is basically stealing the data right off the card. Then they cloned the card and remade your credit card. Now, they have the data on your credit card, and they can use it to buy whatever they like. Credit card fraud is a major thing. Credit card fraud is a pretty major phenomenon going around the world, maybe in the next 2030 years. Perhaps since the invention of credit cards. These items are one of the methods they can use to steal your credit card. Okay? So for your exam and in this video, make sure you know that you do have a malicious USB cable. If you've never heard of that, don't forget to have malicious drives, flash drives, USB drives, and of course, these card skimming and cloning devices.

8. Supply chain attacks

In this video, we're going to be talking about supply chain attacks. So first of all, what exactly is a supply chain? A supply chain is basically the different things we're going to be doing in order to handle raw materials, distribute them, manufacture them, and then distribute finished products to customers. I have a good diagram for this article on Wikipedia we're going to be using. So here's a diagram of a supply chain. So a supply chain basically takes raw materials, which the supplier then buys, stores, and sells to manufacturers. The manufacturer takes these raw materials from the suppliers and manufacturers them into a product, giving it over to the distribution center, which will then give it over to the customers and consumers. So for example, this desk, this typical desk that I'm standing above, is made of wood, cardboard, plastic, and I'm assuming some kind of cardboard thing in here. Let's just say wood, plastic, and steel. Right? It's the steel legs. They have plastic candles here to wind the desk up and down. So somebody had to go out and get the actual raw materials, the minerals themselves; that would be the raw materials suppliers, then buy them, store them, and then sell them to the manufacturer, who actually took the plastic, the wood, and the steam and put them together to form the physical desk. Then it was given out to distribution centres where it was sold off, and it ended up in my hands. Right. So what are supply chain attacks? Well, a supply chain attack is going to tax something here. It's typically a physical attack on computer networks, various types of systems that run these specific things, such as a manufacturing system, and it brings it down. So the objective is to bring the system down, either part of it or the entire thing. It now generally entails physically tampering with electronics, whether computers, ATMs, or power systems, with the goal of bringing the entire system down. In this video, I want to show you two famous ones that is well known.The first one is the target attack that happened at the end of 2013. This one here was put into the target POS systems, and around 40 million people's credit cards and debit cards were probably stolen in this particular one. So this one here targets their POS systems. The stucknet computer worm is another well-known one that you'll read about in various computer guides as your security career progresses. This was believed to be an American weapon but was really a cyberweapon that was sent over to the Iranians in order to cause damage so they would not develop enriched uranium in order to make nuclear weapons. And these things caused havoc for them. So these are some of the supply chain attacks; there are others; there is an article here; this was under the Wikipedia article of the supply chain attack. There were so many different attacks out there. So, as I was doing some research for this video, I came across many different types of taxes. As I was reading it, it was pretty interesting to see how many different types of networks there are. From ATM networks, I learned something called a "green dispenser." Now, again, I do a lot of security stuff, but a supply chain attack is not my cup of tea. They were targeted against power infrastructure, water supply systems, and other critical infrastructure. So these types of attacks are pretty prominent. And these types of attacks have drastic impacts on the data we use for your exam. Just know what a supply chain attack is. Later on, of course, we'll get to how to secure these things. But for now, just know what exactly our supply chain attacks are.

9. Keyloggers

In this video, we're going to be talking about how to steal people's information across the network or even wirelessly without them even knowing about it. In particular, I'm going to be showing you what keyloggers are and how dangerous they are. If you've never seen anything like this before, it's about to scare the hell out of you because people could be watching your keystrokes right now, people on your day, and you have no idea. By the time I'm done, I'm 100% sure all of you are about to check the back of your computer. You'll see what I mean, Let's get started. So what is a key logger? A keylogger comes in two types. You have a software and a hardware keylogger. Now keyloggers are technically not illegal. Key loggers are used to monitor what employees are typing. They're basically software hardware that's installed on people's computers and will track anything you type. So hackers will install this, or I should say malicious folks will install this, to monitor you in order to capture your passwords, documents, or messages you're typing, and so on. Basically, anything that is typed on a keyboard is going to be captured. Of course, you know, all messages, all passwords, all logins, and so on. So how are we going to defeat this, and how are we going to stop this? Well, that's what I'm going to show you at the end of the video. So stay for that. Let's see how it works, though. So the first one up is a software keylogger. A software keylogger is basically a piece of software you install on a computer that just keeps track of all the keystrokes. I'm going to show you an older one that I have set up here that was quick and easy to set up to do this video. And then I'll show you a more complex one that doesn't only do keystrokes but actually captures pictures too. Let's take a look here. So here, I have two windows. Machines. I have two Windows. Seven. These are virtual machines. Okay, so I have this grey one, this grey Windows Seven. The one with the grey background is basically running a server. This one is going to be looking at the keystroke of the blue Windows 7 here at the back. And basically, it's a piece of software called Thief. It's really old software, but it still works here on Windows Seven. And I'm going to turn on the keylogger here so you can actually see what it does. So we're going to go to Spy, and I'm going to say Keylogger, and then I'm going to say Start. So this thing right now is logging all the keys of this blue machine. So let's push this aside here. We'll push this aside so you can see it, and then we'll bring this blue one up. So watch as I use this blue virtual machine. You'll notice it's capturing all the keystrokes. So I'm going to go here and I'm going to say they want to type a message. Maybe they have written that they were typing a message. I am typing a hidden message that I hope no one can see. "Okay, so you notice that on this other machine, this great one, we can actually see I'm typing a hidden notice how even when I mistakenly type something and press the backspace key, it's every single key that tells me that I mistakenly press backspace," they reason. I erase the H, and then I put it back. I erase the N and the en, then I press the space there. Then I type the word message, and it's actually showing what I'm typing. You see, even if the user goes back to this blue machine here, Maybe they want to log into their Gmail. So they might have gone to their@gmail.com and clicked Login. And the email they had—let's say the account was Andy. I don't know. I'm making this up. Andy four@gmail.com. So that was his email. And then it's like, Google is like, okay, what's your password?" His password was "password." All right, so you notice how the key enabled Logger to grab the username and the password from this machine on this end. Dangerous stuff, as you can see. Now, this is a really old piece of software. and this newer one, and I'll show you guys that now. So let's get rid of these virtual machines here. We don't need these here. I'm going to be deleting those. Those are infected with malware. I'm going to go here, and let's take a look at a good one. There's a good one called Actual. Now, this thing has been renamed the Actual Keylogger. This is a very famous keylogger from a long time ago that they have updated. This particular one is newer. This one, which you install on somebody's computer, not only keeps track of all their keystrokes, but what it does is that it actually takes screenshots of what they're doing, so it sets up and periodically takes screenshots of what they're doing, tracking all social media activities and so on. This one is a much more powerful piece of software than the other one that I was using. Since somebody instals this on your computer without your knowledge, they're basically spying on you. They'll know every website you go to, and they'll even see the screen that you were looking at. If you were looking at something you weren't supposed to be looking at, they'll see that. So this is a pretty dangerous piece of software. So if you have someone to spy on—maybe a spouse, not a spouse, maybe a child that you don't trust, or if you have employees—now this thing is legal. These things are not really illegal here. Why? Organizations could install this on your computer as long as they have your permission from you.You know that big employee manual that you sign but never read? You probably knew that they could do this to you and didn't even know about it. So this is the software keylogger. The other one I want to show you in this video is something called a hardware keylogger. Now this is really scary to a lot of people: a hardware keylogger. Here's a site called KeyLog. They sell these little devices that you take and plug into people's computers. Basically, you plug their keyboard into it, and it steals the data. Now you're probably thinking, How does that work? Well, in this video, I have the exact same one right here. And in this video, I'm going to show you how this all works and how we're going to steal some data. So if you're wondering how big this thing is, well, let's find out. Here, I have a keyboard. And what we're going to do is use this little Eddie keylogger to steal data off of somebody's computer in this video. So this should be a lot of fun, right? If you ever wanted to steal someone's password, for whatever reason, let's not say steal; let's say monitor someone's password. I think that would be a better word. This is the way to do it. You buy one of these, you install it on somebody's computer, you leave it there, and you could connect to this wirelessly, which you're about to see. We're going to connect to this thing wirelessly, and we're going to take the files off of it. So ideally, you buy this little thing. You go to the person from whom you want to steal the computer. You unplug their keyboard from the back of it. Hopefully, it's both a desktop and a laptop. You unplug the keyboard. You plug the keyboard into it just like this here.So we're going to take the USB keyboard, and we're just going to plug it directly in. So it has a little USB port. There's like a little USB extension, and that's basically it. Then we're going to take this, and we're going to install it on their desktop. Then we're going to go away, and everything they're typing will be able to be monitored. It's a good thing you can even do this on your phone. You can actually connect to this thing. This is an access point on your phone. So I thought this was a pretty cool device for you guys to check out. So I'm going to plug this into my laptop here, and we're going to be monitoring the laptop. Note the word "monitor," not "stealing that spot monitor." That's what it's called. Okay. All right. So we plugged in the laptop. We have the little keylogger that's plugged in. I have the keyboard here, and the keyboard works. Okay? just a normal keyboard. So what I'm going to do here is Iam going to log in here as Bob. So Bob wants to log in, and we're going to type Bob's password, which is greenpound, one, two, three. I'm telling it to because we'll see it in a minute. Anyhow. So that's Bob's password. It's. Press enter. So Bob has logged in. Now, don't forget to keep in mind that this thing is logging his keystrokes, okay? So what's going to happen here? Bob wants to type a message in Word. Bob opens up Word with his mouse. He opens it up. Hopefully, you guys can see that. And Bob, are you going to type this as my hidden message? So he just typed that. Maybe he types other messages. He's done typing. So the keylogger, right, is keeping all of this stuff? He doesn't want to say that. Maybe Bob wants to go to Amazon, right? Bob wants to log into Amazon. So Bob goes, and he types Amazon.com. He brings that up. And then Bob goes to sign in. And here is the email, right? So, Bob, it's Bob at Gmail. Is Bob's actual email real? Hopefully there is Bob. One, two, three. No offence to you, Bob; it's something I'm making up. Enter that. It says to add the email address and mobile number to the account. Enter an account. Come on. All right. Now Bob's password comes up. So let's say Bob doesn't have Bob's password. Password 4567. All right? That's Bob's password. All right? It doesn't log in because it's not real. Okay, so we now have to see how to get the data off the stick, right? Because we know we want to capture Bob's Windows password. We want to capture his message. We want to capture whatever is typed on the browser here, right? So this thing is still plugged in, and it still has power. Okay, it still has power in it. So what I'm going to do is let's go back to my desktop here. So let's go take a look at my desktop. So my desktop already has a wireless card installed in it.So here's what I'm going to do. I'm going to go, and I'm going to connect this thing. This little device here has this little keylogger and an access point on it. I'm going to click here, and here it is. This is the actual device. Now you can rename this, and I'll show you how to do that in a minute. So I'm going to click on this, and I'm going to say Connect. Now, by default, it doesn't have any security in it. So I didn't change any of the default settings. I literally took this thing out of the box a few minutes ago before making this video. In fact, here's the manual sitting on my desk, okay? So this thing is going to take a couple of seconds to connect. And when it does now, it's trying to connect, and it's thinking it's going to have Internet. But it really doesn't have any Internet on it because it's not an access point that connects to the Internet. It's just an access point to the computer. All right? So did it connect? Yeah, there it is. So it's connected. So we have to now go to it.So it has a static IP on it. So we're going to go to the IP address on it. Four are the IP on the access point there. So here it is. This is that memory stick. So you notice green ones, twos, and threes. That was Bob's password. This is the message he typed in. Notice he went to Amazon, and he finished typing it out because Amazon had popped up. Here is his email. Here is his password that we captured remotely. So Bob is typing, right? So let's say Bob goes back and is going to type a message. So Bob goes back in, and he types a message. Let's say he just types "all as." All right? So he just typed a whole bunch of "as" for whatever reason. The keystroke is captured because the keylogger has just captured everything that I just typed in there. Right now, the keylogger doesn't have any security settings. We could go and secure it. We could go to Settings. We could change the name on it—give it an obscure name that no one knows about. You can use various encryption methods on it here. I'm not going to go over wireless encryption in this video. We'll talk about that in another video. But you can secure it. And if you don't want anybody there, you can just erase the log if needed. Okay, let's take that off of the laptop here because this is my personal laptop, and I don't need people to have a key log of it. All right, so keyloggers, did that scare the hell out of you? Here's what you guys should do right now. Why don't you check the back of your computer to see if someone has installed one of these $30 devices that is currently stealing all of your data? And if you ever wanted to steal data from someone, now you know how. Okay, obviously this is not done for you to hack. This is done for you to learn how to test where they have pen-testing videos. I know I have the hacker guy sitting on the wall there, but I should say math. Okay, so how do we protect against these things? So, number one, the software keyloggers Software keyloggers are generally going to be considered some form of malware if they're installed without your permission. Like that. One day, if you have an antivirus programme on your computer that's up-to-date and you have Windows updated and you're using the most up-to-date version of Windows, it will probably delete it. Another thing is that a lot of these software keyloggers that are going to be monitored remotely need to have a port open. So you want to make sure you have a firewall like Windows Firewall or any other third-party firewall to make sure that it locks up all the ports on your computer in order to even make that software firewall work. For me to make the key log work, I actually have to shut down the firewall on those Windows 7 machines to make it work. Now, you've got to keep in mind that there are legal versions of the software that employers could install on your computer and could be monitoring you; you just don't know about them because the software hides its services. It prevents the process from running. Okay? When it comes to hardware keyloggers, these are much more difficult to detect. The problem with these items is that no one really knows about them. How many of you guys, if you saw this connected to the back of your own computer, would have no idea? Because if you look at it when it goes into the actual keyboard, most of you may think this is normal. It looks like a little memory stick. Who knows, right? You don't know what this is. So the problem with this is that people don't know about it. And by watching this video now, you're seeing a variety of different versions. There's one that's a little bit bigger, a little bit smaller, and so on. If you use on-screen keyboards, you should perform a physical inspection of your keyboard. If you're typing in confidential data and you feel that you may be keylocked, You also want to make sure that you train users to detect these types of things. All right? So, if you're a security administrator or a security personnel, you should train users, especially CEOs, to visually inspect. Can you imagine having a company where the CEO, the cleaning person, comes in, is malicious, puts us on a CEO machine, and it's stealing all the data remotely? Like how this one has an access point, a security administrator must scan the networks to see if there are access points nearby and then try to connect to them and see what happens. Okay? That is the lesson on keyloggers. Hopefully, I scared the hell out of you. Or, hopefully, not. Hopefully you're not too scared now, because now you know how to fight them off. Off. And now, if you ever wanted to spy on someone, you know how.

10. How passwords are stored

In this video, we're going to be talking about passwords, and particularly how passwords are stored on a computer. From here, we can go about determining or coming up with methods to actually crack passwords, something you'll need to know for your exam. Okay? So let's get started. So how does a computer store a password? First of all, a computer does not store passwords in plain text. So that's the term you're going to need to know for your exam, right? So plain text is readable. Plain text is a message that is readable by humans. So, if you're reading text on a website that you can read—human readable text in English or whatever language you're using—that's considered plain text. Cipher text is text that is unintelligible. You can't read it. So when you encrypt data, it basically becomes cypher text. Now, passwords are stored on computers as hashes. They're not stored as plain text or clear text. Same thing. So, for example, let's say you have a password of "C-A-T." Let's make it complex. Cats one, two, and three So let's say a password is cat one, two, three. And, in a specific application, or even the Windows operating system, your password will not be saved in a file somewhere on the computer, as categories 1, 2, and 3 do. What it will do is that it's goingto hash that password and store cryptographic hash. Now, to illustrate this, it's best for me to show it to you live rather than even try to talk about it. It's better this way. Let's go. And I'm going to show you a very famous cryptographic hash here called MD Five. So MD-5 was a hashing algorithm that was very famous and shouldn't be used anymore. We'll explain this more in the cryptography section of this class. So, MD Five Online, this is just a small hashing generator. Now, the hashes will appear here. Now, what you need to know about hashing is that when you hash data—okay, when you hash particular data—what happens is it creates a cryptographic hash. The hash represents the data. The data changes; the hash changes. Hashing is done for integrity, but in today's world of passwords, all passwords are stored as hashes. Let me show you what I mean. I'm going to write a statement here, and it's best illustrated that way. I have many certifications at this moment here.And let's stop right there. You'll notice something, as every single time I type "I type," "Okay, six," you'll notice the hash changes. I have 62 certifications right now. Notice the hash change. The hash changes when I insert a period. This hash represents this data, basically. So in an actual computer, computers don't store, let's say, your password. So hashing. Now we're going to come back to hashing and how hashing is used in today's world. more in the cryptography section of the class. But what you need to know for now is that passwords are basically hashes. So let's see. A password is "cap." What happens is your computer doesn't actually store caps one, two, and three. It stores this thing. This represents this. You'll never be able to get this hash unless you know your password is cap one two three. That's the point of hashes. So as you go about your IT career, you can hear this all the time. What's the hash of the password? Remember, the hash of the password is that cryptographic hash, which is just a series of characters. And particularly, that's a 128-bit hash—that's a series of characters that basically represents the password. So anytime you hash-cap, let's go back to this. When you hash cap 1, 2, or 3, you will always get this hash. Watch this. You see, if I go to another website and I put in cat, it should generate the same hash, and then we'll compare and we'll find out. So this hash is what? I'm just going to use the last four digits. Baba, zero, e, 63 Yes, we are right. So anytime cap one, two, or three is actually hashed, it will always produce that hash. So how does the computer work? Well, here's how it works. When you initially create your password, such as cat1cat2cat3, the computer stores that long string of hash characters. When you go to log back in, what it does is, when you type caps one to three, it rehashes it and then compares it to the hash. If it matches the hash perfectly, that means thepassword must be perfect and it logs you in. That's the basics of what you need to know. So when cracking passwords, what they try to do is capture this hash, use it, and then try to decode this hash. They're doing something that shouldn't be done, which is taking the hash of itself in terms entered back into the passwords. Now, that's the basic concept of password cracking. Let's keep going, and let's get into how to actually crack a password.

Go to testing centre with ease on our mind when you use CompTIA Security+ SY0-601 vce exam dumps, practice test questions and answers. CompTIA SY0-601 CompTIA Security+ certification practice test questions and answers, study guide, exam dumps and video training course in vce format to help you study with ease. Prepare with confidence and study using CompTIA Security+ SY0-601 exam dumps & practice test questions and answers vce from ExamCollection.

Read More


Comments
* The most recent comment are at the top
  • Strykar
  • Canada
  • Sep 26, 2022

Passed with 811. Premium Dump questions are valid, but I would highly recommend that you go through the content and cross verify the answers in dump.

  • Sep 26, 2022
  • Fred
  • Canada
  • May 02, 2021

%100 valid, I passed with score 770! I had only 2 new questions that was very simple and even without IT knowledge you can answer them, but the premium here is valid. Best of luck!

  • May 02, 2021
  • ZoneCoaster
  • United States
  • Apr 16, 2021

Valid, Just Passed with 750. Use other resources, too.

  • Apr 16, 2021
  • Mike Goodwin
  • United States
  • Mar 25, 2021

Valid. Got 773. Few new questions, but thank you!

  • Mar 25, 2021
  • James Kim
  • South Africa
  • Jan 18, 2021

The content is truly verified by experts, because I was able to find the information from the questions & answers not only in the official study guide but also during the very test. Thank you, ExamCollection, for such high-quality resources!

  • Jan 18, 2021
  • Gud Life
  • France
  • Jan 10, 2021

I decided to go for the free VCE file to test the waters, and found some free options online to open VCE files. Eventually, I realized that I want to try the premium version and for the VCE simulator from ExamCollection. This was the time when I found myself buying the premium file. It has a lot more questions and answers than the free version, and the emulator is very user-friendly and helps you to evaluate your skills. I was able to pass my exam yesterday with a high result.

  • Jan 10, 2021
  • Mad Belo1
  • Iceland
  • Jan 06, 2021

I passed the CompTIA SY0-601 exam with 771 points, and I really proud of myself. The premium file with Q&As really has real and accurate exam questions, because almost all of them were during my test. Thus, I was able to pass it without any problems. So, good luck to everyone else!

  • Jan 06, 2021
  • Mad Belo1
  • United States
  • Dec 16, 2020

Passed as well with the same 771. Less Q & A and materials to study. Plus my new job required it so I had to cram in a week. Glad they released it. Good Luck to everyone else. Won't let this expire again. Folks, please buy the websites "Premium File" it works.

  • Dec 16, 2020
  • S
  • United States
  • Dec 15, 2020

Passed today with 771. Dump is about 90% valid

  • Dec 15, 2020
  • Gud Life
  • United States
  • Dec 15, 2020

Passed today with 771. Saw maybe about 10 new or possibly reworded questions.

  • Dec 15, 2020
  • Big Durty
  • United States
  • Dec 04, 2020

Passed 771!!!! Confirmed.

  • Dec 04, 2020

Add Comment

Feel Free to Post Your Comments About EamCollection VCE Files which Include CompTIA Security+ SY0-601 Exam Dumps, Practice Test Questions & Answers.

Purchase Individually

SY0-601 Premium File

Premium File
SY0-601 Premium File
849 Q&A
$76.99$69.99

SY0-601 Training Video Course

Training Course
SY0-601 Training Video Course
201 Lectures
$27.49$24.99

SY0-601 Study Guide

Study Guide
SY0-601 Study Guide
920 PDF Pages
$27.49$24.99

Top CompTIA Certifications

Site Search:

 

VISA, MasterCard, AmericanExpress, UnionPay

SPECIAL OFFER: GET 10% OFF

ExamCollection Premium

ExamCollection Premium Files

Pass your Exam with ExamCollection's PREMIUM files!

  • ExamCollection Certified Safe Files
  • Guaranteed to have ACTUAL Exam Questions
  • Up-to-Date Exam Study Material - Verified by Experts
  • Instant Downloads
Enter Your Email Address to Receive Your 10% Off Discount Code
A Confirmation Link will be sent to this email address to verify your login
We value your privacy. We will not rent or sell your email address

SPECIAL OFFER: GET 10% OFF

Use Discount Code:

MIN10OFF

A confirmation link was sent to your e-mail.
Please check your mailbox for a message from support@examcollection.com and follow the directions.

Next

Download Free Demo of VCE Exam Simulator

Experience Avanset VCE Exam Simulator for yourself.

Simply submit your e-mail address below to get started with our interactive software demo of your free trial.

Free Demo Limits: In the demo version you will be able to access only first 5 questions from exam.