SY0-301 Exam Details

  • Exam Code
    :SY0-301
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :820 Q&As
  • Last Updated
    :Dec 12, 2021

CompTIA SY0-301 Online Questions & Answers

  • Question 21:

    During a penetration test from the Internet, Jane, the system administrator, was able to establish a connection to an internal router, but not successfully log in to it. Which ports and protocols are MOST likely to be open on the firewall? (Select FOUR).

    A. 21
    B. 22
    C. 23
    D. 69
    E. 3389
    F. SSH
    G. Terminal services
    H. Rlogin
    I. Rsync
    J. Telnet

  • Question 22:

    Which of the following controls mitigates the risk of Matt, an attacker, gaining access to a company network by using a former employee's credential?

    A. Account expiration
    B. Password complexity
    C. Account lockout
    D. Dual factor authentication

  • Question 23:

    Timestamps and sequence numbers act as countermeasures against which of the following types of attacks?

    A. Smurf
    B. DoS
    C. Vishing
    D. Replay

  • Question 24:

    Which of the following can use RC4 for encryption? (Select TWO).

    A. CHAP
    B. SSL
    C. WEP
    D. AES
    E. 3DES

  • Question 25:

    One of the most consistently reported software security vulnerabilities that leads to major exploits is:

    A. Lack of malware detection.
    B. Attack surface decrease.
    C. Inadequate network hardening.
    D. Poor input validation.

  • Question 26:

    Which of the following concepts are included on the three sides of the "security triangle"? (Select THREE).

    A. Confidentiality
    B. Availability
    C. Integrity
    D. Authorization
    E. Authentication
    F. Continuity

  • Question 27:

    During a server audit, a security administrator does not notice abnormal activity. However, a network security analyst notices connections to unauthorized ports from outside the corporate network. Using specialized tools, the network security analyst also notices hidden processes running. Which of the following has MOST likely been installed on the server?

    A. SPIM
    B. Backdoor
    C. Logic bomb
    D. Rootkit

  • Question 28:

    During a recent user awareness and training session, a new staff member asks the Chief Information Security Officer (CISO) why the company does not allow personally owned devices into the company facilities. Which of the following represents how the CISO should respond?

    A. Company A views personally owned devices as creating an unacceptable risk to the organizational IT systems.
    B. Company A has begun to see zero-day attacks against personally owned devices disconnected from the network.
    C. Company A believes that staff members should be focused on their work while in the company's facilities.
    D. Company A has seen social engineering attacks against personally owned devices and does not allow their use.

  • Question 29:

    Pete, an employee, attempts to visit a popular social networking site but is blocked. Instead, a page is displayed notifying him that this site cannot be visited. Which of the following is MOST likely blocking Pete's access to this site?

    A. Internet content filter
    B. Firewall
    C. Proxy server
    D. Protocol analyzer

  • Question 30:

    Which of the following security devices can be replicated on a Linux based computer using IP tables to inspect and properly handle network based traffic?

    A. Sniffer
    B. Router
    C. Firewall
    D. Switch

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-301 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.