1. Home
  2. CompTIA
  3. SY0-501

CompTIA Security+

Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA CompTIA Certifications SY0-501 Questions & Answers

  • Question 1171:

    Joe, a contractor, is hired by a firm to perform a penetration test against the firm's infrastructure. When conducting the scan, he receives only the network diagram and the network list to scan against the network. Which of the following scan types is Joe performing?

    A. Authenticated

    B. White box

    C. Automated

    D. Gray box

  • Question 1172:

    A security engineer implements multiple technical measures to secure an enterprise network. The engineer also works with the Chief Information Officer (CIO) to implement policies to govern user behavior. Which of the following strategies is the security engineer executing?

    A. Baselining

    B. Mandatory access control

    C. Control diversity

    D. System hardening

  • Question 1173:

    A user is unable to open a file that has a grayed-out icon with a lock. The user receives a pop-up message indicating that payment must be sent in Bitcoin to unlock the file. Later in the day, other users in the organization lose the ability to open files on the server.

    Which of the following has MOST likely occurred? (Choose three.)

    A. Crypto-malware

    B. Adware

    C. Botnet attack

    D. Virus

    E. Ransomware

    F. Backdoor

    G. DDoS attack

  • Question 1174:

    A security administrator is configuring a RADIUS server for wireless authentication. The configuration must ensure client credentials are encrypted end-to-end between the client and the authenticator.

    Which of the following protocols should be configured on the RADIUS server? (Choose two.)

    A. PAP

    B. MSCHAP

    C. PEAP

    D. NTLM

    E. SAML

  • Question 1175:

    A technician has discovered a crypto-virus infection on a workstation that has access to sensitive remote resources. Which of the following is the immediate NEXT step the technician should take?

    A. Determine the source of the virus that has infected the workstation.

    B. Sanitize the workstation's internal drive.

    C. Reimage the workstation for normal operation.

    D. Disable the network connections on the workstation.

  • Question 1176:

    A company wants to implement a wireless network with the following requirements:

    1.

    All wireless users will have a unique credential.

    2.

    User certificates will not be required for authentication.

    3.

    The company's AAA infrastructure must be utilized.

    4.

    Local hosts should not store authentication tokens.

    Which of the following should be used in the design to meet the requirements?

    A. EAP-TLS

    B. WPS

    C. PSK

    D. PEAP

  • Question 1177:

    Which of the following methods is used by internal security teams to assess the security of internally developed applications?

    A. Active reconnaissance

    B. Pivoting

    C. White box testing

    D. Persistence

  • Question 1178:

    A company has just completed a vulnerability scan of its servers. A legacy application that monitors the HVAC system in the datacenter presents several challenges, as the application vendor is no longer in business.

    Which of the following secure network architecture concepts would BEST protect the other company servers if the legacy server were to be exploited?

    A. Virtualization

    B. Air gap

    C. VLAN

    D. Extranet

  • Question 1179:

    An audit found that an organization needs to implement job rotation to be compliant with regulatory requirements. To prevent unauthorized access to systems after an individual changes roles or departments, which of the following should the organization implement?

    A. Permission auditing and review

    B. Exit interviews

    C. Offboarding

    D. Multifactor authentication

  • Question 1180:

    A security administrator has completed a monthly review of DNS server query logs. The administrator notices continuous name resolution attempts from a large number of internal hosts to a single Internet addressable domain name. The security administrator then correlated those logs with the establishment of persistent TCP connections out to this domain. The connections seem to be carrying on the order of kilobytes of data per week.

    Which of the following is the MOST likely explanation for this company?

    A. An attacker is infiltrating large amounts of proprietary company data.

    B. Employees are playing multiplayer computer games.

    C. A worm is attempting to spread to other hosts via SMB exploits.

    D. Internal hosts have become members of a botnet.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.