Web Server Security — CompTIA Security+ (SY0-701) Practice Questions
Web server security covers the practices and controls used to protect HTTP/HTTPS servers, the applications they host, and the data they transmit. The SY0-701 exam tests understanding of threats such as injection attacks, cross-site scripting, directory traversal, and insecure configurations that expose server resources. Candidates must know how to harden web servers by disabling unnecessary services, enforcing TLS, applying least privilege to service accounts, and using web application firewalls. This domain intersects with application security and network security, making it a recurring theme across multiple SY0-701 objective areas.
Free questions on web server security
A security team discovers that attackers have compromised a web server and are using it to distribute malware to customers. What is the FIRST action that should be taken?
Free question · medium · full answer + explanation