1. Home
  2. CompTIA
  3. SY0-501

CompTIA SY0-501 Online Practice Questions and Exam Preparation

SY0-501 Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA SY0-501 Online Questions & Answers

  • Question 571:

    Exploitation of a system using widely known credentials and network addresses that results in DoS is an example of:

    A. improper error handling.
    B. default configurations.
    C. untrained users
    D. lack of vendor support

  • Question 572:

    A company wants to ensure users are only logging into the system from their laptops when they are on site. Which of the following would assist with this?

    A. Geofencing
    B. Smart cards
    C. Biometrics
    D. Tokens

  • Question 573:

    A security administrator is implementing a SIEM and needs to ensure events can be compared against each other based on when the events occurred and were collected. Which of the following does the administrator need to implement to ensure this can be accomplished?

    A. TOTP
    B. TKJP
    C. NTP
    D. HOTP

  • Question 574:

    A technician has discovered a crypto-virus infection on a workstation that has access to sensitive remote resources. Which of the following is the immediate NEXT step the technician should take?

    A. Determine the source of the virus that has infected the workstation.
    B. Sanitize the workstation's internal drive.
    C. Reimage the workstation for normal operation.
    D. Disable the network connections on the workstation.

  • Question 575:

    An organization recently acquired an ISO 27001 certification. Which of the following would MOST likely be considered a benefit of this certification?

    A. It allows for the sharing of digital forensics data across organizations.
    B. It provides insurance in case of a data breach.
    C. It provides complimentary training and certification resources to IT security staff.
    D. It certifies the organization can work with foreign entities that require a security clearance.
    E. It assures customers that the organization meets security standards.

  • Question 576:

    An application developer is working on a new calendar and scheduling application. The developer wants to test new functionality that is time/date dependent and set the local system time to one year in the future. The application also has a feature that uses SHA-256 hashing and AES encryption for data exchange. The application attempts to connect to a separate remote server using SSL, but the connection fails. Which of the following is the MOST likely cause and next step?

    A. The date is past the certificate expiration; reset the system to the current time and see if the connection still fails
    B. The remote server cannot support SHA-256; try another hashing algorithm like SHA-1 and see if the application can connect
    C. AES is date/time dependent; either reset the system time to the correct time or try a different encryption approach
    D. SSL is not the correct protocol to use in this situation; change to TLS and try the client-server connection again

  • Question 577:

    A network administrator was concerned during an audit that users were able to use the same passwords the day after a password change policy took effect. The following settings are in place:

    Users must change their passwords every 30 days.

    Users cannot reuse the last 10 passwords.

    Which of the following settings would prevent users from being able to immediately reuse the same passwords?

    A. Minimum password age of five days
    B. Password history of ten passwords
    C. Password length greater than ten characters
    D. Complex passwords must be used

  • Question 578:

    Which of the following is unique to a stream cipher?

    A. It encrypts 128 bytes at a time.
    B. It uses AES encryption
    C. It performs bit-level encryption
    D. It is used in HTTPS

  • Question 579:

    SIMULATION

    A company recently added a DR site and is redesigning the network. Users at the DR site are having issues browsing websites.

    INSTRUCTIONS

    Click on each firewall to do the following:

    1.

    Deny cleartext web traffic

    2.

    Ensure secure management protocols are used.

    3.

    Resolve issues at the DR site.

    The ruleset order cannot be modified due to outside constraints. Hat any time you would like to bring back the initial state of the simulation, please dick the Reset All button.

    Correct Answer. Check the answer below

  • Question 580:

    A security engineer implements multiple technical measures to secure an enterprise network. The engineer also works with the Chief Information Officer (CIO) to implement policies to govern user behavior. Which of the following strategies is the security engineer executing?

    A. Baselining
    B. Mandatory access control
    C. Control diversity
    D. System hardening

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.