SY0-701 Free Practice Test

- (Exam Topic 2)
A security analyst is concerned about traffic initiated to the dark web from the corporate LAN. Which of the following networks should the analyst monitor?

1. A. SFTP
2. B. AIS
3. C. Tor
4. D. loC

Correct Answer: C
Tor (The Onion Router) is a network and a software that enables anonymous communication over the internet. It routes the traffic through multiple relays and encrypts it at each layer, making it difficult to trace or monitor. It can access the dark web, which is a part of the internet that is hidden from conventional search engines and requires special software or configurations to access

- (Exam Topic 1)
A company recently experienced an attack during which its main website was Directed to the attacker's web server, allowing the attacker to harvest credentials from unsuspecting customers, Which of the following should the company implement to prevent this type of attack from occurring In the future?

1. A. IPsec
2. B. SSL/TLS
3. C. ONSSEC
4. D. SMIME

Correct Answer: B
To prevent attacks where the main website is directed to the attacker's web server and allowing the attacker to harvest credentials from unsuspecting customers, the company should implement SSL/TLS (Secure Sockets Layer/Transport Layer Security) to encrypt the communication between the web server and the clients. This will prevent attackers from intercepting and tampering with the communication, and will also help to verify the identity of the web server to the clients.

- (Exam Topic 2)
Which of the following allow access to remote computing resources, a operating system. and centrdized configuration and data

1. A. Containers
2. B. Edge computing
3. C. Thin client
4. D. Infrastructure as a service

Correct Answer: C
Thin clients are devices that have minimal hardware and software components and rely on a remote server to provide access to computing resources, an operating system, and centralized configuration and data. Thin clients can reduce the cost, complexity, and security risks of managing multiple devices.

- (Exam Topic 2)
An organization is repairing damage after an incident. Which Of the following controls is being implemented?

1. A. Detective
2. B. Preventive
3. C. Corrective
4. D. Compensating

Correct Answer: C
Corrective controls are security measures that are implemented after an incident to repair the damage and restore normal operations. They can include actions such as patching systems, restoring backups, removing malware, etc. An organization that is repairing damage after an incident is implementing corrective controls.

- (Exam Topic 1)
A security analyst was deploying a new website and found a connection attempting to authenticate on the site's portal. While Investigating The incident, the analyst identified the following Input in the username field:

Which of the following BEST explains this type of attack?

1. A. DLL injection to hijack administrator services
2. B. SQLi on the field to bypass authentication
3. C. Execution of a stored XSS on the website
4. D. Code to execute a race condition on the server

Correct Answer: B
The input "admin' or 1=1--" in the username field is an example of SQL injection (SQLi) attack. In this case, the attacker is attempting to bypass authentication by injecting SQL code into the username field that will cause the authentication check to always return true. References: CompTIA Security+ SY0-601 Exam Objectives: 3.1 Given a scenario, use appropriate software tools to assess the security posture of an organization.