The latest CompTIA Security+ (SY0-601) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-601) exam and earn CompTIA Security+ (SY0-601) certification.
Table of Contents
- Question 751
- Exam Question
- Correct Answer
- Question 752
- Exam Question
- Correct Answer
- Question 753
- Exam Question
- Correct Answer
- Question 754
- Exam Question
- Correct Answer
- Question 755
- Exam Question
- Correct Answer
- Question 756
- Exam Question
- Correct Answer
- Question 757
- Exam Question
- Correct Answer
- Question 758
- Exam Question
- Correct Answer
- Question 759
- Exam Question
- Correct Answer
- Question 760
- Exam Question
- Correct Answer
Question 751
Exam Question
Which of the following URLs is a potential indicator of a directory traversal attack?
A. http://www.example.com/var/../etc/passwd
B. http://www.example.com/var/www/../../etc/passwd
C. http://www.example.com/var/www/files/../../../etc/passwd
D. http://www.example.com/var/www/files/images/../../../../etc/passwd
E. Any of the above
Correct Answer
E. Any of the above
Question 752
Exam Question
Which of the following terms describes an attempt to read a variable value from an invalid memory address?
A. Buffer overflow
B. Null-pointer dereference
C. Integer overflow
D. Memory leak
Correct Answer
B. Null-pointer dereference
Question 753
Exam Question
Which of the following fragments of input might indicate an LDAP injection attack attempt? (Select 2 answers)
A. … AND password = ” OR ‘1’ = ‘1’;
B. administrator)(&))
C. … <script> malicious script code </script>
D. search.aspx?name=userName)(zone=*)
E. … p@$$w0rd</password></user><user><name>attacker</name> ….
Correct Answer
B. administrator)(&))
D. search.aspx?name=userName)(zone=*)
Question 754
Exam Question
A collection of precompiled functions designed to be used by more than one Microsoft Windows application simultaneously to save system resources is known as:
A. DLL
B. ISO
C. EXE
D. INI
Correct Answer
A. DLL
Question 755
Exam Question
Which of the following answers can be used to describe characteristics of a cross-site scripting attack? (Select 3 answers)
A. Exploits the trust a user’s web browser has in a website
B. A malicious script is injected into a trusted website
C. User’s browser executes attacker’s script
D. Exploits the trust a website has in the user’s web browser
E. A user is tricked by an attacker into submitting unauthorized web requests
F. Website executes attacker’s requests
Correct Answer
A. Exploits the trust a user’s web browser has in a website
B. A malicious script is injected into a trusted website
C. User’s browser executes attacker’s script
Question 756
Exam Question
A type of cryptographic attack that forces a network protocol to revert to its older, less secure version is known as:
A. Downgrade attack
B. Replay attack
C. On-path attack
D. Brute-force attack
Correct Answer
A. Downgrade attack
Question 757
Exam Question
Which cryptographic attack relies on the concepts of probability theory?
A. KPA
B. Brute-force
C. Dictionary
D. Birthday
Correct Answer
D. Birthday
Question 758
Exam Question
The practice of making an unauthorized copy of a payment card is referred to as:
A. Rooting
B. Cloning
C. Replication
D. Copying
Correct Answer
B. Cloning
Question 759
Exam Question
Due to added functionality in its plug, malicious USB cable can be used for:
A. GPS tracking
B. Capturing keystrokes
C. Sending and receiving commands
D. Delivering and executing malware
E. Any of the above
Correct Answer
E. Any of the above
Question 760
Exam Question
Which of the following refers to the contents of a rainbow table entry?
A. Hash/Password
B. IP address/Domain name
C. Username/Password
D. Account name/Hash
Correct Answer
A. Hash/Password