1. Home
  2. CompTIA
  3. SY0-501

CompTIA SY0-501 Online Practice Questions and Exam Preparation

SY0-501 Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA SY0-501 Online Questions & Answers

  • Question 581:

    An administrator thinks the UNIX systems may be compromised, but a review of system log files provides no useful information. After discussing the situation with the security team, the administrator suspects that the attacker may be altering the log files and removing evidence of intrusion activity. Which of the following actions will help detect attacker attempts to further alter log files?

    A. Enable verbose system logging
    B. Change the permissions on the user's home directory
    C. Implement remote syslog
    D. Set the bash_history log file to "read only"

  • Question 582:

    A company wants to ensure confidential data from storage media is sanitized in such a way that the drive cannot be reused. Which of the following method should the technician use?

    A. Shredding
    B. Wiping
    C. Low-level formatting
    D. Repartitioning
    E. Overwriting

  • Question 583:

    Before an infection was detected, several of the infected devices attempted to access a URL that was similar to the company name but with two letters transposed.

    Which of the following BEST describes the attack vector used to infect the devices?

    A. Cross-site scripting
    B. DNS poisoning
    C. Typo squatting
    D. URL hijacking

  • Question 584:

    An attacker captures the encrypted communication between two parties for a week, but is unable to decrypt the messages. The attacker then compromises the session key during one exchange and successfully compromises a single message. The attacker plans to use this key to decrypt previously captured and future communications, but is unable to. This is because the encryption scheme in use adheres to:

    A. Asymmetric encryption
    B. Out-of-band key exchange
    C. Perfect forward secrecy
    D. Secure key escrow

  • Question 585:

    A company help desk has received several reports that employees have experienced identity theft and compromised accounts. This occurred several days after receiving an email asking them to update their personal bank information. Which of the following is a vulnerability that has been exploited?

    A. Trojan horses
    B. Phishing
    C. Improperly configured accounts
    D. Forged certificates
    E. Untrained users

  • Question 586:

    A security administrator needs to configure remote access to a file share so it can only be accessed between the hours of 9:00 a.m. and 5:00 p.m. Files in the share can only be accessed by members of the same department as the data owner. Users should only be able to create files with approved extensions, which may differ by department.

    Which of the following access controls would be the MOST appropriate for this situation?

    A. RBAC
    B. MAC
    C. ABAC
    D. DAC

  • Question 587:

    A security consultant was asked to revise the security baselines that are utilized by a large organization. Although the company provides different platforms for its staff, including desktops, laptops, and mobile devices, the applications do not vary by platform. Which of the following should the consultant recommend? (Select Two).

    A. Apply patch management on a daily basis.
    B. Allow full functionality for all applications that are accessed remotely
    C. Apply default configurations of all operating systems
    D. Apply application whitelisting.
    E. Disable default accounts and/or passwords.

  • Question 588:

    An employee workstation with an IP address of 204.211.38.211/24 reports it is unable to submit print jobs to a network printer at 204.211.38.52/24 after a firewall upgrade. The active firewall rules are as follows:

    Assuming port numbers have not been changed from their defaults, which of the following should be modified to allow printing to the network printer?

    A. The permit statement for 204.211.38.52/24 should be changed to TCP port 631 instead of UDP
    B. The deny statement for 204.211.38.52/24 should be changed to a permit statement
    C. The permit statement for 204.211.38.52/24 should be changed to UDP port 443 instead of 631
    D. The permit statement for 204.211.38.211/24 should be changed to TCP port 631 only instead of ALL

  • Question 589:

    While monitoring the SIEM, a security analyst observes traffic from an external IP to an IP address of the business network on port 443. Which of the following protocols would MOST likely cause this traffic?

    A. HTTP
    B. SSH
    C. SSL
    D. DNS

  • Question 590:

    The chief security officer (CS0) has issued a new policy that requires that all internal websites be configured for HTTPS traffic only. The network administrator has been tasked to update all internal sites without incurring additional costs. Which of the following is the best solution for the network administrator to secure each internal website?

    A. Use certificates signed by the company CA
    B. Use a signing certificate as a wild card certificate
    C. Use certificates signed by a public ca
    D. Use a self-signed certificate on each internal server

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.