The latest CompTIA Security+ (SY0-601) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-601) exam and earn CompTIA Security+ (SY0-601) certification.
Table of Contents
- Question 181
- Exam Question
- Correct Answer
- Question 182
- Exam Question
- Correct Answer
- Question 183
- Exam Question
- Correct Answer
- Question 184
- Exam Question
- Correct Answer
- Question 185
- Exam Question
- Correct Answer
- Question 186
- Exam Question
- Correct Answer
- Question 187
- Exam Question
- Correct Answer
- Question 188
- Exam Question
- Correct Answer
- Question 189
- Exam Question
- Correct Answer
- Question 190
- Exam Question
- Correct Answer
Question 181
Exam Question
What are the characteristic features of the Personal Information Exchange (PFX) and P12 digital certificate format? (Select 3 answers)
A. .pfx and .p12 file extensions
B. Generally used for Microsoft windows servers
C. Encoded in text (ASCII Base64) format
D. .pem, .crt, .cer and .key file extensions
E. Encoded in binary format
F. Generally used for Apache servers or similar configurations
Correct Answer
A. .pfx and .p12 file extensions
B. Generally used for Microsoft windows servers
E. Encoded in binary format
Question 182
Exam Question
What are the characteristic features of the Distinguished Encoding Rules (DER) digital certificate format? (Select 3 answers)
A. Encoded in binary format
B. Generally used for Microsoft windows servers
C. .der and .cer file extensions
D. Encoded in text (ASCII Base64) format
E. Generally used for Java servers
F. .pem, .crt, .cer and .key file extensions
Correct Answer
A. Encoded in binary format
C. .der and .cer file extensions
E. Generally used for Java servers
Question 183
Exam Question
A digital certificate which allows multiple domains to be protected by a single certificate is known as:
A. Extended Validation (EV) certificate
B. Wildcard certificate
C. Subject Alternative Name (SAN) certificate
D. Root signing certificate
Correct Answer
C. Subject Alternative Name (SAN) certificate
Question 184
Exam Question
In a digital certificate, the Common Name (CN) field describes a device, an individual, an organization, or any other entity the certificate has been issued for. In an SSL certificate, CN refers to the Fully Qualified Domain Name (FQDN), which is the domain name of the server protected by the SSL certificate.
A. True
B. False
Correct Answer
A. True
Question 185
Exam Question
What is the fastest way for checking the validity of a digital certificate?
A. CRL
B. Key escrow
C. OCSP
D. CSR
Correct Answer
C. OCSP
Question 186
Exam Question
What is the PKI role of Registration Authority (RA)? (Select 2 answers)
A. Accepting requests for digital certificates
B. Validating digital certificates
C. Authenticating the entity making the request
D. Providing backup source for cryptographic keys
E. Issuing digital certificates
Correct Answer
A. Accepting requests for digital certificates
C. Authenticating the entity making the request
Question 187
Exam Question
Which of the following answers refers to a hierarchical system for the creation, management, storage, distribution, and revocation of digital certificates?
A. Web of trust
B. PKI
C. IaaS
D. CA
Correct Answer
B. PKI
Question 188
Exam Question
A security solution that provides control over elevated (i.e. administrative type) accounts is known as:
A. MAC
B. PAM
C. ICS
D. FACL
Correct Answer
B. PAM
Question 189
Exam Question
Discretionary Access Control (DAC) is an access control model based on user identity. In DAC, every object has an owner who at his/her own discretion determines what kind of permissions other users can have to that object.
A. True
B. False
Correct Answer
A. True
Question 190
Exam Question
Which of the following answers refer to the Rule-Based Access Control (RBAC) model? (Select 2 answers)
A. Access to resources granted or denied depending on Access Control List (ACL) entries
B. Every object has an owner who at his/her own discretion determines what kind of permissions other users can have to that object
C. Implemented in network devices such as firewalls to control inbound and outbound traffic based on filtering rules
D. Every resource has a sensitivity label matching a clearance level assigned to a user; labels and clearance levels can only be applied and changed by an administrator
E. An access control method based on user identity
Correct Answer
A. Access to resources granted or denied depending on Access Control List (ACL) entries
C. Implemented in network devices such as firewalls to control inbound and outbound traffic based on filtering rules