1. Home
  2. CompTIA
  3. SY0-501

CompTIA SY0-501 Online Practice Questions and Exam Preparation

SY0-501 Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA SY0-501 Online Questions & Answers

  • Question 1231:

    A security analyst discovers that a company's username and password database was posted on an Internet forum. The username and passwords are stored in plain text. Which of the following would mitigate the damage done by this type of data exfiltration in the future?

    A. Create DLP controls that prevent documents from leaving the network
    B. Implement salting and hashing.
    C. Configure the web content filter to block access to the forum.
    D. Increase password complexity requirements.

  • Question 1232:

    A security operations learn recently detected a breach of credentials. The team mitigated the risk and followed proper processes lo reduce risk. Which of the following processes would BEST help prevent this issue from happening again?

    A. Risk assessment
    B. Chain of custody
    C. Lessons learned
    D. Penetration test

  • Question 1233:

    An organization is drafting an IRP and needs to determine which employees have the authority to take systems offline during an emergency situation. Which of the following is being outlined?

    A. Reporting and escalation procedures
    B. Permission auditing
    C. Roles and responsibilities
    D. Communication methodologies

  • Question 1234:

    A security engineer is analyzing the following line of JavaScript code that was found in a comment field on a web forum, which was recently involved in a security breach:

    Given the line of code above, which of the following BEST represents the attack performed during the breach?

    A. CSRF
    B. DDoS
    C. DoS
    D. XSS

  • Question 1235:

    An organization has decided to host its web application and database in the cloud. Which of the following BEST describes the security concerns for this decision?

    A. Access to the organization's servers could be exposed to other cloud-provider clients.
    B. The cloud vendor is a new attack vector within the supply chain.
    C. Outsourcing the code development adds risk to the cloud provider.
    D. Vendor support will cease when the hosting platforms reach EOL.

  • Question 1236:

    A company recently replaced its unsecure email server with a cloud-based email and collaboration solution that is managed and insured by a third party. Which of the following actions did the company take regarding risks related to its email and collaboration services?

    A. Transference
    B. Acceptance
    C. Mitigation
    D. Deterrence

  • Question 1237:

    An incident responder is preparing to acquire images and files from a workstation that has been compromised. The workstation is still powered on and running. Which of the following should be acquired LAST?

    A. Application files on hard disk
    B. Processor cache
    C. Processes in running memory
    D. Swap space

  • Question 1238:

    A manufacturing company updates a policy that instructs employees not to enter a secure area in groups and requires each employee to swipe their badge to enter the area When employees continue to ignore the policy, a mantrap is installed. Which of the following BEST describe the controls that were implemented to address this issue? (Select TWO).

    A. Detective
    B. Administrative
    C. Deterrent
    D. Physical
    E. Corrective

  • Question 1239:

    An organization wants to implement a method to correct risks at the system/application layer. Which of the following is the BEST method to accomplish this goal?

    A. IDS/IPS
    B. IP tunneling
    C. Web application firewall
    D. Patch management

  • Question 1240:

    DRAG DROP

    Drag and drop the correct protocol to its default port.

    Select and Place:

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.