1. Home
  2. CompTIA
  3. SY0-501

CompTIA Security+

Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA CompTIA Certifications SY0-501 Questions & Answers

  • Question 671:

    The Chief Technology Officer (CTO) of a company, Ann, is putting together a hardware budget for the next 10 years. She is asking for the average lifespan of each hardware device so that she is able to calculate when she will have to replace

    each device.

    Which of the following categories BEST describes what she is looking for?

    A. ALE

    B. MTTR

    C. MTBF

    D. MTTF

  • Question 672:

    Recently several employees were victims of a phishing email that appeared to originate from the company president. The email claimed the employees would be disciplined if they did not click on a malicious link in the message. Which of the following principles of social engineering made this attack successful?

    A. Authority

    B. Spamming

    C. Social proof

    D. Scarcity

  • Question 673:

    Which of the following is the LEAST secure hashing algorithm?

    A. SHA1

    B. RIPEMD

    C. MD5

    D. DES

  • Question 674:

    An employee uses RDP to connect back to the office network. If RDP is misconfigured, which of the following security exposures would this lead to?

    A. A virus on the administrator's desktop would be able to sniff the administrator's username and password.

    B. Result in an attacker being able to phish the employee's username and password.

    C. A social engineering attack could occur, resulting in the employee's password being extracted.

    D. A man in the middle attack could occur, resulting the employee's username and password being captured.

  • Question 675:

    Joe is exchanging encrypted email with another party. Joe encrypts the initial email with a key. When Joe receives a response, he is unable to decrypt the response with the same key he used initially. Which of the following would explain the situation?

    A. An ephemeral key was used for one of the messages

    B. A stream cipher was used for the initial email; a block cipher was used for the reply

    C. Out-of-band key exchange has taken place

    D. Asymmetric encryption is being used

  • Question 676:

    Which of the following attack types is being carried out where a target is being sent unsolicited messages via Bluetooth?

    A. War chalking

    B. Bluejacking

    C. Bluesnarfing

    D. Rogue tethering

  • Question 677:

    A supervisor in your organization was demoted on Friday afternoon. The supervisor had the ability to modify the contents of a confidential database, as well as other managerial permissions. On Monday morning, the database administrator reported that log files indicated that several records were missing from the database. Which of the following risk mitigation strategies should have been implemented when the supervisor was demoted?

    A. Incident management

    B. Routine auditing

    C. IT governance

    D. Monthly user rights reviews

  • Question 678:

    A security technician would like to obscure sensitive data within a file so that it can be transferred without causing suspicion. Which of the following technologies would BEST be suited to accomplish this?

    A. Transport Encryption

    B. Stream Encryption

    C. Digital Signature

    D. Steganography

  • Question 679:

    A technician must configure a firewall to block external DNS traffic from entering a network. Which of the following ports should they block on the firewall?

    A. 53

    B. 110

    C. 143

    D. 443

  • Question 680:

    A software development company needs to share information between two remote servers, using encryption to protect it. A programmer suggests developing a new encryption protocol, arguing that using an unknown protocol with secure, existing cryptographic algorithm libraries will provide strong encryption without being susceptible to attacks on other known protocols. Which of the following summarizes the BEST response to the programmer's proposal?

    A. The newly developed protocol will only be as secure as the underlying cryptographic algorithms used.

    B. New protocols often introduce unexpected vulnerabilities, even when developed with otherwise secure and tested algorithm libraries.

    C. A programmer should have specialized training in protocol development before attempting to design a new encryption protocol.

    D. The obscurity value of unproven protocols against attacks often outweighs the potential for introducing new vulnerabilities.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.