1. Home
  2. CompTIA
  3. SY0-501

CompTIA SY0-501 Online Practice Questions and Exam Preparation

SY0-501 Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA SY0-501 Online Questions & Answers

  • Question 561:

    A copy of a highly confidential salary report was recently found on a printer in the IT department. The human resources department does not have this specific printer mapped to its devices, and it is suspected that an employee in the IT department browsed to the share where the report was located and printed it without authorization. Which of the following technical controls would be the BEST choice to immediately prevent this from happening again?

    A. Implement a DLP solution and classify the report as confidential, restricting access only to human resources staff
    B. Restrict access to the share where the report resides to only human resources employees and enable auditing
    C. Have all members of the IT department review and sign the AUP and disciplinary policies
    D. Place the human resources computers on a restricted VLAN and configure the ACL to prevent access from the IT department

  • Question 562:

    A penetration tester is conducting an assessment on Comptia.org and runs the following command from a coffee shop while connected to the public Internet: c:\nslookup - querytype=MX comptia.org Server: Unknown Address: 198.51.100.45 comptia.org MX preference=10, mail exchanger = 92.68.102.33 comptia.org MX preference=20, mail exchanger = exchg1.comptia.org exchg1.comptia.org internet address = 192.168.102.67 Which of the following should the penetration tester conclude about the command output?

    A. The public/private views on the Comptia.org DNS servers are misconfigured.
    B. Comptia.org is running an older mail server, which may be vulnerable to exploits.
    C. The DNS SPF records have not been updated for Comptia.org.
    D. 192.168.102.67 is a backup mail server that may be more vulnerable to attack.

  • Question 563:

    Which of the following is the BEST reason to run an untested application is a sandbox?

    A. To allow the application to take full advantage of the host system's resources and storage
    B. To utilize the host systems antivirus and firewall applications instead of running it own protection
    C. To prevent the application from acquiring escalated privileges and accessing its host system
    D. To increase application processing speed so the host system can perform real-time logging

  • Question 564:

    A systems administrator has implemented multiple websites using host headers on the same server.

    The server hosts two websites that require encryption and other websites where encryption is optional. Which of the following should the administrator implement to encrypt web traffic for the required websites?

    A. Extended domain validation
    B. TLS host certificate
    C. OCSP stapling
    D. Wildcard certificate

  • Question 565:

    Which of the following is the BEST reason for salting a password hash before it is stored in a database?

    A. To prevent duplicate values from being stored
    B. To make the password retrieval process very slow
    C. To protect passwords from being saved in readable format
    D. To prevent users from using simple passwords for their access credentials

  • Question 566:

    Which of the following BEST explains how the use of configuration templates reduces organization risk?

    A. It ensures consistency of configuration for initial system implementation.
    B. It enables system rollback to a last known-good state if patches break functionality.
    C. It facilitates fault tolerance since applications can be migrated across templates.
    D. It improves vulnerability scanning efficiency across multiple systems.

  • Question 567:

    A manager suspects that an IT employee with elevated database access may be knowingly modifying financial transactions for the benefit of a competitor. Which of the following practices should the manager implement to validate the concern?

    A. Separation of duties
    B. Mandatory vacations
    C. Background checks
    D. Security awareness training

  • Question 568:

    A mobile application developer wants to secure an application that transmits sensitive information Which of the following should the developer implement to prevent SSL MITM attacks?

    A. Stapling
    B. Chaining
    C. Signing
    D. Pinning

  • Question 569:

    An organization discovers that unauthorized applications have been installed on company- provided mobile phones. The organization issues these devices, but some users have managed to bypass the security controls. Which of the following Is the MOST likely issue, and how can the organization BEST prevent this from happening?

    A. The mobile phones are being infected Willi malware that covertly installs the applications. Implement full disk encryption and integrity-checking software.
    B. Some advanced users are jailbreaking the OS and bypassing the controls. Implement an MDM solution to control access to company resources.
    C. The mobile phones have been compromised by an APT and can no longer be trusted. Scan the devices for the unauthorized software, recall any compromised devices, and issue completely new ones.
    D. Some advanced users are upgrading the devices' OS and installing the applications. The organization should create an AUP that prohibits this activity.

  • Question 570:

    A buffer overflow can result in:

    A. loss of data caused by unauthorized command execution.
    B. privilege escalation caused by TPN override.
    C. reduced key strength due to salt manipulation.
    D. repeated use of one-time keys.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.