SY0-501 Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA SY0-501 Online Questions & Answers

  • Question 1381:

    Which of the following types of attack is being used when an attacker responds by sending the MAC address of the attacking machine to resolve the MAC to IP address of a valid server?

    A. Session hijacking
    B. IP spoofing
    C. Evil twin
    D. ARP poisoning

  • Question 1382:

    A Chief Security Officer (CSO) has been unsuccessful in attempts to access the website for a potential partner (www.example.net). Which of the following rules is preventing the CSO from accessing the site? Blocked sites: *.nonews.com, *.rumorhasit.net, *.mars?

    A. Rule 1: deny from inside to outside source any destination any service smtp
    B. Rule 2: deny from inside to outside source any destination any service ping
    C. Rule 3: deny from inside to outside source any destination {blocked sites} service http-https
    D. Rule 4: deny from any to any source any destination any service any

  • Question 1383:

    A security engineer is configuring a wireless network with EAP-TLS. Which of the following activities is a requirement for this configuration?

    A. Setting up a TACACS+ server
    B. Configuring federation between authentication servers
    C. Enabling TOTP
    D. Deploying certificates to endpoint devices

  • Question 1384:

    Datacenter employees have been battling alarms in a datacenter that has been experiencing hotter than normal temperatures. The server racks are designed so all 48 rack units are in use, and servers are installed in any manner in which the technician can get them installed.

    Which of the following practices would BEST alleviate the heat issues and keep costs low?

    A. Utilize exhaust fans.
    B. Use hot and cold aisles.
    C. Airgap the racks.
    D. Use a secondary AC unit.

  • Question 1385:

    A security operations team recently detected a breach of credentials. The team mitigated the risk and followed proper processes to reduce risk. Which of the following processes would BEST help prevent this issue from happening again?

    A. Risk assessment
    B. Chain of custody
    C. Lessons learned
    D. Penetration test

  • Question 1386:

    An organization needs to implement a large PKI. Network engineers are concerned that repeated transmission of the OCSP will impact network performance. Which of the following should the security analyst recommend is lieu of an OCSP?

    A. CSR
    B. CRL
    C. CA
    D. OID

  • Question 1387:

    Which of the following has the potential to create a DoS attack on a system?

    A. A server room WiFi thermostat with default credentials
    B. A surveillance camera that has been replaced and is not plugged in
    C. A disabled user account that has not been deleted
    D. A wireless access point with WPA2 connected to the network

  • Question 1388:

    A technician is implementing 802 1X with dynamic VLAN assignment based on a user Active Directory group membership. Which of the following configurations supports the VLAN definitions?

    A. RADIUS attribute
    B. SAML tag
    C. LDAP path
    D. Shibboleth IdP

  • Question 1389:

    A member of the admins group reports being unable to modify the "changes" file on a server.

    The permissions on the file are as follows:

    Permissions User Group File

    -rwxrw-r--+ Admins Admins changes

    Based on the output above, which of the following BEST explains why the user is unable to modify the "changes" file?

    A. The SELinux mode on the server is set to "enforcing."
    B. The SELinux mode on the server is set to "permissive."
    C. An FACL has been added to the permissions for the file.
    D. The admins group does not have adequate permissions to access the file.

  • Question 1390:

    A user is presented with the following items during the new-hire onboarding process: -Laptop -Secure USB drive -Hardware OTP token -External high-capacity HDD -Password complexity policy -Acceptable use policy -HASP key -Cable lock Which of the following is one component of multifactor authentication?

    A. Secure USB drive
    B. Cable lock
    C. Hardware OTP token
    D. HASP key

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.