1. Home
  2. CompTIA
  3. SY0-301

CompTIA SY0-301 Online Practice Questions and Exam Preparation

SY0-301 Exam Details

  • Exam Code
    :SY0-301
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :820 Q&As
  • Last Updated
    :Dec 12, 2021

CompTIA SY0-301 Online Questions & Answers

  • Question 511:

    Which of the following ports should be used by a system administrator to securely manage a remote server?

    A. 22
    B. 69
    C. 137
    D. 445

  • Question 512:

    A firewall technician has been instructed to disable all non-secure ports on a corporate firewall. The technician has blocked traffic on port 21, 69, 80, and 137-139. The technician has allowed traffic on ports 22 and 443. Which of the following correctly lists the protocols blocked and allowed?

    A. BlockeD. TFTP, HTTP, NetBIOS; AlloweD. HTTPS, FTP
    B. BlockeD. FTP, TFTP, HTTP, NetBIOS; AlloweD. SFTP, SSH, SCP, HTTPS
    C. BlockeD. SFTP, TFTP, HTTP, NetBIOS; AlloweD. SSH, SCP, HTTPS
    D. BlockeD. FTP, HTTP, HTTPS; AlloweD. SFTP, SSH, SCP, NetBIOS

  • Question 513:

    The security administrator is analyzing a user's history file on a Unix server to determine if the user was attempting to break out of a rootjail. Which of the following lines in the user's history log shows evidence that the user attempted to escape the rootjail?

    A. cd ../../../../bin/bash
    B. whoami
    C. ls /root
    D. sudo -u root

  • Question 514:

    An internal auditor is concerned with privilege creep that is associated with transfers inside the company. Which mitigation measure would detect and correct this?

    A. User rights reviews
    B. Least privilege and job rotation
    C. Change management
    D. Change Control

  • Question 515:

    When a communications plan is developed for disaster recovery and business continuity plans, the MOST relevant items to include would bE. (Select TWO).

    A. Methods and templates to respond to press requests, institutional and regulatory reporting requirements.
    B. Methods to exchange essential information to and from all response team members, employees, suppliers, and customers.
    C. Developed recovery strategies, test plans, post-test evaluation and update processes.
    D. Defined scenarios by type and scope of impact and dependencies, with quantification of loss potential.
    E. Methods to review and report on system logs, incident response, and incident handling.

  • Question 516:

    Jane, a VPN administrator, was asked to implement an encryption cipher with a MINIMUM effective security of 128-bits. Which of the following should Jane select for the tunnel encryption?

    A. Blowfish
    B. DES
    C. SHA256
    D. HMAC

  • Question 517:

    A network analyst received a number of reports that impersonation was taking place on the network. Session tokens were deployed to mitigate this issue and defend against which of the following attacks?

    A. Replay
    B. DDoS
    C. Smurf
    D. Ping of Death

  • Question 518:

    A Chief Information Security Officer (CISO) is tasked with outsourcing the analysis of security logs. These will need to still be reviewed on a regular basis to ensure the security of the company has not been breached. Which of the following cloud service options would support this requirement?

    A. SaaS
    B. MaaS
    C. IaaS
    D. PaaS

  • Question 519:

    Joe, a network security engineer, has visibility to network traffic through network monitoring tools. However, he's concerned that a disgruntled employee may be targeting a server containing the company's financial records. Which of the following security mechanism would be MOST appropriate to confirm Joe's suspicion?

    A. HIDS
    B. HIPS
    C. NIPS
    D. NIDS

  • Question 520:

    A database administrator receives a call on an outside telephone line from a person who states that they work for a well-known database vendor. The caller states there have been problems applying the newly released vulnerability patch for their database system, and asks what version is being used so that they can assist. Which of the following is the BEST action for the administrator to take?

    A. Thank the caller, report the contact to the manager, and contact the vendor support line to verify any reported patch issues.
    B. Obtain the vendor's email and phone number and call them back after identifying the number of systems affected by the patch.
    C. Give the caller the database version and patch level so that they can receive help applying the patch.
    D. Call the police to report the contact about the database systems, and then check system logs for attack attempts.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-301 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.