1. Home
  2. CompTIA
  3. SY0-501

CompTIA Security+

Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA CompTIA Certifications SY0-501 Questions & Answers

  • Question 201:

    A hacker has a packet capture that contains: Which of the following tools will the hacker use against this type of capture?

    A. Password cracker

    B. Vulnerability scanner

    C. DLP scanner

    D. Fuzzer

  • Question 202:

    Which of the following should a security analyst perform FIRST to determine the vulnerabilities of a legacy system?

    A. Passive scan

    B. Aggressive scan

    C. Credentialed scan

    D. Intrusive scan

  • Question 203:

    Which of the following components of printers and MFDs are MOST likely to be used as vectors of compromise if they are improperly configured?

    A. Embedded web server

    B. Spooler

    C. Network interface

    D. LCD control panel

  • Question 204:

    A company is allowing a BYOD policy for its staff. Which of the following is a best practice that can decrease the risk of users jailbreaking mobile devices?

    A. Install a corporately monitored mobile antivirus on the devices.

    B. Prevent the installation of applications from a third-party application store.

    C. Build a custom ROM that can prevent jailbreaking.

    D. Require applications to be digitally signed.

  • Question 205:

    Which of the following describes the key difference between vishing and phishing attacks?

    A. Phishing is used by attackers to steal a person's identity.

    B. Vishing attacks require some knowledge of the target of attack.

    C. Vishing attacks are accomplished using telephony services.

    D. Phishing is a category of social engineering attack.

  • Question 206:

    Attackers have been using revoked certificates for MITM attacks to steal credentials from employees of Company.com. Which of the following options should Company.com implement to mitigate these attacks?

    A. Captive portal

    B. OCSP stapling

    C. Object identifiers

    D. Key escrow

    E. Extended validation certificate

  • Question 207:

    After attempting to harden a web server, a security analyst needs to determine if an application remains vulnerable to SQL injection attacks. Which of the following would BEST assist the analyst in making this determination?

    A. tracert

    B. Fuzzer

    C. nslookup

    D. Nmap

    E. netcat

  • Question 208:

    Which of the following controls allows a security guard to perform a post-incident review?

    A. Detective

    B. Preventive

    C. Corrective

    D. Deterrent

  • Question 209:

    A systems administrator wants to generate a self-signed certificate for an internal website. Which of the following steps should the systems administrator complete prior to installing the certificate on the server?

    A. Provide the private key to a public CA.

    B. Provide the public key to the internal CA.

    C. Provide the public key to a public CA.

    D. Provide the private key to the internal CA.

    E. Provide the public/private key pair to the internal CA

    F. Provide the public/private key pair to a public CA.

  • Question 210:

    A security engineer is configuring a wireless network with EAP-TLS. Which of the following activities is a requirement for this configuration?

    A. Setting up a TACACS+ server

    B. Configuring federation between authentication servers

    C. Enabling TOTP

    D. Deploying certificates to endpoint devices

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.