COMPTIA SECURITY+ SY0-701 TEST 2026/2027 BANK 2
VERSIONS PRACTICE EXAM QUESTIONS WITH DETAILED
VERIFIED ANSWERS / EXAM QUESTIONS AND VERIFIED
ANSWERS |ALREADY GRADED A+|
Which attack aims to manipulate a website to redirect users to a
fraudulent site that appears legitimate to steal their information?
SQL injection
Cross-Site Scripting (XSS)
DNS spoofing
URL hijacking - ANSWER-DNS Spoofing
- Manipulates the DNS records to redirect users to a fraudulent
site, typically appearing legitimate, intending to steal their
information.
SQL Injection - ANSWER-Involves manipulating databases.
Cross-Site Scripting (XSS) - ANSWER-Involves injecting
malicious scripts into a website.
, Page |2
Which type of attack involves the modification or interception of
communication between two parties without their knowledge?
Man-in-the-Middle (MitM)
Buffer overflow
Spoofing
Zero-day exploit - ANSWER-Man-in-the-Middle (MitM)
- MitM attacks intercept and manipulate communications between
two parties without their awareness, allowing attackers to
eavesdrop or modify data.
Which attack involves falsifying the origin of an email to make it
appear as though it's from a trusted source?
Smurf attack
Phishing
Spoofing
Zero-day exploit - ANSWER-Spoofing
, Page |3
- Spoofing involves altering information to appear as if it comes
from a legitimate source, commonly seen in email addresses to
deceive recipients.
What is the primary aim of a SQL injection attack?
Disrupting network connections
Altering DNS records
Gaining unauthorized access to a database
Executing ransomware - ANSWER-Gaining unauthorized access
to a database
- SQL injection attacks manipulate a web application's input to
gain unauthorized access or control over a database.
What could be a potential indicator of a brute force attack on a
network?
A) Rapid increase in legitimate traffic
B) Repeated login attempts with different credentials
, Page |4
C) Decrease in CPU usage on the server
D) Increase in available system resources - ANSWER-Repeated
login attempts with different credentials
- A brute force attack involves repeated attempts to gain
unauthorized access by trying various login credentials, which
could be a potential indicator of this attack.
Which team is primarily focused on the defense, prevention, and
mitigation of security threats within an organization?
Red-team
Blue-team
White-team
Purple-team - ANSWER-Blue-team
- Responsible for maintaining and enhancing security defenses
and practices within an organization.
Which team facilitates collaboration between red and blue teams
to improve overall security measures within an organization?