1. Home
  2. CompTIA
  3. SY0-501

CompTIA SY0-501 Online Practice Questions and Exam Preparation

SY0-501 Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA SY0-501 Online Questions & Answers

  • Question 741:

    Which of the following methods minimizes the system interaction when gathering information to conduct a vulnerability assessment of a router?

    A. Download the configuration
    B. Run a credentialed scan.
    C. Conduct the assessmenet during downtime
    D. Change the routing to bypass the router.

  • Question 742:

    A security administrator is implementing a new WAF solution and has placed some of the web servers behind the WAF, with the WAF set to audit mode. When reviewing the audit logs of external requests and posts to the web servers, the

    administrator finds the following entry:

    Based on this data, which of the following actions should the administrator take?

    A. Alert the web server administrators to a misconfiguration
    B. Create a blocking policy based on the parameter values
    C. Change the parameter name 'Account_Name' identified in the log.
    D. Create an alert to generate emails for abnormally high activity.

  • Question 743:

    Which of the following are disadvantages of full backups? (Select THREE)

    A. They rely on other backups tor recovery
    B. They require the most storage.
    C. They demand the most bandwidth.
    D. They have the slowest recovery time
    E. They are impossible in virtual environments
    F. They require on-site storage.
    G. They are time-consuming to complete.

  • Question 744:

    A company wants to provide centralized authentication for its wireless system. The wireless authentication system must integrate with the directory back end. Which of the following is a AAA solution that will provide the required wireless authentication?

    A. TACACS+
    B. MSCHAPv2
    C. RADIUS
    D. LDAP

  • Question 745:

    In terms of encrypting data, which of the following is BEST described as a way to safeguard password data by adding random data to it in storage?

    A. Using salt
    B. Using hash algorithms
    C. Implementing elliptical curve
    D. Implementing PKI

  • Question 746:

    In an effort to reduce data storage requirements, some company devices to hash every file and eliminate duplicates. The data processing routines are time sensitive so the hashing algorithm is fast and supported on a wide range of systems. Which of the following algorithms is BEST suited for this purpose?

    A. MD5
    B. SHA
    C. RIPEMD
    D. AES

  • Question 747:

    A company is planning to encrypt the files in several sensitive directories of a file server with a symmetric key. Which of the following could be used?

    A. RSA
    B. TwoFish
    C. Diffie-Helman
    D. NTLMv2
    E. RIPEMD

  • Question 748:

    A company's AUP requires:

    Passwords must meet complexity requirements.

    Passwords are changed at least once every six months.

    Passwords must be at least eight characters long.

    An auditor is reviewing the following report:

    Which of the following controls should the auditor recommend to enforce the AUP?

    A. Account lockout thresholds
    B. Account recovery
    C. Password expiration
    D. Prohibit password reuse

  • Question 749:

    A technician is required to configure updates on a guest operating system while maintaining the ability to quickly revert the changes that were made while testing the updates. Which of the following should the technician implement?

    A. Snapshots
    B. Revert to known state
    C. Rollback to known configuration
    D. Shadow copy

  • Question 750:

    A software development company needs to augment staff by hiring consultants for a high-stakes project. The project has the following requirements:

    1.

    Consultants will have access to highly confidential, proprietary data.

    2.

    Consultants will not be provided with company-owned assets.

    3.

    Work needs to start immediately.

    4.

    Consultants will be provided with internal email addresses for communications.

    Which of the following solutions is the BEST method for controlling data exfiltration during this project?

    A. Require that all consultant activity be restricted to a secure VDI environment
    B. Require the consultants to sign an agreement stating they will only use the company-provided email address for communications during the project
    C. Require updated antivirus, USB blocking, and a host-based firewall on all consultant devices
    D. Require the consultants to connect to the company VPN when accessing confidential resources

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.