1. Home
  2. CompTIA
  3. SY0-501

CompTIA SY0-501 Online Practice Questions and Exam Preparation

SY0-501 Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA SY0-501 Online Questions & Answers

  • Question 501:

    Staff members of an organization received an email message from the Chief Executive Officer (CEO) asking them for an urgent meeting in the main conference room. When the staff assembled, they learned the message received was not actually from the CEO. Which of the following BEST represents what happened?

    A. Spear phoshing attack
    B. Whaling attack
    C. Phishing attack
    D. Vishing attack

  • Question 502:

    A user needs to transmit confidential information to a third party. Which of the following should be used to encrypt the message?

    A. AES
    B. SHA-2
    C. SSL
    D. RSA

  • Question 503:

    A security administrator has completed a monthly review of DNS server query logs. The administrator notices continuous name resolution attempts from a large number of internal hosts to a single Internet addressable domain name. The security administrator then correlated those logs with the establishment of persistent TCP connections out to this domain. The connections seem to be carrying on the order of kilobytes of data per week.

    Which of the following is the MOST likely explanation for this company?

    A. An attacker is infiltrating large amounts of proprietary company data.
    B. Employees are playing multiplayer computer games.
    C. A worm is attempting to spread to other hosts via SMB exploits.
    D. Internal hosts have become members of a botnet.

  • Question 504:

    Which of the following should a technician use to protect a cellular phone that is needed for an investigation, to ensure the data will not be removed remotely?

    A. Air gap
    B. Secure cabinet
    C. Faraday cage
    D. Safe

  • Question 505:

    During a recent audit, it was discovered that several user accounts belonging to former employees were still active and had valid VPN permissions. Which of the following would help reduce the amount of risk the organization incurs in this situation in the future?

    A. Time-of-day restrictions
    B. User access reviews
    C. Group-based privileges
    D. Change management policies

  • Question 506:

    A forensic analyst is asked to respond to an ongoing network attack on a server. Place the items in the list below in the correct order in which the forensic analyst should preserve them.

    Select and Place:

  • Question 507:

    An administrator is setting up automated remote file transfers to another organization. The other organization has the following requirements for the connection protocol.

    Encryption in transit is required

    Mutual authentication must be used.

    Certificate authentication must be used {no passwords).

    Which of the following should the administrator choose?

    A. SNMPv3
    B. SFTP
    C. TLS
    D. LDAPS
    E. SRTP

  • Question 508:

    A group of non-profit agencies wants to implement a cloud service to share resources with each other and minimize costs. Which of the following cloud deployment models BEST describes this type of effort?

    A. Public
    B. Hybrid
    C. Community
    D. Private

  • Question 509:

    An organization uses simulated phishing attacks on its users to better prepare them to recognize actual phishing attacks and get them accustomed to reporting the attacks to the security team. This is an example of:

    A. baselining
    B. user training
    C. stress testing
    D. continuous monitoring

  • Question 510:

    In the event of a security incident, which of the following should be captured FIRST?

    A. An external hard drive
    B. System memory
    C. An internal hard drive
    D. Network interface data

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.