1. Home
  2. CompTIA
  3. SY0-501

CompTIA Security+

Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA CompTIA Certifications SY0-501 Questions & Answers

  • Question 641:

    The data backup window has expanded into the morning hours and has begun to affect production users. The main bottleneck in the process is the time it takes to replicate the backups to separate severs at the offsite data center. Which of the following uses of deduplication could be implemented to reduce the backup window?

    A. Implement deduplication at the network level between the two locations

    B. Implement deduplication on the storage array to reduce the amount of drive space needed

    C. Implement deduplication on the server storage to reduce the data backed up

    D. Implement deduplication on both the local and remote servers

  • Question 642:

    An organization is moving its human resources system to a cloud services provider. The company plans to continue using internal usernames and passwords with the service provider, but the security manager does not want the service provider to have a company of the passwords. Which of the following options meets all of these requirements?

    A. Two-factor authentication

    B. Account and password synchronization

    C. Smartcards with PINS

    D. Federated authentication

  • Question 643:

    An attacker uses a network sniffer to capture the packets of a transaction that adds $20 to a gift card. The attacker then user a function of the sniffer to push those packets back onto the network again,adding another $20 to the gift card. This can be done many times. Which of the following describes this type of attack?

    A. Integer overflow attack

    B. Smurf attack

    C. Replay attack

    D. Buffer overflow attack

    E. Cross-site scripting attack

  • Question 644:

    During a data breach cleanup, it is discovered that not all of the sites involved have the necessary data wiping tools. The necessary tools are quickly distributed to the required technicians, but when should this problem BEST be revisited?

    A. Reporting

    B. Preparation

    C. Mitigation

    D. Lessons Learned

  • Question 645:

    Joe, a technician, is working remotely with his company provided laptop at the coffee shop near his home. Joe is concerned that another patron of the coffee shop may be trying to access his laptop. Which of the following is an appropriate control to use to prevent the other patron from accessing Joe's laptop directly?

    A. full-disk encryption

    B. Host-based firewall

    C. Current antivirus definitions

    D. Latest OS updates

  • Question 646:

    A business has recently deployed laptops to all sales employees. The laptops will be used primarily from home offices and while traveling, and a high amount of wireless mobile use is expected. To protect the laptops while connected to untrusted wireless networks, which of the following would be the BEST method for reducing the risk of having the laptops compromised?

    A. MAC filtering

    B. Virtualization

    C. OS hardening

    D. Application white-listing

  • Question 647:

    A new intern in the purchasing department requires read access to shared documents. Permissions are normally controlled through a group called "Purchasing", however, the purchasing group permissions allow write access. Which of the following would be the BEST course of action?

    A. Modify all the shared files with read only permissions for the intern.

    B. Create a new group that has only read permissions for the files.

    C. Remove all permissions for the shared files.

    D. Add the intern to the "Purchasing" group.

  • Question 648:

    A security program manager wants to actively test the security posture of a system. The system is not yet in production and has no uptime requirement or active user base. Which of the following methods will produce a report which shows vulnerabilities that were actually exploited?

    A. Peer review

    B. Component testing

    C. Penetration testing

    D. Vulnerability testing

  • Question 649:

    An administrator intends to configure an IPSec solution that provides ESP with integrity protection, but not confidentiality protection. Which of the following AES modes of operation would meet this integrity-only requirement?

    A. HMAC

    B. PCBC

    C. CBC

    D. GCM

    E. CFB

  • Question 650:

    The chief security officer (CS0) has issued a new policy that requires that all internal websites be configured for HTTPS traffic only. The network administrator has been tasked to update all internal sites without incurring additional costs. Which of the following is the best solution for the network administrator to secure each internal website?

    A. Use certificates signed by the company CA

    B. Use a signing certificate as a wild card certificate

    C. Use certificates signed by a public ca

    D. Use a self-signed certificate on each internal server

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.