CompTIA SY0-601 - CompTIA Security+ 2021 Exam
Page: 1 / 172
Total 860 questions
Question #1 (Topic: Single Topic)
A user is attempting to navigate to a website from inside the company network using a desktop. When the user types in the URL, https://www.site.com, the user is
presented with a certificate mismatch warning from the browser. The user does not receive a warning when visiting http://www.anothersite.com. Which of the
following describes this attack?
presented with a certificate mismatch warning from the browser. The user does not receive a warning when visiting http://www.anothersite.com. Which of the
following describes this attack?
A. On-path
B. Domain hijacking
C. DNS poisoning
D. Evil twin
Answer: B
Question #2 (Topic: Single Topic)
Which of the following tools is effective in preventing a user from accessing unauthorized removable media?
A. USB data blocker
B. Faraday cage
C. Proximity reader
D. Cable lock
Answer: A
Question #3 (Topic: Single Topic)
A Chief Security Officer is looking for a solution that can provide increased scalability and flexibility for back-end infrastructure, allowing it to be updated and
modified without disruption to services. The security architect would like the solution selected to reduce the back-end server resources and has highlighted that
session persistence is not important for the applications running on the back-end servers. Which of the following would BEST meet the requirements?
modified without disruption to services. The security architect would like the solution selected to reduce the back-end server resources and has highlighted that
session persistence is not important for the applications running on the back-end servers. Which of the following would BEST meet the requirements?
A. Reverse proxy
B. Automated patch management
C. Snapshots
D. NIC teaming
Answer: C
Question #4 (Topic: Single Topic)
Which of the following describes a social engineering technique that seeks to exploit a person's sense of urgency?
A. A phishing email stating a cash settlement has been awarded but will expire soon
B. A smishing message stating a package is scheduled for pickup
C. A vishing call that requests a donation be made to a local charity
D. A SPIM notification claiming to be undercover law enforcement investigating a cybercrime
Answer: C
Question #5 (Topic: Single Topic)
A security analyst is reviewing application logs to determine the source of a breach and locates the following log:
https://www.comptia.com/login.php?id='%20or%20'1'1='1
Which of the following has been observed?
https://www.comptia.com/login.php?id='%20or%20'1'1='1
Which of the following has been observed?
A. DLL Injection
B. API attack
C. SQLi
D. XSS
Answer: C
