CompTIA CompTIA Security+ RC0-501 Questions & Answers

• Question 21:

  A technician suspects that a system has been compromised. The technician reviews the following log entry:

  WARNING- hash mismatch: C:\Window\SysWOW64\user32.dll WARNING- hash mismatch: C:\Window\SysWOW64\kernel32.dll Based solely ono the above information, which of the following types of malware is MOST likely installed on the

  system?

  A. Rootkit

  B. Ransomware

  C. Trojan

  D. Backdoor

  Correct Answer: A

• Question 22:

  A vulnerability scanner that uses its running service's access level to better assess vulnerabilities across multiple assets within an organization is performing a:

  A. Credentialed scan.

  B. Non-intrusive scan.

  C. Privilege escalation test.

  D. Passive scan.

  Correct Answer: A

• Question 23:

  An auditor is reviewing the following output from a password-cracking tool:

  

  Which of the following methods did the auditor MOST likely use?

  A. Hybrid

  B. Dictionary

  C. Brute force

  D. Rainbow table

  Correct Answer: A

• Question 24:

  Which of the following must be intact for evidence to be admissible in court?

  A. Chain of custody

  B. Order of violation

  C. Legal hold

  D. Preservation

  Correct Answer: A

• Question 25:

  A security analyst is hardening a web server, which should allow a secure certificate-based session using the organization's PKI infrastructure. The web server should also utilize the latest security techniques and standards. Given this set of requirements, which of the following techniques should the analyst implement to BEST meet these requirements? (Select two.)

  A. Install an X- 509-compliant certificate.

  B. Implement a CRL using an authorized CA.

  C. Enable and configure TLS on the server.

  D. Install a certificate signed by a public CA.

  E. Configure the web server to use a host header.

  Correct Answer: AC

• Question 26:

  A manager wants to distribute a report to several other managers within the company. Some of them reside in remote locations that are not connected to the domain but have a local server. Because there is sensitive data within the report and the size of the report is beyond the limit of the email attachment size, emailing the report is not an option. Which of the following protocols should be implemented to distribute the report securely? (Select three.)

  A. S/MIME

  B. SSH

  C. SNMPv3

  D. FTPS

  E. SRTP

  F. HTTPS

  G. LDAPS

  Correct Answer: BDF

• Question 27:

  An employer requires that employees use a key-generating app on their smartphones to log into corporate applications. In terms of authentication of an individual, this type of access policy is BEST defined as: A. Something you have.

  B. Something you know.

  C. Something you do.

  D. Something you are.

  Correct Answer: A

• Question 28:

  Adhering to a layered security approach, a controlled access facility employs security guards who verify the authorization of all personnel entering the facility. Which of the following terms BEST describes the security control being employed?

  A. Administrative

  B. Corrective

  C. Deterrent

  D. Compensating

  Correct Answer: C

• Question 29:

  An organization's file server has been virtualized to reduce costs. Which of the following types of backups would be MOST appropriate for the particular file server?

  A. Snapshot

  B. Full

  C. Incremental

  D. Differential

  Correct Answer: C

• Question 30:

  A wireless network uses a RADIUS server that is connected to an authenticator, which in turn connects to a supplicant. Which of the following represents the authentication architecture in use?

  A. Open systems authentication

  B. Captive portal

  C. RADIUS federation

  D. 802.1x

  Correct Answer: D