CompTIA Security+ SY0-601 Exam Questions and Answers – Page 3 Part 2

The latest CompTIA Security+ (SY0-601) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-601) exam and earn CompTIA Security+ (SY0-601) certification.

Question 271

Exam Question

The term “Static code analysis” refers to the process of discovering application run-time errors.

A. True
B. False

Correct Answer

B. False

Question 272

Exam Question

A web server and a client exchange data through HTTP messages. The two types of HTTP messages include: request from client to server (an HTTP request) and response from server to client (an HTTP response). An HTTP header is a name-value pair separated by a colon. It forms a part of the HTTP message and enables transferring additional information between the client and the server with the request or the response. Some HTTP headers can be used to improve security. As an example, for a website that has a valid SSL certificate (can be accessed via HTTPS), HTTP Strict Transport Security (HSTS) response header (if set) will block communication via HTTP and force the browser to use only secure HTTPS.

A. True
B. False

Correct Answer

A. True

Question 273

Exam Question

Which of the following security solutions can be used to protect database contents? (Select all that apply)

A. Fuzzing
B. Tokenization
C. Salting
D. Normalization
E. Hashing

Correct Answer

B. Tokenization
C. Salting
E. Hashing

Question 274

Exam Question

Unified Extensible Firmware Interface (UEFI) is a firmware interface designed as a replacement for BIOS. UEFI offers a variety of improvements over BIOS, including Graphical User Interface (GUI), mouse support, or secure boot functionality designed to prevent the loading of malware and unauthorized operating systems during the computer startup process.

A. True
B. False

Correct Answer

A. True

Question 275

Exam Question

Which of the following is a common firewall type used for protecting a single computer? (Select 2 answers)

A. Host-based firewall
B. Software firewall
C. Network-based firewall
D. Hardware firewall

Correct Answer

A. Host-based firewall
B. Software firewall

Question 276

Exam Question

The term “Intrusion Detection System” (IDS) refers to a device or application designed to detect malicious activities and violations of security policies on a network or computer host. An IDS designed to monitor networks is known as Network Intrusion Detection System (NIDS), an IDS installed on a host monitoring only that host is called Host Intrusion Detection System (HIDS). IDSs do not take any active steps to prevent or stop the intrusion relying only on passive response which may include sending an alert to a management console or saving information about the event in logs.

A. True
B. False

Correct Answer

A. True

Question 277

Exam Question

Which functionality allows a DLP system to fulfill its role?

A. Biometrics
B. Environmental monitoring
C. Content inspection
D. Loop protection

Correct Answer

C. Content inspection

Question 278

Exam Question

Which of the following answers refers to an endpoint security solution that provides the capability for detection, analysis, response, and real-time monitoring of cyber threats?

A. SWG
B. CASB
C. EDR
D. NGFW

Correct Answer

C. EDR

Question 279

Exam Question

A network protocol providing an alternative solution to the manual allocation of IP addresses is called:

A. DNS
B. SNMP
C. NAT
D. DHCP

Correct Answer

D. DHCP

Question 280

Exam Question

What are the characteristic features of the secure version of IMAP? (Select all that apply)

A. TCP port 143
B. Secure Sockets Layer (SSL)
C. TCP port 993
D. Transport Layer Security (TLS)
E. TCP port 995

Correct Answer

B. Secure Sockets Layer (SSL)
C. TCP port 993
D. Transport Layer Security (TLS)