1. Home
  2. CompTIA
  3. SY0-301

CompTIA SY0-301 Online Practice Questions and Exam Preparation

SY0-301 Exam Details

  • Exam Code
    :SY0-301
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :820 Q&As
  • Last Updated
    :Dec 12, 2021

CompTIA SY0-301 Online Questions & Answers

  • Question 331:

    Which of the following ports should be opened on a firewall to allow for NetBIOS communication? (Select TWO).

    A. 110
    B. 137
    C. 139
    D. 143
    E. 161
    F. 443

  • Question 332:

    The security administrator is implementing a malware storage system to archive all malware seen by the company into a central database. The malware must be categorized and stored based on similarities in the code. Which of the following should the security administrator use to identify similar malware?

    A. TwoFish
    B. SHA-512
    C. Fuzzy hashes
    D. HMAC

  • Question 333:

    In regards to secure coding practices, why is input validation important?

    A. It mitigates buffer overflow attacks.
    B. It makes the code more readable.
    C. It provides an application configuration baseline.
    D. It meets gray box testing standards.

  • Question 334:

    Which of the following concepts is used by digital signatures to ensure integrity of the data?

    A. Non-repudiation
    B. Hashing
    C. Transport encryption
    D. Key escrow

  • Question 335:

    A way to assure data at-rest is secure even in the event of loss or theft is to use:

    A. Full device encryption.
    B. Special permissions on the file system.
    C. Trusted Platform Module integration.
    D. Access Control Lists.

  • Question 336:

    Disabling unnecessary services, restricting administrative access, and enabling auditing controls on a server are forms of which of the following?

    A. Application patch management
    B. Cross-site scripting prevention
    C. Creating a security baseline
    D. System hardening

  • Question 337:

    An administrator notices an unusual spike in network traffic from many sources. The administrator suspects that:

    A. it is being caused by the presence of a rogue access point.
    B. it is the beginning of a DDoS attack.
    C. the IDS has been compromised.
    D. the internal DNS tables have been poisoned.

  • Question 338:

    A program has been discovered that infects a critical Windows system executable and stays dormant in memory. When a Windows mobile phone is connected to the host, the program infects the phone's boot loader and continues to target additional Windows PCs or phones. Which of the following malware categories BEST describes this program?

    A. Zero-day
    B. Trojan
    C. Virus
    D. Rootkit

  • Question 339:

    A technician is deploying virtual machines for multiple customers on a single physical host to reduce power consumption in a data center. Which of the following should be recommended to isolate the VMs from one another?

    A. Implement a virtual firewall
    B. Install HIPS on each VM
    C. Virtual switches with VLANs
    D. Develop a patch management guide

  • Question 340:

    Joe, a technician at the local power plant, notices that several turbines had ramp up in cycles during the week. Further investigation by the system engineering team determined that a timed .exe file had been uploaded to the system control console during a visit by international contractors. Which of the following actions should Joe recommend?

    A. Create a VLAN for the SCADA
    B. Enable PKI for the MainFrame
    C. Implement patch management
    D. Implement stronger WPA2 Wireless

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-301 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.