1. Home
  2. CompTIA
  3. SY0-501

CompTIA SY0-501 Online Practice Questions and Exam Preparation

SY0-501 Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA SY0-501 Online Questions & Answers

  • Question 1091:

    A security administrator found the following piece of code referenced on a domain controller's task scheduler:

    $var = GetDomainAdmins If $var != `fabio' SetDomainAdmins = NULL With which of the following types of malware is the code associated?

    A. RAT
    B. Backdoor
    C. Logic bomb
    D. Crypto-malware

  • Question 1092:

    An administrator is replacing a wireless router. The configuration of the old wireless router was not documented before it stopped functioning. The equipment connecting to the wireless network uses older legacy equipment that was manufactured prior to the release of the 802.11i standard.

    Which of the following configuration options should the administrator select for the new wireless router?

    A. WPA+CCMP
    B. WPA2+CCMP
    C. WPA+TKIP
    D. WPA2+TKIP

  • Question 1093:

    A security team received reports of increased latency on a highly utilized e-commerce server. This led to eventual service unavailability as a result of internal scanning activity. The following web-server log was shared with the team to support this claim:

    Which of the following actions would BEST address the service impact caused by scanning?

    A. Enable proper error handling on the web server
    B. Run scans during off peak hours
    C. Stop scanning the affected servers
    D. Disable directory enumeration in the scanning policy

  • Question 1094:

    A security researcher is tracking an adversary by noting its attacks and techniques based on its capabilities, infrastructure, and victims. Which of the following is the researcher MOST likely using?

    A. The Diamond Model of Intrusion Analysis
    B. The Cyber Kill Chain
    C. The MITRE CVE database
    D. The incident response process

  • Question 1095:

    Which of the following may indicate a configuration Hem has reached end-of-life?

    A. The device will no longer turn on and indicates an error
    B. The vendor has not published security patches recently.
    C. The object has been removed from the Active Directory.
    D. Logs show a performance degradation of the component.

  • Question 1096:

    The SSID broadcast for a wireless router has been disabled but a network administrator notices that unauthorized users are accessing the wireless network. The administer has determined that attackers are still able to detect the presence of the wireless network despite the fact the SSID has been disabled. Which of the following would further obscure the presence of the wireless network?

    A. Upgrade the encryption to WPA or WPA2
    B. Create a non-zero length SSID for the wireless router
    C. Reroute wireless users to a honeypot
    D. Disable responses to a broadcast probe request

  • Question 1097:

    An organization recently acquired an ISO 27001 certification. Which of the following would MOST likely be considered a benefit of this certification?

    A. It allows for the sharing of digital forensics data across organizations.
    B. It provides insurance in case of a data breach.
    C. It provides complimentary training and certification resources to IT security staff.
    D. It certifies the organization can work with foreign entities that require a security clearance.
    E. It assures customers that the organization meets security standards.

  • Question 1098:

    An organization uses multifactor authentication to restrict local network access. It requires a PIV and a PIN. Which of the following factors is the organization using?

    A. Something you have; something you are
    B. Something you know, something you do
    C. Something you do, something you are
    D. Something you have, something you know

  • Question 1099:

    After a security incident, management is meeting with involved employees to document the incident and its aftermath. Which of the following BEST describes this phase of the incident response process?

    A. Lessons learned
    B. Recovery
    C. Identification
    D. Preparation

  • Question 1100:

    A technician wants to configure a wireless router at a small office that manages a family- owned dry cleaning business. The router will support five laptops, potential smartphones, a wireless printer, and occasional guests. Which of the following wireless configuration is BEST implemented in this scenario?

    A. Single SSID with WPA2-Enterprise
    B. 802.1X with guest VLAN
    C. Dual SSID with WPA2-PSK
    D. Captive portal with two-factor authentication

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.