1. Home
  2. CompTIA
  3. SY0-501

CompTIA SY0-501 Online Practice Questions and Exam Preparation

SY0-501 Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA SY0-501 Online Questions & Answers

  • Question 631:

    A forensics investigator is examining a number of unauthorized payments that were reported on the company's website. Some unusual log entries show users received an email for an unwanted mailing attempt to unsubscribe. One of the

    users reported the email to the phishing team, and the forwarded email revealed the link to be:

    Click here to unsubscribe

    Which of the following will the forensics investigator MOST likely determine has occurred?

    A. SQL injection
    B. CSRF
    C. XSS
    D. XSRF

  • Question 632:

    An organization uses an antivirus scanner from Company A on its firewall, an email system antivirus scanner from Company B, and an endpoint antivirus scanner from Company C. This is an example of:

    A. unified threat management
    B. an OVAL system
    C. vendor diversity
    D. alternate processing sites

  • Question 633:

    A technician is designing a solution that will be required to process sensitive information, including classified government data. The system needs to be common criteria certified. Which of the following should the technician select?

    A. Security baseline
    B. Hybrid cloud solution
    C. Open-source software applications
    D. Trusted operating system

  • Question 634:

    A technician, who is managing a secure B2B connection, noticed the connection broke last night. All networking equipment and media are functioning as expected, which leads the technician to Question: following should the technician use to validate this assumption? (Choose two.)

    A. PEM
    B. CER
    C. SCEP
    D. CRL
    E. OCSP
    F. PFX

  • Question 635:

    A security administrator is reviewing the following PowerShell script referenced in the Task Scheduler on a database server:

    Which of the following did the security administrator discover?

    A. Ransomeware
    B. Backdoor
    C. Logic bomb
    D. Trojan

  • Question 636:

    A security analyst is reviewing patches on servers. One of the servers is reporting the following error message in the WSUS management console:

    The computer has not reported status in 30 days.

    Given this scenario, which of the following statements BEST represents the issue with the output above?

    A. The computer in Question : has not pulled the latest ACL policies for the firewall.
    B. The computer in Question : has not pulled the latest GPO policies from the management server.
    C. The computer in Question : has not pulled the latest antivirus definitions from the antivirus program.
    D. The computer in Question : has not pulled the latest application software updates.

  • Question 637:

    A security analyst is investigating a vulnerability In which a default file permission was set incorrectly.

    The company uses non-credentialed scanning for vulnerability management. Which of the following tools can the analyst use to verify the permissions?

    A. ssh
    B. chmod
    C. ls
    D. setuid
    E. nessus
    F. nc

  • Question 638:

    An attacker has obtained the user ID and password of a datacenter's backup operator and has gained access to a production system. Which of the following would be the attacker's NEXT action?

    A. Perform a passive reconnaissance of the network.
    B. Initiate a confidential data exfiltration process.
    C. Look for known vulnerabilities to escalate privileges.
    D. Create an alternate user ID to maintain persistent access.

  • Question 639:

    An incident responder receives a call from a user who reports a computer is exhibiting symptoms consistent with a malware infection. Which of the following steps should the responder perform NEXT?

    A. Capture and document necessary information to assist in the response.
    B. Request the user capture and provide a screenshot or recording of the symptoms.
    C. Use a remote desktop client to collect and analyze the malware in real time.
    D. Ask the user to back up files for later recovery.

  • Question 640:

    Ann, a user, states that her machine has been behaving erratically over the past week. She has experienced slowness and input lag and found text files that appear to contain pieces of her emails or online conversations with coworkers. The technician runs a standard virus scan but detects nothing. Which of the following types of malware has infected the machine?

    A. Ransomware
    B. Rootkit
    C. Backdoor
    D. Keylogger

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.