1. Home
  2. CompTIA
  3. SY0-501

CompTIA SY0-501 Online Practice Questions and Exam Preparation

SY0-501 Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA SY0-501 Online Questions & Answers

  • Question 1201:

    A systems administrator is configuring a system that uses data classification labels. Which of the following will the administrator need to implement to enforce access control?

    A. Discretionary access control
    B. Mandatory access control
    C. Role-based access control
    D. Rule-based access control

  • Question 1202:

    A system uses an application server and database server Employing the principle of least privilege, only database administrators are given administrative privileges on the database server, and only application team members are given administrative privileges on the application server. Audit and log file reviews are performed by the business unit (a separate group from the database and application teams). The organization wants to optimize operational efficiency when application or database changes are needed, but it also wants to enforce least privilege, prevent modification of log files, and facilitate the audit and log review performed by the business unit. Which of the following approaches would BEST meet the organization's goals?

    A. Restrict privileges on the log file directory to "read only" and use a service account to send a copy of these files to the business unit.
    B. Switch administrative privileges for the database and application servers. Give the application team administrative privileges on the database servers and the database team administrative privileges on the application servers.
    C. Remove administrative privileges from both the database and application servers, and give the business unit "read only" privileges on the directories where the log files are kept.
    D. Give the business unit administrative privileges on both the database and application servers so they can Independently monitor server activity.

  • Question 1203:

    Adhering to a layered security approach, a controlled access facility employs security guards who verify the authorization of all personnel entering the facility. Which of the following terms BEST describes the security control being employed?

    A. Administrative
    B. Corrective
    C. Deterrent
    D. Compensating

  • Question 1204:

    A security technician has been given the task of preserving emails that are potentially involved in a dispute between a company and a contractor. Which of the following BEST describes this forensic concept?

    A. Legal hold
    B. Chain of custody
    C. Order of volatility
    D. Data acquisition

  • Question 1205:

    A systems administrator is installing and configuring an application service that requires access to read and write to log and configuration files on a local hard disk partition. The service must run as an account with authorization to interact with the file system. Which of the following would reduce the attack surface added by the service and account? (Select TWO)

    A. Use a unique managed service account
    B. Utilize a generic password for authenticating
    C. Enable and review account audit logs
    D. Enforce least possible privileges for the account
    E. Add the account to the local administrator's group.
    F. Use a guest account placed in a non-privileged users' group

  • Question 1206:

    A supervisor in your organization was demoted on Friday afternoon. The supervisor had the ability to modify the contents of a confidential database, as well as other managerial permissions. On Monday morning, the database administrator reported that log files indicated that several records were missing from the database. Which of the following risk mitigation strategies should have been implemented when the supervisor was demoted?

    A. Incident management
    B. Routine auditing
    C. IT governance
    D. Monthly user rights reviews

  • Question 1207:

    An administrator needs to protect five websites with SSL certificates. Three of the websites have different domain names, and two of the websites share the domain name but have different subdomain prefixes. Which of the following SSL certificates should the administrator purchase to protect all the websites and be able to administer them easily at a later time?

    A. One SAN certificate
    B. One Unified Communications Certificate and one wildcard certificate
    C. One wildcard certificate and two standard certificates
    D. Five standard certificates

  • Question 1208:

    DRAG DROP

    A security engineer is setting up passwordless authentication for the first time.

    INSTRUCTIONS

    Use the minimum set of commands to set this up and verify that it works. Commands cannot be reused.

    If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

    Select and Place:

  • Question 1209:

    A security administrator is developing a methodology for tracking staff access to patient dat

    A. Which of the following would be the BEST method of creating audit trails for usage reports?
    B. Deploy file integrity checking
    C. Restrict access to the database by following the principle of least privilege
    D. Implementing a database activity monitoring system
    E. Created automated alerts on the IDS system for the database server

  • Question 1210:

    A chief Financial Officer (CFO) has asked the Chief Information Officer (CISO) to provide responses to a recent audit report detailing deficiencies in the organization security controls. The CFO would like to know ways in which the organization can improve its authorization controls. Given the request by the CFO, which of the following controls should the CISO focus on in the report? (Select Three)

    A. Password complexity policies
    B. Hardware tokens
    C. Biometric systems
    D. Role-based permissions
    E. One time passwords
    F. Separation of duties
    G. Multifactor authentication
    H. Single sign-on
    I. Lease privilege

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.