Skip to Content

CompTIA Security+ SY0-601 Exam Questions and Answers – Page 5

The latest CompTIA Security+ (SY0-601) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-601) exam and earn CompTIA Security+ (SY0-601) certification.

CompTIA Security+ (SY0-601) Exam Questions and Answers

Question 401

Exam Question

The practice of modifying an application’s code without changing its external behavior is referred to as:

A. API call
B. Refactoring
C. Sideloading
D. Shimming

Correct Answer

B. Refactoring

Question 402

Exam Question

SSL stripping is an example of: (Select 2 answers)

A. Brute-force attack
B. Downgrade attack
C. Watering hole attack
D. On-path attack
E. Denial-of-Service (DoS) attack

Correct Answer

B. Downgrade attack
D. On-path attack

Question 403

Exam Question

What is the purpose of a DoS attack?

A. Code injection
B. Resource exhaustion
C. Malware infection
D. Privilege escalation

Correct Answer

B. Resource exhaustion

Question 404

Exam Question

Which of the following answers can be used to describe characteristics of a cross-site request forgery attack? (Select 3 answers)

A. Exploits the trust a website has in the user’s web browser
B. A user is tricked by an attacker into submitting unauthorized web requests
C. Website executes attacker’s requests
D. Exploits the trust a user’s web browser has in a website
E. A malicious script is injected into a trusted website
F. User’s browser executes attacker’s script

Correct Answer

A. Exploits the trust a website has in the user’s web browser
B. A user is tricked by an attacker into submitting unauthorized web requests
C. Website executes attacker’s requests

Question 405

Exam Question

Which of the terms listed below describes a programming error where an application tries to store a numeric value in a variable that is too small to hold it?

A. Buffer overflow
B. Pointer dereference
C. Memory leak
D. Integer overflow

Correct Answer

D. Integer overflow

Question 406

Exam Question

Which of the following are the characteristic features of a session ID? (Select 3 answers)

A. Stored on a server
B. A unique identifier assigned by the website to a specific user
C. Contains user’s authentication credentials, e.g. username and password
D. A piece of data that can be stored in a cookie, or embedded as an URL parameter
E. Stored in a visitor’s browser
F. A unique identifier assigned to a server

Correct Answer

B. A unique identifier assigned by the website to a specific user
D. A piece of data that can be stored in a cookie, or embedded as an URL parameter
E. Stored in a visitor’s browser

Question 407

Exam Question

Which of the following answers refers to a countermeasure against code injection?

A. Fuzzing
B. Input validation
C. Code signing
D. Normalization

Correct Answer

B. Input validation

Question 408

Exam Question

Which of the programming aspects listed below are critical in secure application development process? (Select 2 answers)

A. Patch management
B. Input validation
C. Password protection
D. Error and exception handling
E. Application whitelisting

Correct Answer

B. Input validation
D. Error and exception handling

Question 409

Exam Question

A malfunction in a preprogrammed sequential access to a shared resource is described as:

A. Race condition
B. Buffer overflow
C. Memory leak
D. Pointer dereference

Correct Answer

A. Race condition

Question 410

Exam Question

A type of exploit that relies on overwriting contents of memory to cause unpredictable results in an application is called:

A. IV attack
B. SQL injection
C. Buffer overflow
D. Fuzz test

Correct Answer

C. Buffer overflow

Tags

Tags

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.