1. Home
  2. CompTIA
  3. SY0-501

CompTIA SY0-501 Online Practice Questions and Exam Preparation

SY0-501 Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA SY0-501 Online Questions & Answers

  • Question 1121:

    During a routine check, a security analyst discovered the script responsible for the backup of the corporate file server has been changed to the following:

    Which of the following BEST describes the type of malware the analyst discovered?

    A. Keylogger
    B. Rootkit
    C. RAT
    D. Logic bomb

  • Question 1122:

    Which of the following is a benefit of credentialed vulnerability scans?

    A. Credentials provide access to scan documents to identify possible data theft.
    B. The vulnerability scanner is able to inventory software on the target.
    C. A scan will reveal data loss in real time.
    D. Black-box testing can be performed.

  • Question 1123:

    An application developer has neglected to include input validation checks in the design of the company's new web application. An employee discovers that repeatedly submitting large amounts of data, including custom code to an application will allow the execution of the custom code at the administrator level. Which of the following BEST identifies this application attack?

    A. Cross-site scripting
    B. Clickjacking
    C. Buffer overflow
    D. Replay

  • Question 1124:

    A security team has downloaded a public database of the largest collection of password dumps on the Internet. This collection contains the cleartext credentials of every major breach for the last four years. The security team pulls and compares users' credentials to the database and discovers that more than 30% of the users were still using passwords discovered in this list. Which of the following would be the BEST combination to reduce the risks discovered?

    A. Password length, password encryption, password complexity
    B. Password complexity, least privilege, password reuse
    C. Password reuse, password complexity, password expiration
    D. Group policy, password history, password encryption

  • Question 1125:

    A security administrator needs to conduct a full inventory of all encryption protocols and cipher suites. Which of the following tools will the security administrator use to conduct this inventory MOST efficiently?

    A. tcpdump
    B. Protocol analyzer
    C. Netstat
    D. Nmap

  • Question 1126:

    The Chief Technology Officer (CTO) of a company, Ann, is putting together a hardware budget for the next 10 years. She is asking for the average lifespan of each hardware device so that she is able to calculate when she will have to replace

    each device.

    Which of the following categories BEST describes what she is looking for?

    A. ALE
    B. MTTR
    C. MTBF
    D. MTTF

  • Question 1127:

    A critical enterprise component whose loss or destruction would significantly impede business operations or have an outsized impact on corporate revenue is known as:

    A. a single point of failure
    B. critical system infrastructure
    C. proprietary information.
    D. a mission-essential function

  • Question 1128:

    Which of the following controls does a mantrap BEST represent?

    A. Deterrent
    B. Detective
    C. Physical
    D. Corrective

  • Question 1129:

    Which of the following are used to increase the computing time it takes to brute force a password using an offline attack? (Select TWO)

    A. XOR
    B. PBKDF2
    C. bcrypt
    D. HMAC
    E. RIPEMD

  • Question 1130:

    While reviewing the security controls in place for a web-based application, a security controls assessor notices that there are no password strength requirements in place. Because of this vulnerability, passwords might be easily discovered using a brute force attack. Which of the following password requirements will MOST effectively improve the security posture of the application against these attacks? (Select two)

    A. Minimum complexity
    B. Maximum age limit
    C. Maximum length
    D. Minimum length
    E. Minimum age limit
    F. Minimum re-use limit

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.