1. Home
  2. CompTIA
  3. SY0-501

CompTIA Security+

Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA CompTIA Certifications SY0-501 Questions & Answers

  • Question 581:

    A security operations team recently detected a breach of credentials. The team mitigated the risk and followed proper processes to reduce risk. Which of the following processes would BEST help prevent this issue from happening again?

    A. Risk assessment

    B. Chain of custody

    C. Lessons learned

    D. Penetration test

  • Question 582:

    A systems engineer is configuring a wireless network. The network must not require installation of third-party software. Mutual authentication of the client and the server must be used. The company has an internal PKI. Which of the following configurations should the engineer choose?

    A. EAP-TLS

    B. EAP-TTLS

    C. EAP-FAST

    D. EAP-MD5

    E. PEAP

  • Question 583:

    A systems engineer is setting up a RADIUS server to support a wireless network that uses certificate authentication. Which of the following protocols must be supported by both the RADIUS server and the WAPs?

    A. CCMP

    B. TKIP

    C. WPS

    D. EAP

  • Question 584:

    A small retail business has a local store and a newly established and growing online storefront. A recent storm caused a power outage to the business and the local ISP, resulting in several hours of lost sales and delayed order processing. The business owner now needs to ensure two things:

    Protection from power outages Always-available connectivity in case of an outage

    The owner has decided to implement battery backups for the computer equipment. Which of the following would BEST fulfill the owner's second need?

    A. Lease a telecommunications line to provide POTS for dial-up access.

    B. Connect the business router to its own dedicated UPS.

    C. Purchase services from a cloud provider for high availability.

    D. Replace the business's wired network with a wireless network.

  • Question 585:

    A systems engineer wants to leverage a cloud-based architecture with low latency between network-connected devices that also reduces the bandwidth that is required by performing analytics directly on the endpoints. Which of the following would BEST meet the requirements? (Choose two.)

    A. Private cloud

    B. SaaS

    C. Hybrid cloud

    D. IaaS

    E. DRaaS

    F. Fog computing

  • Question 586:

    A coding error has been discovered on a customer-facing website. The error causes each request to return confidential PHI data for the incorrect organization. The IT department is unable to identify the specific customers who are affected. As a result, all customers must be notified of the potential breach. Which of the following would allow the team to determine the scope of future incidents?

    A. Intrusion detection system

    B. Database access monitoring

    C. Application fuzzing

    D. Monthly vulnerability scans

  • Question 587:

    A security administrator has received multiple calls from the help desk about customers who are unable to access the organization's web server. Upon reviewing the log files, the security administrator determines multiple open requests have been made from multiple IP addresses, which is consuming system resources. Which of the following attack types does this BEST describe?

    A. DDoS

    B. DoS

    C. Zero day

    D. Logic bomb

  • Question 588:

    An attacker captures the encrypted communication between two parties for a week, but is unable to decrypt the messages. The attacker then compromises the session key during one exchange and successfully compromises a single message. The attacker plans to use this key to decrypt previously captured and future communications, but is unable to. This is because the encryption scheme in use adheres to:

    A. Asymmetric encryption

    B. Out-of-band key exchange

    C. Perfect forward secrecy

    D. Secure key escrow

  • Question 589:

    A website administrator has received an alert from an application designed to check the integrity of the company's website. The alert indicated that the hash value for a particular MPEG file has changed. Upon further investigation, the media appears to be the same as it was before the alert. Which of the following methods has MOST likely been used?

    A. Cryptography

    B. Time of check/time of use

    C. Man in the middle

    D. Covert timing

    E. Steganography

  • Question 590:

    A security administrator is tasked with implementing centralized management of all network devices. Network administrators will be required to logon to network devices using their LDAP credentials. All command executed by network administrators on network devices must fall within a preset list of authorized commands and must be logged to a central facility. Which of the following configuration commands should be implemented to enforce this requirement?

    A. LDAP server 10.55.199.3

    B. CN=company, CN=com, OU=netadmin, DC=192.32.10.233

    C. SYSLOG SERVER 172.16.23.50

    D. TACAS server 192.168.1.100

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.