Security+ 2021

Here you have the best CompTIA SY0-601 practice exam questions

  • You have 860 total questions to study from
  • Each page has 5 questions, making a total of 172 pages
  • You can navigate through the pages using the buttons at the bottom
  • This questions were last updated on December 21, 2024
Question 1 of 860

A user is attempting to navigate to a website from inside the company network using a desktop. When the user types in the URL, https://www.site.com, the user is presented with a certificate mismatch warning from the browser. The user does not receive a warning when visiting http://www.anothersite.com. Which of the following describes this attack?

    Correct Answer: C

    The presence of a certificate mismatch warning when navigating to https://www.site.com implies that the user is being directed to a server presenting an incorrect SSL/TLS certificate. This situation typically arises from DNS poisoning, where the DNS records are tampered with, redirecting the user to a malicious server instead of the intended website. This manipulation causes the browser to detect that the certificate presented by the server does not match the expected certificate for the domain, triggering the warning. Domain hijacking involves taking control of the domain registration, which would not necessarily result in a certificate mismatch. On-path attacks and evil twin attacks involve different methods of intercepting or mimicking network traffic and would not typically result in a certificate mismatch warning.

Question 2 of 860

Which of the following tools is effective in preventing a user from accessing unauthorized removable media?

    Correct Answer: A

    A USB data blocker is a device that prevents data transfer between a computer and a USB device while still allowing power to flow through, making it effective at preventing unauthorized access to removable media. This device blocks any data from being read or written to the USB device, ensuring that only charging can occur, minimizing the risk of data theft or malicious data transfer.

Question 3 of 860

A Chief Security Officer is looking for a solution that can provide increased scalability and flexibility for back-end infrastructure, allowing it to be updated and modified without disruption to services. The security architect would like the solution selected to reduce the back-end server resources and has highlighted that session persistence is not important for the applications running on the back-end servers. Which of the following would BEST meet the requirements?

    Correct Answer: A

    A reverse proxy sits in front of web servers and forwards client requests to the appropriate back-end servers. It can offload tasks such as SSL termination, caching, and load balancing from the back-end servers, reducing their workload and resource utilization. Additionally, reverse proxies can distribute traffic among multiple back-end servers, improving scalability and flexibility. Since session persistence is not important for the applications running on the back-end servers, the reverse proxy can distribute requests dynamically without needing to maintain session state, further reducing the burden on individual servers. Reverse proxies meet the requirement for increased scalability and flexibility while allowing updates and modifications without disrupting the services.

Question 4 of 860

Which of the following describes a social engineering technique that seeks to exploit a person's sense of urgency?

    Correct Answer: A

    A phishing email stating that a cash settlement has been awarded but will expire soon describes a social engineering technique that seeks to exploit a person's sense of urgency. It creates a false sense of immediate action required to prevent missing out on something valuable, prompting the target to react quickly and often without careful consideration.

Question 5 of 860

A security analyst is reviewing application logs to determine the source of a breach and locates the following log: https://www.comptia.com/login.php?id='%20or%20'1'1='1

Which of the following has been observed?

    Correct Answer: C

    The provided log entry indicates a SQL injection (SQLi) attack. SQL injection occurs when an attacker inserts or