1. Home
  2. CompTIA
  3. SY0-501

CompTIA Security+

Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA CompTIA Certifications SY0-501 Questions & Answers

  • Question 411:

    A company's loss control department identifies theft as a recurring loss type over the past year. Based on the department's report, the Chief Information Officer (CIO) wants to detect theft of datacenter equipment. Which of the following controls should be implemented?

    A. Biometrics

    B. Cameras

    C. Motion detectors

    D. Mantraps

  • Question 412:

    Due to regulatory requirements, a security analyst must implement full drive encryption on a Windows file server. Which of the following should the analyst implement on the system to BEST meet this requirement? (Choose two.)

    A. Enable and configure EFS on the file system.

    B. Ensure the hardware supports TPM, and enable it in the BIOS.

    C. Ensure the hardware supports VT-X, and enable it in the BIOS.

    D. Enable and configure BitLocker on the drives.

    E. Enable and configure DFS across the file system.

  • Question 413:

    A security analyst has set up a network tap to monitor network traffic for vulnerabilities. Which of the following techniques would BEST describe the approach the analyst has taken?

    A. Compliance scanning

    B. Credentialed scanning

    C. Passive vulnerability scanning

    D. Port scanning

  • Question 414:

    A security administrator receives an alert from a third-party vendor that indicates a certificate that was installed in the browser has been hijacked at the root of a small public C The security administrator knows there are at least four different browsers in use on more than a thousand computers in the domain worldwide. Which of the following solutions would be BEST for the security administrator to implement to most efficiently assist with this issue?

    A. SSL

    B. CRL

    C. PKI

    D. ACL

  • Question 415:

    An external contractor, who has not been given information about the software or network architecture, is conducting a penetration test. Which of the following BEST describes the test being performed?

    A. Black box

    B. White box

    C. Passive reconnaissance

    D. Vulnerability scan

  • Question 416:

    A global gaming console manufacturer is launching a new gaming platform to its customers. Which of the following controls reduces the risk created by malicious gaming customers attempting to circumvent control by way of modifying consoles?

    A. Firmware version control

    B. Manual software upgrades

    C. Vulnerability scanning

    D. Automatic updates

    E. Network segmentation

    F. Application firewalls

  • Question 417:

    An audit has revealed that database administrators are also responsible for auditing database changes and backup logs. Which of the following access control methodologies would BEST mitigate this concern?

    A. Time of day restrictions

    B. Principle of least privilege

    C. Role-based access control

    D. Separation of duties

  • Question 418:

    An administrator thinks the UNIX systems may be compromised, but a review of system log files provides no useful information. After discussing the situation with the security team, the administrator suspects that the attacker may be altering the log files and removing evidence of intrusion activity. Which of the following actions will help detect attacker attempts to further alter log files?

    A. Enable verbose system logging

    B. Change the permissions on the user's home directory

    C. Implement remote syslog

    D. Set the bash_history log file to "read only"

  • Question 419:

    An administrator has configured a new Linux server with the FTP service. Upon verifying that the service was configured correctly, the administrator has several users test the FTP service. Users report that they are able to connect to the FTP service and download their personal files, however, they cannot transfer new files to the server. Which of the following will most likely fix the uploading issue for the users?

    A. Create an ACL to allow the FTP service write access to user directories

    B. Set the Boolean selinux value to allow FTP home directory uploads

    C. Reconfigure the ftp daemon to operate without utilizing the PSAV mode

    D. Configure the FTP daemon to utilize PAM authentication pass through user permissions

  • Question 420:

    During a third-party audit, it is determined that a member of the firewall team can request, approve, and implement a new rule-set on the firewall. Which of the following will the audit team most l likely recommend during the audit out brief?

    A. Discretionary access control for the firewall team

    B. Separation of duties policy for the firewall team

    C. Least privilege for the firewall team

    D. Mandatory access control for the firewall team

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.