Free SY0-601 Exam Braindumps (page: 1)

Page 1 of 213

A user is attempting to navigate to a website from inside the company network using a desktop. When the user types in the URL, https://www.site.com, the user is presented with a certificate mismatch warning from the browser. The user does not receive a warning when visiting http://www.anothersite.com. Which of the following describes this attack?

  1. On-path
  2. Domain hijacking
  3. DNS poisoning
  4. Evil twin

Answer(s): C

Explanation:

The scenario describes a situation where the user is presented with a certificate mismatch warning when trying to access a website using HTTPS. This could indicate that the DNS resolution for the website has been manipulated, leading to the user being redirected to a different IP address or server controlled by an attacker. This type of attack is known as DNS poisoning, where the attacker maliciously modifies the DNS records to redirect users to fraudulent or malicious websites.



Which of the following tools is effective in preventing a user from accessing unauthorized removable media?

  1. USB data blocker
  2. Faraday cage
  3. Proximity reader
  4. Cable lock

Answer(s): A



A Chief Security Officer is looking for a solution that can provide increased scalability and flexibility for back-end infrastructure, allowing it to be updated and modified without disruption to services. The security architect would like the solution selected to reduce the back-end server resources and has highlighted that session persistence is not important for the applications running on the back-end servers. Which of the following would BEST meet the requirements?

  1. Reverse proxy
  2. Automated patch management
  3. Snapshots
  4. NIC teaming

Answer(s): A



Which of the following describes a social engineering technique that seeks to exploit a person's sense of urgency?

  1. A phishing email stating a cash settlement has been awarded but will expire soon
  2. A smishing message stating a package is scheduled for pickup
  3. A vishing call that requests a donation be made to a local charity
  4. A SPIM notification claiming to be undercover law enforcement investigating a cybercrime

Answer(s): A

Explanation:

The social engineering technique that seeks to exploit a person's sense of urgency is described in option A. By stating that a cash settlement has been awarded but will expire soon, the attacker creates a sense of urgency and tries to manipulate the recipient into taking immediate action without thoroughly considering the authenticity or legitimacy of the email. This technique aims to pressure the target into making a hasty decision or divulging sensitive information.



Page 1 of 213



Post your Comments and Discuss CompTIA SY0-601 exam with other Community members:

Cate 4/15/2024 7:56:05 AM
I just purchased the full PDG version. The contract looks promising and we'll formatted.
Australia
upvote

Mandeep 4/13/2024 8:55:49 PM
The PDF version is very good and much cheaper than the other sites.
INDIA
upvote

jjj 4/10/2024 9:28:10 PM
question 44? Is the answer wrong
Anonymous
upvote

Hey 4/1/2024 10:37:50 AM
interesting
Anonymous
upvote

Hey 4/1/2024 10:29:40 AM
Best place to practice the questions
Anonymous
upvote

hye 3/25/2024 6:55:05 PM
On question 156, where are you getting the PSK from?
UNITED STATES
upvote

sam doha 3/18/2024 5:13:11 PM
Passed exam syo-601 on 3/18/24. These questions helped a lot. Many questions are word by word, but many of them are asked differently. Just have to understand the concept, rather than memorizing the answer only.
Anonymous
upvote

Houang 3/18/2024 12:57:56 AM
I wrote my exam today. This dump helped me pass with a mark of 839.
UNITED STATES
upvote

sam doha 3/18/2024 12:17:01 AM
Looks good so far on page 1
Anonymous
upvote

6ikario 2/12/2024 1:21:23 PM
He like 9tut of Cisco that I was using in the past
Anonymous
upvote

Eric 2/5/2024 2:54:27 PM
nice collection
UNITED STATES
upvote

Nezrin 2/5/2024 6:34:49 AM
Suallar dusundurucu ve heleki san idi.
Anonymous
upvote

shan................... 2/4/2024 4:25:07 PM
Hi, there its used to downloaded question not any more why?.. I used to download N+ AND SECURITY+ in pendrive since I upgraded os windows10 I plug in pendrive in usb those download files r not opening any more its shows error bcz change os. I had vista os home edtion it was worked before now does'nt, so anyhow how can I download these questions.....thx
UNITED STATES
upvote

Rr 11/17/2023 12:44:00 AM
the advanced encryption standard (aes) encryption algorithm a widely supported encryption type for all wireless networks that contain any confidential data. 26 is right. eap is wrong
UNITED STATES
upvote

Mort 10/19/2023 7:09:00 PM
question: 162 should be dlp (b)
EUROPEAN UNION
upvote

Tom 12/12/2023 8:53:00 PM
question 134s answer shoule be "dlp"
JAPAN
upvote

Lewis 7/6/2023 8:49:00 PM
kool thumb up
UNITED STATES
upvote

JM 12/19/2023 1:22:00 PM
answer to 134 is casb. while data loss prevention is the goal, in order to implement dlp in cloud applications you need to deploy a casb.
UNITED STATES
upvote

John 11/12/2023 8:48:00 PM
why only give explanations on some, and not all questions and their respective answers?
UNITED STATES
upvote

MortonG 10/19/2023 6:32:00 PM
question: 128 d is the wrong answer...should be c
EUROPEAN UNION
upvote

Jason 9/30/2023 1:07:00 PM
question 81 should be c.
CANADA
upvote

JM 12/19/2023 2:41:00 PM
q47: intrusion prevention system is the correct answer, not patch management. by definition, there are no patches available for a zero-day vulnerability. the way to prevent an attacker from exploiting a zero-day vulnerability is to use an ips.
UNITED STATES
upvote

johnpaul 11/15/2023 7:55:00 AM
first time using this site
ROMANIA
upvote

CV 9/9/2023 1:54:00 PM
its time to comptia sec+
GREECE
upvote

al 6/7/2023 10:25:00 AM
most answers not correct here
Anonymous
upvote

Jas 10/25/2023 6:01:00 PM
165 should be apt
UNITED STATES
upvote

TS 7/18/2023 3:32:00 PM
good knowledge
Anonymous
upvote

Missy 9/26/2023 11:20:00 AM
question 47 is wrong. as by definition a zero-day vulnerability would not have a patch available to apply.
UNITED STATES
upvote

Japles 5/23/2023 9:46:00 PM
password lockout being the correct answer for question 37 does not make sense. it should be geofencing.
Anonymous
upvote

JM 12/19/2023 2:23:00 PM
q252: dns poisoning is the correct answer, not locator redirection. beaconing is detected from a host. this indicates that the system has been infected with malware, which could be the source of local dns poisoning. location redirection works by either embedding the redirection in the original websites code or having a user click on a url that has an embedded redirect. since users at a different office are not getting redirected, it isnt an embedded redirection on the original website and since the user is manually typing in the url and not clicking a link, it isnt a modified link.
UNITED STATES
upvote

Riya 1/10/2024 12:33:31 PM
useful stuff
UNITED STATES
upvote

tty 1/8/2024 3:36:40 PM
perfect exam to pass security +
UNITED STATES
upvote

TTY 1/8/2024 3:28:10 PM
this exams are very useful so study hard.
UNITED STATES
upvote

Yy 12/27/2023 12:49:42 PM
Getting restricted access that's insane. Anyways thanks
Anonymous
upvote