SY0-501 Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA SY0-501 Online Questions & Answers

  • Question 1391:

    A security administrator has received multiple calls from the help desk about customers who are unable to access the organization's web server. Upon reviewing the log files the security administrator determines multiple open requests have been made from multiple IP addresses, which is consuming system resources. Which of the following attack types does this BEST describe?

    A. DDoS
    B. DoS
    C. Zero day
    D. Logic bomb

  • Question 1392:

    The IT department's on-site developer has been with the team for many years. Each time an application is released, the security team is able to identify multiple vulnerabilities. Which of the following would BEST help the team ensure the application is ready to be released to production?

    A. Limit the use of third-party libraries.
    B. Prevent data exposure queries.
    C. Obfuscate the source code.
    D. Submit the application to QA before releasing it.

  • Question 1393:

    A bank requires tellers to get manager approval when a customer wants to open a new account. A recent audit shows that there have been four cases in the previous year where tellers opened accounts without management approval. The

    bank president thought separation of duties would prevent this from happening.

    In order to implement a true separation of duties approach the bank could:

    A. Require the use of two different passwords held by two different individuals to open an account
    B. Administer account creation on a role based access control approach
    C. Require all new accounts to be handled by someone else other than a teller since they have different duties
    D. Administer account creation on a rule based access control approach

  • Question 1394:

    A Chief Security Office's (CSO's) key priorities are to improve preparation, response, and recovery practices to minimize system downtime and enhance organizational resilience to ransomware attacks. Which of the following would BEST meet the CSO's objectives?

    A. Use email-filtering software and centralized account management, patch high-risk systems, and restrict administration privileges on fileshares.
    B. Purchase cyber insurance from a reputable provider to reduce expenses during an incident.
    C. Invest in end-user awareness training to change the long-term culture and behavior of staff and executives, reducing the organization's susceptibility to phishing attacks.
    D. Implement application whitelisting and centralized event-log management, and perform regular testing and validation of full backups.

  • Question 1395:

    An email recipient is unable to open a message encrypted through PKI that was sent from another organization. Which of the following does the recipient need to decrypt the message?

    A. The sender's private key
    B. The recipient's private key
    C. The recipient's public key
    D. The CA's root certificate
    E. The sender's public key
    F. An updated CRL

  • Question 1396:

    While performing a penetration test, the technicians want their efforts to go unnoticed for as long as possible while they gather useful data about the network they are assessing. Which of the following would be the BEST choice for the technicians?

    A. Vulnerability scanner
    B. Offline password cracker
    C. Packet sniffer
    D. Banner grabbing

  • Question 1397:

    A Chief Information Officer (CIO) has decided it is not cost effective to implement safeguards against a known vulnerability. Which of the following risk responses does this BEST describe?

    A. Transference
    B. Avoidance
    C. Mitigation
    D. Acceptance

  • Question 1398:

    A government agency with sensitive information wants to virtualize its infrastructure. Which of the following cloud deployment models BEST fits the agency's needs?

    A. Public
    B. Community
    C. Private
    D. Hybrid

  • Question 1399:

    An administrator has configured a new Linux server with the FTP service. Upon verifying that the service was configured correctly, the administrator has several users test the FTP service. Users report that they are able to connect to the FTP service and download their personal files, however, they cannot transfer new files to the server. Which of the following will most likely fix the uploading issue for the users?

    A. Create an ACL to allow the FTP service write access to user directories
    B. Set the Boolean selinux value to allow FTP home directory uploads
    C. Reconfigure the ftp daemon to operate without utilizing the PSAV mode
    D. Configure the FTP daemon to utilize PAM authentication pass through user permissions

  • Question 1400:

    A NIPS administrator needs to install a new signature to observe the behavior of a worm that may be spreading over SMB. Which of the following signatures should be installed on the NIPS?

    A. PERMIT from ANY:ANY to ANY:445 regex `.*SMB.*'
    B. DROP from ANY:445 to ANY:445 regex `.*SMB.*'
    C. DENY from ANY:ANY to ANY:445 regex `.*SMB.*'
    D. RESET from ANY:ANY to ANY:445 regex `.*SMB.*'

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.