1. Home
  2. CompTIA
  3. SY0-501

CompTIA Security+

Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA CompTIA Certifications SY0-501 Questions & Answers

  • Question 251:

    A systems administrator is receiving multiple alerts from the company NIPS. A review of the NIPS logs shows the following:

    reset both: 70.32.200.2:3194 ?gt; 10.4.100.4:80 buffer overflow attempt reset both: 70.32.200.2:3230 ?gt; 10.4.100.4:80 directory traversal attack reset client: 70.32.200.2:4019 ?gt; 10.4.100.4:80 Blind SQL injection attack Which of the

    following should the systems administrator report back to management?

    A. The company web server was attacked by an external source, and the NIPS blocked the attack.

    B. The company web and SQL servers suffered a DoS caused by a misconfiguration of the NIPS.

    C. An external attacker was able to compromise the SQL server using a vulnerable web application.

    D. The NIPS should move from an inline mode to an out-of-band mode to reduce network latency.

  • Question 252:

    A contracting company recently completed its period of performance on a government contract and would like to destroy all information associated with contract performance. Which of the following is the best NEXT step for the company to take?

    A. Consult data disposition policies in the contract.

    B. Use a pulper or pulverizer for data destruction.

    C. Retain the data for a period no more than one year.

    D. Burn hard copies containing PII or PHI

  • Question 253:

    A company employee recently retired, and there was a schedule delay because no one was capable of filling the employee's position. Which of the following practices would BEST help to prevent this situation in the future?

    A. Mandatory vacation

    B. Separation of duties

    C. Job rotation

    D. Exit interviews

  • Question 254:

    A security analyst is interested in setting up an IDS to monitor the company network. The analyst has been told there can be no network downtime to implement the solution, but the IDS must capture all of the network traffic. Which of the following should be used for the IDS implementation?

    A. Network tap

    B. Honeypot

    C. Aggregation

    D. Port mirror

  • Question 255:

    After discovering a security incident and removing the affected files, an administrator disabled an unneeded service that led to the breach. Which of the following steps in the incident response process has the administrator just completed?

    A. Containment

    B. Eradication

    C. Recovery

    D. Identification

  • Question 256:

    An administrator is disposing of media that contains sensitive information. Which of the following will provide the MOST effective method to dispose of the media while ensuring the data will be unrecoverable?

    A. Wipe the hard drive.

    B. Shred the hard drive.

    C. Sanitize all of the data.

    D. Degauss the hard drive.

  • Question 257:

    Which of the following is the MOST likely motivation for a script kiddie threat actor?

    A. Financial gain

    B. Notoriety

    C. Political expression

    D. Corporate espionage

  • Question 258:

    A technician is required to configure updates on a guest operating system while maintaining the ability to quickly revert the changes that were made while testing the updates. Which of the following should the technician implement?

    A. Snapshots

    B. Revert to known state

    C. Rollback to known configuration

    D. Shadow copy

  • Question 259:

    An organization is building a new customer services team, and the manager needs to keep the team focused on customer issues and minimize distractions. The users have a specific set of tools installed, which they must use to perform their duties. Other tools are not permitted for compliance and tracking purposes. Team members have access to the Internet for product lookups and to research customer issues. Which of the following should a security engineer employ to fulfill the requirements for the manager?

    A. Install a web application firewall.

    B. Install HIPS on the team's workstations.

    C. Implement containerization on the workstations.

    D. Configure whitelisting for the team.

  • Question 260:

    While monitoring the SIEM, a security analyst observes traffic from an external IP to an IP address of the business network on port 443. Which of the following protocols would MOST likely cause this traffic?

    A. HTTP

    B. SSH

    C. SSL

    D. DNS

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.