1. Home
  2. CompTIA
  3. SY0-501

CompTIA Security+ Certification Exam

Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+ Certification Exam
  • Certification
    :CompTIA Security+
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA CompTIA Security+ SY0-501 Questions & Answers

  • Question 41:

    Which of the following penetration testing concepts is an attacker MOST interested in when placing the path of a malicious file in the Windows/CurrentVersion/Run registry key?

    A. Persistence

    B. Pivoting

    C. Active reconnaissance

    D. Escalation of privilege

  • Question 42:

    An organization has an account management policy that defines parameters around each type of account. The policy specifies different security attributes, such as longevity, usage auditing, password complexity, and identity proofing. The goal of the account management policy is to ensure the highest level of security while providing the greatest availability without compromising data integrity for users. Which of the following account types should the policy specify for service technicians from corporate partners?

    A. Guest account

    B. User account

    C. Shared account

    D. Privileged user account

    E. Default account

    F. Service account

  • Question 43:

    While investigating a virus infection, a security analyst discovered the following on an employee laptop: Multiple folders containing a large number of newly released movies and music files Proprietary company data A large amount of PHI data Unapproved FTP software Documents that appear to belong to a competitor Which of the following should the analyst do FIRST?

    A. Contact the legal and compliance department for guidance

    B. Delete the files, remove the FTP software, and notify management

    C. Back up the files and return the device to the user

    D. Wipe and reimage the device

  • Question 44:

    A Chief Information Security Officer (CISO) asks the security architect to design a method for contractors to access the company's internal network securely without allowing access to systems beyond the scope of their project. Which of the following methods would BEST fit the needs of the CISO?

    A. VPN

    B. PaaS

    C. IaaS

    D. VDI

  • Question 45:

    To get the most accurate results on the security posture of a system, which of the following actions should the security analyst do prior to scanning?

    A. Log all users out of the system

    B. Patch the scanner

    C. Reboot the target host

    D. Update the web plugins

  • Question 46:

    A systems administrator is installing a new server in a large datacenter. Which of the following BEST describes the importance of properly positioning servers in the rack to maintain availability?

    A. To allow for visibility of the servers' status indicators

    B. To adhere to cable management standards

    C. To maximize the fire suppression system's efficiency

    D. To provide consistent air flow

  • Question 47:

    Which of the following is a technical preventive control?

    A. Two-factor authentication

    B. DVR-supported cameras

    C. Acceptable-use MOTD

    D. Syslog server

  • Question 48:

    A security administrator is performing a risk assessment on a legacy WAP with a WEP-enabled wireless infrastructure. Which of the following should be implemented to harden the infrastructure without upgrading the WAP?

    A. Implement WPA and TKIP

    B. Implement WPS and an eight-digit pin

    C. Implement WEP and RC4

    D. Implement WPA2 Enterprise

  • Question 49:

    Students at a residence hall are reporting Internet connectivity issues. The university's network administrator configured the residence hall's network to provide public IP addresses to all connected devices, but many student devices are receiving private IP addresses due to rogue devices. The network administrator verifies the residence hall's network is correctly configured and contacts the security administrator for help. Which of the following configurations should the security administrator suggest for implementation?

    A. Router ACLs

    B. BPDU guard

    C. Flood guard

    D. DHCP snooping

  • Question 50:

    A security administrator is reviewing the following firewall configuration after receiving reports that users are unable to connect to remote websites:

    Which of the following is the MOST secure solution the security administrator can implement to fix this issue?

    A. Add the following rule to the firewall: 5 PERMIT FROM:ANY TO:ANY PORT:53

    B. Replace rule number 10 with the following rule: 10 PERMIT FROM:ANY TO:ANY PORT:22

    C. Insert the following rule in the firewall: 25 PERMIT FROM:ANY TO:ANY PORTS:ANY

    D. Remove the following rule from the firewall: 30 DENY FROM:ANY TO:ANY PORT:ANY

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.