RC0-501 Exam Details

  • Exam Code
    :RC0-501
  • Exam Name
    :CompTIA Security+ Recertification Exam
  • Certification
    :CompTIA Security+
  • Vendor
    :CompTIA
  • Total Questions
    :349 Q&As
  • Last Updated
    :Jul 13, 2026

CompTIA RC0-501 Online Questions & Answers

  • Question 1:

    Which of the following BEST describes an attack where communications between two parties are intercepted and forwarded to each party with neither party being aware of the interception and potential modification to the communications?

    A. Spear phishing
    B. Main-in-the-middle
    C. URL hijacking
    D. Transitive access

  • Question 2:

    A workstation puts out a network request to locate another system. Joe, a hacker on the network, responds before the real system does, and he tricks the workstation into communicating with him. Which of the following BEST describes what occurred?

    A. The hacker used a race condition.
    B. The hacker used a pass-the-hash attack.
    C. The hacker-explogted importer key management.
    D. The hacker explogted weak switch configuration.

  • Question 3:

    Which of the following AES modes of operation provide authentication? (Select two.)

    A. CCM
    B. CBC
    C. GCM
    D. DSA
    E. CFB

  • Question 4:

    Recently several employees were victims of a phishing email that appeared to originate from the company president. The email claimed the employees would be disciplined if they did not click on a malicious link in the message. Which of the following principles of social engineering made this attack successful?

    A. Authority
    B. Spamming
    C. Social proof
    D. Scarcity

  • Question 5:

    A company hires a consulting firm to crawl its Active Directory network with a non-domain account looking for unpatched systems. Actively taking control of systems is out of scope, as is the creation of new administrator accounts. For which of the following is the company hiring the consulting firm?

    A. Vulnerability scanning
    B. Penetration testing
    C. Application fuzzing
    D. User permission auditing

  • Question 6:

    A chief Financial Officer (CFO) has asked the Chief Information Officer (CISO) to provide responses to a recent audit report detailing deficiencies in the organization security controls. The CFO would like to know ways in which the organization can improve its authorization controls. Given the request by the CFO, which of the following controls should the CISO focus on in the report? (Select Three)

    A. Password complexity policies
    B. Hardware tokens
    C. Biometric systems
    D. Role-based permissions
    E. One time passwords
    F. Separation of duties
    G. Multifactor authentication
    H. Single sign-on
    I. Lease privilege

  • Question 7:

    A wireless network uses a RADIUS server that is connected to an authenticator, which in turn connects to a supplicant. Which of the following represents the authentication architecture in use?

    A. Open systems authentication
    B. Captive portal
    C. RADIUS federation
    D. 802.1x

  • Question 8:

    A copy of a highly confidential salary report was recently found on a printer in the IT department. The human resources department does not have this specific printer mapped to its devices, and it is suspected that an employee in the IT department browsed to the share where the report was located and printed it without authorization. Which of the following technical controls would be the BEST choice to immediately prevent this from happening again?

    A. Implement a DLP solution and classify the report as confidential, restricting access only to human resources staff
    B. Restrict access to the share where the report resides to only human resources employees and enable auditing
    C. Have all members of the IT department review and sign the AUP and disciplinary policies
    D. Place the human resources computers on a restricted VLAN and configure the ACL to prevent access from the IT department

  • Question 9:

    The IT department needs to prevent users from installing untested applications. Which of the following would provide the BEST solution?

    A. Job rotation
    B. Least privilege
    C. Account lockout
    D. Antivirus

  • Question 10:

    Refer to the following code:

    Which of the following vulnerabilities would occur if this is executed?

    A. Page exception
    B. Pointer deference
    C. NullPointerException
    D. Missing null check

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your RC0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.