1. Home
  2. CompTIA
  3. SY0-501

CompTIA SY0-501 Online Practice Questions and Exam Preparation

SY0-501 Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA SY0-501 Online Questions & Answers

  • Question 611:

    A security program manager wants to actively test the security posture of a system. The system is not yet in production and has no uptime requirement or active user base. Which of the following methods will produce a report which shows vulnerabilities that were actually exploited?

    A. Peer review
    B. Component testing
    C. Penetration testing
    D. Vulnerability testing

  • Question 612:

    A user is unable to open a file that has a grayed-out icon with a lock. The user receives a pop-up message indicating that payment must be sent in Bitcoin to unlock the file. Later in the day, other users in the organization lose the ability to open files on the server.

    Which of the following has MOST likely occurred? (Choose three.)

    A. Crypto-malware
    B. Adware
    C. Botnet attack
    D. Virus
    E. Ransomware
    F. Backdoor
    G. DDoS attack

  • Question 613:

    An organization's research department uses workstations in an air-gapped network. A competitor released products based on files that originated in the research department. Which of the following should management do to improve the security and confidentiality of the research files?

    A. Implement multifactor authentication on the workstations.
    B. Configure removable media controls on the workstations.
    C. Install a web application firewall in the research department.
    D. Install HIDS on each of the research workstations.

  • Question 614:

    A company wants to implement an access management solution that allows employees to use the same usernames and passwords for multiple applications without having to keep multiple credentials synchronized. Which of the following solutions would BEST meet these requirements?

    A. Multifactor authentication
    B. SSO
    C. Biometrics
    D. PKI
    E. Federation

  • Question 615:

    An organization is using a tool to perform a source code review. Which of the following describes the case in which the tool incorrectly identifies the vulnerability?

    A. False negative
    B. True negative
    C. False positive
    D. True positive

  • Question 616:

    When backing up a database server to LTO tape drives, the following backup schedule is used. Backups take one hour to complete:

    On Friday at 9:00 p.m., there is a RAID failure on the database server. The data must be restored from backup. Which of the following is the number of backup tapes that will be needed to complete this operation?

    A. 1
    B. 2
    C. 3
    D. 4
    E. 6

  • Question 617:

    A company is implementing MFA for all applications that store sensitive data. The IT manager wants MFA to be non-disruptive and user friendly. Which of the following technologies should the IT manager use when implementing MFA?

    A. Onetime passwords
    B. Email tokens
    C. Push notifications
    D. Hardware authentication

  • Question 618:

    A company recently implemented a new security system. In the course of configuration, the security administrator adds the following entry:

    #Whitelist USB\VID_13FEandPID_4127andREV_0100

    Which of the following security technologies is MOST likely being configured?

    A. Application whitelisting
    B. HIDS
    C. Data execution prevention
    D. Removable media control

  • Question 619:

    Which of the following is commonly done as part of a vulnerability scan?

    A. Exploiting misconfigured applications
    B. Cracking employee passwords
    C. Sending phishing emails to employees
    D. Identifying unpatched workstations

  • Question 620:

    The Chief Information Officer (CIO) has determined the company's new PKI will not use OCSP. The purpose of OCSP still needs to be addressed. Which of the following should be implemented?

    A. Build an online intermediate CA.
    B. Implement a key escrow.
    C. Implement stapling.
    D. Install a CRL.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.