1. Home
  2. CompTIA
  3. SY0-301

CompTIA SY0-301 Online Practice Questions and Exam Preparation

SY0-301 Exam Details

  • Exam Code
    :SY0-301
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :820 Q&As
  • Last Updated
    :Dec 12, 2021

CompTIA SY0-301 Online Questions & Answers

  • Question 231:

    Symmetric encryption utilizes __________, while asymmetric encryption utilizes _________.

    A. Public keys, one time
    B. Shared keys, private keys
    C. Private keys, session keys
    D. Private keys, public keys

  • Question 232:

    A security administrator plans on replacing a critical business application in five years. Recently, there was a security flaw discovered in the application that will cause the IT department to manually re-enable user accounts each month at a cost of $2,000. Patching the application today would cost $140,000 and take two months to implement. Which of the following should the security administrator do in regards to the application?

    A. Avoid the risk to the user base allowing them to re-enable their own accounts
    B. Mitigate the risk by patching the application to increase security and saving money
    C. Transfer the risk replacing the application now instead of in five years
    D. Accept the risk and continue to enable the accounts each month saving money

  • Question 233:

    Which of the following transportation encryption protocols should be used to ensure maximum security between a web browser and a web server?

    A. SSLv2
    B. SSHv1
    C. RSA
    D. TLS

  • Question 234:

    Pete, the Chief Executive Officer (CEO) of a company, has increased his travel plans for the next two years to improve business relations. Which of the following would need to be in place in case something happens to Pete?

    A. Succession planning
    B. Disaster recovery
    C. Separation of duty
    D. Removing single loss expectancy

  • Question 235:

    A set of standardized system images with a pre-defined set of applications is used to build end- user workstations. The security administrator has scanned every workstation to create a current inventory of all applications that are installed on active workstations and is documenting which applications are out-of-date and could be exploited. The security administrator is determining the:

    A. Attack surface.
    B. Application hardening effectiveness.
    C. Application baseline.
    D. OS hardening effectiveness.

  • Question 236:

    A security administrator is responsible for performing periodic reviews of user permission settings due to high turnover and internal transfers at a corporation. Which of the following BEST describes the procedure and security rationale for performing such reviews?

    A. Review all user permissions and group memberships to ensure only the minimum set of permissions required to perform a job is assigned.
    B. Review the permissions of all transferred users to ensure new permissions are granted so the employee can work effectively.
    C. Ensure all users have adequate permissions and appropriate group memberships, so the volume of help desk calls is reduced.
    D. Ensure former employee accounts have no permissions so that they cannot access any network file stores and resources.

  • Question 237:

    Which of the following offers the LEAST secure encryption capabilities?

    A. TwoFish
    B. PAP
    C. NTLM
    D. CHAP

  • Question 238:

    Joe, the system administrator, is performing an overnight system refresh of hundreds of user computers. The refresh has a strict timeframe and must have zero downtime during business hours. Which of the following should Joe take into consideration?

    A. A disk-based image of every computer as they are being replaced.
    B. A plan that skips every other replaced computer to limit the area of affected users.
    C. An offsite contingency server farm that can act as a warm site should any issues appear.
    D. A back-out strategy planned out anticipating any unforeseen problems that may arise.

  • Question 239:

    Which of the following would prevent a user from installing a program on a company-owned mobile device?

    A. White-listing
    B. Access control lists
    C. Geotagging
    D. Remote wipe

  • Question 240:

    Sara, a security analyst, is trying to prove to management what costs they could incur if their customer database was breached. This database contains 250 records with PII. Studies show that the cost per record for a breach is $300. The likelihood that their database would be breached in the next year is only 5%. Which of the following is the ALE that Sara should report to management for a security breach?

    A. $1,500
    B. $3,750
    C. $15,000
    D. $75,000

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-301 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.