1. Home
  2. CompTIA
  3. SY0-501

CompTIA SY0-501 Online Practice Questions and Exam Preparation

SY0-501 Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA SY0-501 Online Questions & Answers

  • Question 1061:

    A Chief Executive Officer (CEO) suspects someone in the lab testing environment is stealing confidential information after working hours when no one else is around. Which of the following actions can help to prevent this specific threat?

    A. Implement time-of-day restrictions.
    B. Audit file access times.
    C. Secretly install a hidden surveillance camera.
    D. Require swipe-card access to enter the lab.

  • Question 1062:

    During a routine audit, it is discovered that someone has been using a stale administrator account to log into a seldom used server. The person has been using the server to view inappropriate websites that are prohibited to end users. Which of the following could best prevent this from occurring again?

    A. Credential management
    B. Group policy management
    C. Acceptable use policy
    D. Account expiration policy

  • Question 1063:

    After reading a security bulletin, a network security manager Is concerned that a malicious actor may have breached the network using the same software flaw. The exploit code Is publicly available and has been reported as being used against other industries in the same vertical. Which of the following should the network security manager consult FIRST to determine a priority list for forensic review?

    A. The vulnerability scan output
    B. The IDS logs
    C. The full packet capture data
    D. The SIEM alerts

  • Question 1064:

    The application team within a company is asking the security team to investigate why its application is slow after an upgrade. The source of the team's application is 10.13.136.9, and the destination IP is 10.17.36.5. The security analyst pulls the logs from the endpoint security software but sees nothing is being blocked. The analyst then looks at the UTM firewall logs and sees the following:

    Which of the following should the security analyst request NEXT based on the UTM firewall analysis?

    A. Request the application team to allow TCP port 87 to listen on 10.17.36.5.
    B. Request the network team to open port 1433 from 10.13.136.9 to 10.17.36.5.
    C. Request the network team to turn off IPS for 10.13.136.8 going to 10.17.36.5.
    D. Request the application team to reconfigure the application and allow RPC communication.

  • Question 1065:

    A dumpster diver was able 10 retrieve hard drives from a competitor's trash bin. After installing the and hard drives and running common date recovery software. Sensitive information was recovered. In which of the following ways did the competitor apply media sanitation?

    A. Pulverizing
    B. Degaussing
    C. Encrypting
    D. Formatting

  • Question 1066:

    A recent audit uncovered a key finding regarding the use of a specific encryption standard in a web application that is used to communicate with business customers. Due to the technical limitations of its customers, the company is unable to upgrade the encryption standard. Which of the following types of controls should be used to reduce the risk created by this scenario?

    A. Physical
    B. Detective
    C. Preventive
    D. Compensating

  • Question 1067:

    Which of the following uses tokens between the identity provider and the service provider to authenticate and authorize users to resources?

    A. RADIUS
    B. SSH
    C. OAuth
    D. MSCHAP

  • Question 1068:

    A security administrator is developing training for corporate users on basic security principles for personal email accounts. Which of the following should be mentioned as the MOST secure way for password recovery?

    A. Utilizing a single Qfor password recovery
    B. Sending a PIN to a smartphone through text message
    C. Utilizing CAPTCHA to avoid brute force attacks
    D. Use a different e-mail address to recover password

  • Question 1069:

    A technician suspects that a desktop was compromised with a rootkit. After removing lhe hard drive from the desktop and running an offline le integrity check, the technician reviews the following output:

    Based on the above output, which of the following is the malicious file?

    A. notepad.exe
    B. lsass.exe
    C. kernel.dll
    D. httpd.axe

  • Question 1070:

    A security engineer must install the same x.509 certificate on three different servers. The client application that connects to the server performs a check to ensure the certificate matches the host name. Which of the following should the security engineer use?

    A. Wildcard certificate
    B. Extended validation certificate
    C. Certificate chaining
    D. Certificate utilizing the SAN file

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.