1. Home
  2. CompTIA
  3. SY0-501

CompTIA SY0-501 Online Practice Questions and Exam Preparation

SY0-501 Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA SY0-501 Online Questions & Answers

  • Question 281:

    DRAG DROP

    An attack has occurred against a company.

    INSTRUCTIONS

    You have been tasked to do the following:

    Identify the type of attack that is occurring on the network by clicking on the attacker's tablet and reviewing the output. (Answer Area 1)

    Identify which compensating controls should be implemented on the assets, in order to reduce the effectiveness of future attacks by dragging them to the correct server. (Answer area 2) All objects will be used, but not all placeholders may be filled. Objects may only be used once. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

    Select and Place:

  • Question 282:

    Which of the following are MOST susceptible to birthday attacks?

    A. Hashed passwords
    B. Digital certificates
    C. Encryption passwords
    D. One time passwords

  • Question 283:

    A local coffee shop runs a small WiFi hotspot for its customers that utilizes WPA2-PSK. The coffee shop would like to stay current with security trends and wants to implement WPA3 to make its WiFi even more secure. Which of the following technologies should the coffee shop use in place of PSK?

    A. WEP
    B. EAP
    C. WPS
    D. SAE

  • Question 284:

    SIMULATION

    A company recently added a DR site and is redesigning the network. Users at the DR site are having issues browsing websites.

    INSTRUCTIONS

    Click on each firewall to do the following:

    1.

    Deny cleartext web traffic.

    2.

    Ensure secure management protocols are used.

    3.

    Resolve issues at the DR site.

    The ruleset order cannot be modified due to outside constraints.

    If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

    A. See explanation below.

  • Question 285:

    During certain vulnerability scanning scenarios, it is possible for the target system to react in unexpected ways. This type of scenario is MOST commonly known as:

    A. intrusive testing
    B. a buffer overflow
    C. a race condition
    D. active reconnaissance

  • Question 286:

    A technician suspects that a system has been compromised. The technician reviews the following log entry:

    WARNING- hash mismatch: C:\Window\SysWOW64\user32.dllWARNING- hash mismatch: C:\Window\SysWOW64\kernel32.dll

    Based solely ono the above information, which of the following types of malware is MOST likely installed on the system?

    A. Rootkit
    B. Ransomware
    C. Trojan
    D. Backdoor

  • Question 287:

    A security administrator is trying to encrypt communication. For which of the following reasons should administrator take advantage of the Subject Alternative Name (SAM) attribute of a certificate?

    A. It can protect multiple domains
    B. It provides extended site validation
    C. It does not require a trusted certificate authority
    D. It protects unlimited subdomains

  • Question 288:

    The security administrator has noticed cars parking just outside of the building fence line. Which of the following security measures can the administrator use to help protect the company's WiFi network against war driving? (Select TWO)

    A. Create a honeynet
    B. Reduce beacon rate
    C. Add false SSIDs
    D. Change antenna placement
    E. Adjust power level controls
    F. Implement a warning banner

  • Question 289:

    A security administrator has found a hash in the environment known to belong to malware. The administrator then finds this file to be in in the preupdate area of the OS, which indicates it was pushed from the central patch system.

    File: winx86_adobe_flash_upgrade.exe

    Hash: 99ac28bede43ab869b853ba62c4ea243

    The administrator pulls a report from the patch management system with the following output:

    Given the above outputs, which of the following MOST likely happened?

    A. The file was corrupted after it left the patch system.
    B. The file was infected when the patch manager downloaded it.
    C. The file was not approved in the application whitelist system.
    D. The file was embedded with a logic bomb to evade detection.

  • Question 290:

    A security analyst is reviewing an assessment report that includes software versions, running services, supported encryption algorithms, and permission settings. Which of the following produced the report?

    A. Vulnerability scanner
    B. Protocol analyzer
    C. Network mapper
    D. Web inspector

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.