1. Home
  2. CompTIA
  3. SY0-501

CompTIA SY0-501 Online Practice Questions and Exam Preparation

SY0-501 Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA SY0-501 Online Questions & Answers

  • Question 1151:

    A third-party penetration testing company was able to successfully use an ARP cache poison technique to gain root access on a server. The tester successfully moved to another server that was not in the original network. Which of the following is the MOST likely method used to gain access to the other host?

    A. Backdoor
    B. Pivoting
    C. Persistance
    D. Logic bomp

  • Question 1152:

    The director of information security at a company has recently directed the security engineering team to implement new security technologies aimed at reducing the impact of insider threats. Which of the following tools has the team MOST likely deployed? (Select TWO).

    A. DLF
    B. UTM
    C. SFTP
    D. SSH
    E. SSL

  • Question 1153:

    Which of the following command line tools would be BEST to identify the services running in a server?

    A. Traceroute
    B. Nslookup
    C. Ipconfig
    D. Netstat

  • Question 1154:

    A security administrator is reviewing the following firewall configuration after receiving reports that users are unable to connect to remote websites:

    Which of the following is the MOST secure solution the security administrator can implement to fix this issue?

    A. Add the following rule to the firewall: 5 PERMIT FROM:ANY TO:ANY PORT:53
    B. Replace rule number 10 with the following rule: 10 PERMIT FROM:ANY TO:ANY PORT:22
    C. Insert the following rule in the firewall: 25 PERMIT FROM:ANY TO:ANY PORTS:ANY
    D. Remove the following rule from the firewall: 30 DENY FROM:ANY TO:ANY PORT:ANY

  • Question 1155:

    Which of the following are considered among the BEST indicators that a received message is a hoax? (Choose two.)

    A. Minimal use of uppercase letters in the message
    B. Warnings of monetary loss to the receiver
    C. No valid digital signature from a known security organization
    D. Claims of possible damage to computer hardware
    E. Embedded URLs

  • Question 1156:

    An attacker is attempting to harvest user credentials on a client's website. A security analyst notices multiple attempts of random usernames and passwords. When the analyst types in a random username and password, the logon screen

    displays the following message:

    The username you entered does not exist.

    Which of the following should the analyst recommend be enabled?

    A. Input validation
    B. Obfuscation
    C. Error handling
    D. Username lockout

  • Question 1157:

    A systems administrator wants to protect data stored on mobile devices that are used to scan and record assets in a warehouse. The control must automatically destroy the secure container of mobile devices if they leave the warehouse. Which of the following should the administrator implement? (Select two.)

    A. Geofencing
    B. Remote wipe
    C. Near-field communication
    D. Push notification services
    E. Containerization

  • Question 1158:

    Which of the following threat actors is MOST likely to steal a company's proprietary information to gain a market edge and reduce time to market?

    A. Competitor
    B. Hacktivist
    C. Insider
    D. Organized crime.

  • Question 1159:

    A technician is configuring an intrusion prevention system to improve its ability to find and stop threats In the past, the system did not detect and stop some threats. Which of the following BEST describes what the technician is trying to correct with the new configuration?

    A. False positives
    B. False acceptance rate
    C. False negatives
    D. Error correction rate
    E. False rejection rate

  • Question 1160:

    A security auditor is testing perimeter security in a building that is protected by badge readers. Which of the following types of attacks would MOST likely gain access?

    A. Phishing
    B. Man-in-the-middle
    C. Tailgating
    D. Watering hole
    E. Shoulder surfing

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.