1. Home
  2. CompTIA
  3. SY0-501

CompTIA SY0-501 Online Practice Questions and Exam Preparation

SY0-501 Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA SY0-501 Online Questions & Answers

  • Question 241:

    During a recent audit, several undocumented and unpatched devices were discovered on the internal network. Which of the following can be done to prevent similar occurrences?

    A. Run weekly vulnerability scans and remediate any missing patches on all company devices
    B. Implement rogue system detection and configure automated alerts for new devices
    C. Install DLP controls and prevent the use of USB drives on devices
    D. Configure the WAPs to use NAC and refuse connections that do not pass the health check

  • Question 242:

    A company is looking for an all-in-one solution to provide identification authentication, authorization, and accounting services. Which of the following technologies should the company use?

    A. Diameter
    B. SAML
    C. Kerberos
    D. CHAP

  • Question 243:

    A systems administrator wants to implement a wireless protocol that will allow the organization to authenticate mobile devices prior to providing the user with a captive portal login. Which of the following should the systems administrator configure?

    A. L2TP with MAC filtering
    B. EAP-TTLS
    C. WPA2-CCMP with PSK
    D. RADIUS federation

  • Question 244:

    A water utility company has seen a dramatic increase in the number of water pumps burning out. A malicious actor was attacking the company and is responsible for the increase.

    Which of the following systems has the attacker compromised?

    A. DMZ
    B. RTOS
    C. SCADA
    D. IoT

  • Question 245:

    Which of the following types of keys is found in a key escrow?

    A. Public
    B. Private
    C. Shared
    D. Session

  • Question 246:

    During an incident, a company's CIRT determines it is necessary to observe the continued network- based transactions between a callback domain and the malware running on an enterprise PC. Which of the following techniques would be BEST to enable this activity while reducing the risk of lateral spread and the risk that the adversary would notice any changes?

    A. Physically move the PC to a separate Internet point of presence.
    B. Create and apply microsegmentation rules.
    C. Emulate the malware in a heavily monitored DMZ segment.
    D. Apply network blacklisting rules for the adversary domain.

  • Question 247:

    An organization discovers that unauthorized applications have been installed on company-provided mobile phones. The organization issues these devices, but some users have managed to bypass the security controls. Which of the following is the MOST likely issue, and how can the organization BEST prevent this from happening?

    A. The mobile phones are being infected with malware that covertly installs the applications. Implement full disk encryption and integrity-checking software.
    B. Some advanced users are jailbreaking the OS and bypassing the controls. Implement an MDM solution to control access to company resources.
    C. The mobile phones have been compromised by an APT and can no longer be trusted. Scan the devices for the unauthorized software, recall any compromised devices, and issue completely new ones.
    D. Some advanced users are upgrading the devices' OS and installing the applications. The organization should create an AUP that prohibits this activity.

  • Question 248:

    A business has recently deployed laptops to all sales employees. The laptops will be used primarily from home offices and while traveling, and a high amount of wireless mobile use is expected. To protect the laptops while connected to untrusted wireless networks, which of the following would be the BEST method for reducing the risk of having the laptops compromised?

    A. MAC filtering
    B. Virtualization
    C. OS hardening
    D. Application white-listing

  • Question 249:

    A security administrator suspects there may be unnecessary services running on a server. Which of the following tools will the administrator MOST likely use to confirm the suspicions?

    A. Nmap
    B. Wireshark
    C. Autopsy
    D. DNSEnum

  • Question 250:

    A number of employees report that parts of an ERP application are not working. The systems administrator reviews the following information from one of the employee workstations:

    Execute permission denied: financemodule.dll

    Execute permission denied: generalledger.dll

    Which of the following should the administrator implement to BEST resolve this issue while minimizing risk and attack exposure?

    A. Update the application blacklist
    B. Verify the DLL's file integrity
    C. Whitelist the affected libraries
    D. Place the affected employees in the local administrator's group

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.