1. Home
  2. CompTIA
  3. SY0-501

CompTIA SY0-501 Online Practice Questions and Exam Preparation

SY0-501 Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA SY0-501 Online Questions & Answers

  • Question 91:

    Which of the following is the proper use of a Faraday cage?

    A. To block electronic signals sent to erase a cell phone
    B. To capture packets sent to a honeypot during an attack
    C. To protect hard disks from access during a forensics investigation
    D. To restrict access to a building allowing only one person to enter at a time

  • Question 92:

    A network technician discovered the usernames and passwords used for network device configuration have been compromised by a user with a packet sniffer. Which of the following would secure the credentials from sniffing?

    A. Implement complex passwords.
    B. Use SSH for remote access.
    C. Configure SNMPv2 for device management.
    D. Use TFTP to copy device configuration.

  • Question 93:

    A systems administrator is attempting to recover from a catastrophic failure in the datacenter. To recover the domain controller, the systems administrator needs to provide the domain administrator credentials. Which of the following account types is the systems administrator using?

    A. Shared account
    B. Guest account
    C. Service account
    D. User account

  • Question 94:

    An organization identifies a number of hosts making outbound connections to a known malicious IP over port TCP 80. The organization wants to identify the data being transmitted and prevent future connections to this IP. Which of the following should the organization do to achieve this outcome?

    A. Use a protocol analyzer to reconstruct the data and implement a web-proxy.
    B. Deploy a web-proxy and then blacklist the IP on the firewall.
    C. Deploy a web-proxy and implement IPS at the network edge.
    D. Use a protocol analyzer to reconstruct the data and blacklist the IP on the firewall.

  • Question 95:

    A security administrator is configuring a new network segment, which contains devices that will be accessed by external users, such as web and FTP server. Which of the following represents the MOST secure way to configure the new network segment?

    A. The segment should be placed on a separate VLAN, and the firewall rules should be configured to allow external traffic.
    B. The segment should be placed in the existing internal VLAN to allow internal traffic only.
    C. The segment should be placed on an intranet, and the firewall rules should be configured to allow external traffic.
    D. The segment should be placed on an extranet, and the firewall rules should be configured to allow both internal and external traffic.

  • Question 96:

    An attacker has gained control of several systems on the Internet and is using them to attack a website, causing it to stop responding to legitimate traffic. Which of the following BEST describes the attack?

    A. MITM
    B. DNS poisoning
    C. Buffer overflow
    D. DDoS

  • Question 97:

    A company utilizes 802.11 for all client connectivity within a facility. Users in one part of the building are reporting they are unable to access company resources when connected to the company SSID. Which of the following should the security administrator use to assess connectivity?

    A. Sniffer
    B. Honeypot
    C. Routing tables
    D. Wireless scanner

  • Question 98:

    A security administrator suspects there may be unnecessary services running on a server. Which of the following tools will the administrator MOST likely use to confirm the suspicions?

    A. Nmap
    B. Wireshark
    C. Autopsy
    D. DNSEnum

  • Question 99:

    A company has users and porters in multiple geographic locations and the printers are locked in common areas of the offices. To preserve the confidentially of PII, a security administrator needs to implement the appropriate controls. Which of the following would BEST meet the confidentiality requirements of the data?

    A. Enforcing location-based policy restrictions
    B. Adding location to the standard naming convention
    C. implementing time-of-day restrictions based on location
    D. Conducting regular account maintenance at each location

  • Question 100:

    A wireless network has the following design requirements:

    Authentication must not be dependent on enterprise directory service It must allow background reconnection for mobile users It must not depend on user certificates Which of the following should be used in the design to meet the

    requirements? (Choose two.)

    A. PEAP
    B. PSK
    C. Open systems authentication
    D. EAP-TLS
    E. Captive portals

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.