SY0-501 Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA SY0-501 Online Questions & Answers

  • Question 1411:

    Drag the items on the left to show the different types of security for the shown devices. Not all fields need to be filled. Not all items need to be used.

    Select and Place:

  • Question 1412:

    A systems administrator is attempting to recover from a catastrophic failure in the datacenter. To recover the domain controller, the systems administrator needs to provide the domain administrator credentials. Which of the following account types is the systems administrator using?

    A. Local account
    B. Guest account
    C. Service account
    D. User account

  • Question 1413:

    Joe, a user, reports to the help desk that he can no longer access any documents on his PC. He states that he saw a window appear on the screen earlier, but he closed it without reading it. Upon investigation, the technician sees high disk activity on Joe's PC. Which of the following types of malware is MOST likely indicated by these findings?

    A. Keylogger
    B. Trojan
    C. Rootkit
    D. Crypto-malware

  • Question 1414:

    A hospital has received reports from multiple patients that their PHI was stolen after completing forms on the hospital's website. Upon investigation, the hospital finds a packet analyzer was used to steal data Which of the following protocols would prevent this attack from reoccurring?

    A. SFTP
    B. HTTPS
    C. FTPS
    D. SRTP

  • Question 1415:

    A penetration tester is testing passively for vulnerabilities on a company's network. Which of the following tools should the penetration tester use? (Select TWO).

    A. Zenmap
    B. Wireshark
    C. Nmap
    D. tcpdump
    E. Nikto
    F. Snort

  • Question 1416:

    A large financial services firm recently released information regarding a security breach within its corporate network that began several years before. During the time frame in which the breach occurred, indicators show an attacker gained administrative access to the network through a file download from a social media site and subsequently installed it without the user's knowledge. Since the compromise, the attacker was able to take command and control of the computer systems anonymously while obtaining sensitive corporate and personal employee information.

    Which of the following methods did the attacker MOST likely use to gain access?

    A. A bot
    B. A fileless virus
    C. A logic bomb
    D. A RAT

  • Question 1417:

    A security administrator receives notice that a third-party certificate authority has been compromised, and new certificates will need to be issued. Which of the following should the administrator submit to receive a new certificate?

    A. CRL
    B. OSCP
    C. PFX
    D. CSR
    E. CA

  • Question 1418:

    A small organization has implemented a rogue system detection solution. Which of the following BEST explains the organization's intent?

    A. To identify weak ciphers being used on the network
    B. To identify assets on the network that are subject to resource exhaustion
    C. To identify end-of-life systems still in use on the network
    D. To identify assets that are not authorized for use on the network

  • Question 1419:

    Which of the following describes the maximum amount of time a mission essential function can operate without the systems it depends on before significantly impacting the organization?

    A. MTBF
    B. MTTR
    C. RTO
    D. RPO

  • Question 1420:

    A security analyst reviews the following output:

    The analyst loads the hash into the SIEM to discover if this hash is seen in other parts of the network. After inspecting a large number of files, the security analyst reports the following:

    Which of the following is the MOST likely cause of the hash being found in other areas?

    A. Jan Smith is an insider threat
    B. There are MD5 hash collisions
    C. The file is encrypted
    D. Shadow copies are present

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.