1. Home
  2. CompTIA
  3. SY0-301

CompTIA SY0-301 Online Practice Questions and Exam Preparation

SY0-301 Exam Details

  • Exam Code
    :SY0-301
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :820 Q&As
  • Last Updated
    :Dec 12, 2021

CompTIA SY0-301 Online Questions & Answers

  • Question 71:

    Pete, the system administrator, is reviewing his disaster recovery plans. He wishes to limit the downtime in the event of a disaster, but does not have the budget approval to implement or maintain an offsite location that ensures 99.99% availability. Which of the following would be Pete's BEST option?

    A. Use hardware already at an offsite location and configure it to be quickly utilized.
    B. Move the servers and data to another part of the company's main campus from the server room.
    C. Retain data back-ups on the main campus and establish redundant servers in a virtual environment.
    D. Move the data back-ups to the offsite location, but retain the hardware on the main campus for redundancy.

  • Question 72:

    Which of the following is true about asymmetric encryption?

    A. A message encrypted with the private key can be decrypted by the same key
    B. A message encrypted with the public key can be decrypted with a shared key.
    C. A message encrypted with a shared key, can be decrypted by the same key.
    D. A message encrypted with the public key can be decrypted with the private key.

  • Question 73:

    Which of the following is a security risk regarding the use of public P2P as a method of collaboration?

    A. Data integrity is susceptible to being compromised.
    B. Monitoring data changes induces a higher cost.
    C. Users are not responsible for data usage tracking.
    D. Limiting the amount of necessary space for data storage.

  • Question 74:

    Which of the following tools would allow Ann, the security administrator, to be able to BEST quantify all traffic on her network?

    A. Honeypot
    B. Port scanner
    C. Protocol analyzer
    D. Vulnerability scanner

  • Question 75:

    A security analyst needs to ensure all external traffic is able to access the company's front-end servers but protect all access to internal resources. Which of the following network design elements would MOST likely be recommended?

    A. DMZ
    B. Cloud computing
    C. VLAN
    D. Virtualization

  • Question 76:

    The security administrator installed a newly generated SSL certificate onto the company web server. Due to a mis-configuration of the website, a downloadable file containing one of the pieces of the key was available to the public. It was verified that the disclosure did not require a reissue of the certificate. Which of the following was MOST likely compromised?

    A. The file containing the recovery agent's keys.
    B. The file containing the public key.
    C. The file containing the private key.
    D. The file containing the server's encrypted passwords.

  • Question 77:

    Which of the following techniques enables a highly secured organization to assess security weaknesses in real time?

    A. Access control lists
    B. Continuous monitoring
    C. Video surveillance
    D. Baseline reporting

  • Question 78:

    A new web server has been provisioned at a third party hosting provider for processing credit card transactions. The security administrator runs the netstat command on the server and notices that ports 80, 443, and 3389 are in a `listening' state. No other ports are open. Which of the following services should be disabled to ensure secure communications?

    A. HTTPS
    B. HTTP
    C. RDP
    D. TELNET

  • Question 79:

    One of the most basic ways to protect the confidentiality of data on a laptop in the event the device is physically stolen is to implement which of the following?

    A. File level encryption with alphanumeric passwords
    B. Biometric authentication and cloud storage
    C. Whole disk encryption with two-factor authentication
    D. BIOS passwords and two-factor authentication

  • Question 80:

    Which of the following digital certificate management practices will ensure that a lost certificate is not compromised?

    A. Key escrow
    B. Non-repudiation
    C. Recovery agent
    D. CRL

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-301 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.