1. Home
  2. CompTIA
  3. SY0-501

CompTIA Security+

Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA CompTIA Certifications SY0-501 Questions & Answers

  • Question 1251:

    Which of the following controls does a mantrap BEST represent?

    A. Deterrent

    B. Detective

    C. Physical

    D. Corrective

  • Question 1252:

    A user attempts to send an email to an external domain and quickly receives a bounce-back message. The user then contacts the help desk stating the message is important and needs to be delivered immediately. While digging through the email logs, a systems administrator finds the email and bounce- back details:

    Your email has been rejected because it appears to contain SSN information. Sending SSN information via email to external recipients violates company policy.

    Which of the following technologies successfully stopped the email from being sent?

    A. DLP

    B. UTM

    C. WAF

    D. DEP

  • Question 1253:

    During certain vulnerability scanning scenarios, it is possible for the target system to react in unexpected ways. This type of scenario is MOST commonly known as:

    A. intrusive testing

    B. a buffer overflow

    C. a race condition

    D. active reconnaissance

  • Question 1254:

    An organization prefers to apply account permissions to groups and not individual users, but allows for exceptions that are justified. Some systems require a machine-to-machine data exchange and an associated account to perform this data exchange. One particular system has data in a folder that must be modified by another system. No user requires access to this folder; only the other system needs access to this folder. Which of the following is the BEST account management practice?

    A. Create a service account and apply the necessary permissions directly to the service account itself

    B. Create a service account group, place the service account in the group, and apply the permissions on the group

    C. Create a guest account and restrict the permissions to only the folder with the data

    D. Create a generic account that will only be used for accessing the folder, but disable the account until it is needed for the data exchange

    E. Create a shared account that administrators can use to exchange the data, but audit the shared account activity

  • Question 1255:

    A technician wants to implement PKI-based authentication on an enterprise wireless network. Which of the following should the technician configure to enforce the use of client-side certificates?

    A. 802.1X with PEAP

    B. WPA2-PSK

    C. EAP-TLS

    D. RADIUS Federation

  • Question 1256:

    A company has forbidden the use of external media within its headquarters location. A security analyst is working on adding additional repositories to a server in the environment when the analyst notices some odd processes running on the system. The analyst runs a command and sees the following:

    Given this output, which of the following security issues has been discovered?

    A. A misconfigured HIDS

    B. A malware installation

    C. A policy violation

    D. The activation of a Trojan

  • Question 1257:

    Which of the following agreement types is a non-contractual agreement between two or more parties and outlines each party's requirements and responsibilities?

    A. BPA

    B. SLA

    C. MOU

    D. ISA

  • Question 1258:

    A technician is implementing 802.1X with dynamic VLAN assignment based on a user Active Directory group membership. Which of the following configurations supports the VLAN definitions?

    A. RADIUS attribute

    B. SAML tag

    C. LDAP path

    D. Shibboleth IdP

  • Question 1259:

    As a security measure, an organization has disabled all external media from accessing the network. Since some users may have data that needs to be transferred to the network, which of the following would BEST assist a security administrator with transferring the data while keeping the internal network secure?

    A. Upload the media in the DMZ

    B. Upload the data in a separate VLAN

    C. Contact the data custodian

    D. Use a standalone scanning system

  • Question 1260:

    Which of the following is MOST likely the security impact of continuing to operate end-of-life systems?

    A. Higher total cost of ownership due to support costs

    B. Denial of service due to patch availability

    C. Lack of vendor support for decommissioning

    D. Support for legacy protocols

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.