1. Home
  2. CompTIA
  3. SY0-501

CompTIA Security+

Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA CompTIA Certifications SY0-501 Questions & Answers

  • Question 471:

    After reading a security bulletin, a network security manager Is concerned that a malicious actor may have breached the network using the same software flaw. The exploit code Is publicly available and has been reported as being used against other industries in the same vertical. Which of the following should the network security manager consult FIRST to determine a priority list for forensic review?

    A. The vulnerability scan output

    B. The IDS logs

    C. The full packet capture data

    D. The SIEM alerts

  • Question 472:

    An analyst has determined that a server was not patched and an external actor extiltrated data on port 139. Which of the following sources should the analyst review to BEST ascertain how the incident could have been prevented?

    A. The vulnerability scan output

    B. The security logs

    C. The baseline report

    D. The correlation of events

  • Question 473:

    A company wants to deploy PKI on its Internet-facing website. The applications that are currently deployed are:

    1.

    www company com (mam website)

    2.

    contactus company com (for locating a nearby location)

    3.

    quotes company com (for requesting a price quote)

    The company wants to purchase one SSL certificate that will work for all the existing applications and any future applications that follow the same naming conventions, such as store company com. Which of the following certificate types would BEST meet the requirements?

    A. SAN

    B. Wildcard

    C. Extended validation

    D. Self-signed

  • Question 474:

    A user received an SMS on a mobile phone that asked for bank details. Which of the following social- engineering techniques was used in this case?

    A. SPIM

    B. Vishing

    C. Spear phishing

    D. Smishing

  • Question 475:

    Which of the following policies would help an organization identify and mitigate potential single points of failure in the company's IT/security operations?

    A. Least privilege

    B. Awareness training

    C. Separation of duties

    D. Mandatory vacation

  • Question 476:

    In which of the following situations would it be BEST to use a detective control type for mitigation?

    A. A company implemented a network load balancer to ensure 99 999% availability of its web application

    B. A company designed a backup solution to increase the chances of restoring services in case of a natural disaster

    C. A company purchased an application-level firewall to isolate traffic between the accounting department and the information technology department

    D. A company purchased an IPS system, but after reviewing the requirements, the appliance was supposed to monitor not block, any traffic

    E. A company purchased liability insurance for flood protection on all capital assets

  • Question 477:

    Which of the following attacks can be used to exploit a vulnerability that was created by untrained users?

    A. A spear-phishing email with a file attachment

    B. A DoS using loT devices

    C. An evil twin wireless access point

    D. A domain hijacking of a bank website

  • Question 478:

    A security analyst is using a recently released security advisory to review historical logs, looking for the specific activity that was outlined in the advisory. Which of the following is the analyst doing?

    A. A packet capture

    B. A user behavior analysis

    C. Threat hunting

    D. Credentialed vulnerability scanning

  • Question 479:

    Which of !he following Impacts are associated with vulnerabilities in embedded systems? (Select TWO).

    A. Repeated exploitation due to unpatchtable firmware

    B. Denial of service due to an integrated legacy operating system

    C. Loss of inventory accountability due to device deployment

    D. Key reuse and collision Issues due to decentralized management E. Exhaustion of network resources resulting from poor NIC management

  • Question 480:

    An organization has decided to purchase an insurance policy because a risk assessment determined that the cost to remediate the risk Is greater than the five-year cost of the insurance policy. The organization is enabling risk:

    A. avoidance.

    B. acceptance.

    C. mitigation.

    D. transference.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.