1. Home
  2. CompTIA
  3. SY0-501

CompTIA SY0-501 Online Practice Questions and Exam Preparation

SY0-501 Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA SY0-501 Online Questions & Answers

  • Question 461:

    Which of the following is unique to a stream cipher?

    A. It encrypt 128 bytes at a time.
    B. It uses AES encryption.
    C. It performs bit-level encryption.
    D. It is used in HTTPS.

  • Question 462:

    A university is opening a facility in a location where there is an elevated risk of theft. The university wants to protect the desktops in its classrooms and labs. Which of the following should the university use to BEST protect these assets deployed in the facility?

    A. Visitor logs
    B. Cable locks
    C. Guards
    D. Disk encryption
    E. Motion detection

  • Question 463:

    Joe recently assumed the role of data custodian for this organization. While cleaning out an unused storage safe, he discovers several hard drives that are labeled "unclassified" and awaiting destruction. The hard drives are obsolete and cannot be installed in any of his current computing equipment. Which of the following is the BEST method for disposing of the hard drives?

    A. Burning
    B. Wiping
    C. Purging
    D. Pulverizing

  • Question 464:

    A systems administrator is implementing a remote access method for the system that will utilize GUI. Which of the following protocols would be BEST suited for this?

    A. TLS
    B. SSH
    C. SFTP
    D. SRTP

  • Question 465:

    A Chief Information Officer (CIO) asks the company's security specialist if the company should spend any funds on malware protection for a specific server. Based on a risk assessment, the ARO value of a malware infection for a server is 5 and the annual cost for the malware protection is $2500. Which of the following SLE values warrants a recommendation against purchasing the malware protection?

    A. $500
    B. $1000
    C. $2000
    D. $2500

  • Question 466:

    A company has forbidden the use of external media within its headquarters location. A security analyst is working on adding additional repositories to a server in the environment when the analyst notices some odd processes running on the system. The analyst runs a command and sees the following:

    Given this output, which of the following security issues has been discovered?

    A. A misconfigured HIDS
    B. A malware installation
    C. A policy violation
    D. The activation of a Trojan

  • Question 467:

    A company stores highly sensitive data files used by the accounting system on a server file share. The accounting system uses a service account named accounting-svc to access the file share. The data is protected will a full disk encryption,

    and the permissions are set as follows:

    File system permissions: Users = Read Only

    Share permission: accounting-svc = Read Only

    Given the listed protections are in place and unchanged, to which of the following risks is the data still subject?

    A. Exploitation of local console access and removal of data
    B. Theft of physical hard drives and a breach of confidentiality
    C. Remote exfiltration of data using domain credentials
    D. Disclosure of sensitive data to third parties due to excessive share permissions

  • Question 468:

    Hacktivists are most commonly motivated by:

    A. curiosity
    B. notoriety
    C. financial gain
    D. political cause

  • Question 469:

    A user clicked an email link that led to a website than infected the workstation with a virus. The virus encrypted all the network shares to which the user had access. The virus was not deleted or blocked by the company's email filter, website filter, or antivirus.

    Which of the following describes what occurred?

    A. The user's account was over-privileged.
    B. Improper error handling triggered a false negative in all three controls.
    C. The email originated from a private email server with no malware protection.
    D. The virus was a zero-day attack.

  • Question 470:

    A company has migrated to two-factor authentication for accessing the corporate network, VPN, and SSO. Several legacy applications cannot support multifactor authentication and must continue to use usernames and passwords. Which of the following should be implemented to ensure the legacy applications are as secure as possible while ensuring functionality? (Choose two.)

    A. Priveleged accounts
    B. Password reuse restrictions
    C. Password complexity requirements
    D. Password recovery
    E. Account disablement

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.