1. Home
  2. CompTIA
  3. SY0-501

CompTIA SY0-501 Online Practice Questions and Exam Preparation

SY0-501 Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA SY0-501 Online Questions & Answers

  • Question 751:

    Confidential corporate data was recently stolen by an attacker who exploited data transport protections. Which of the following vulnerabilities is the MOST likely cause of this data breach?

    A. Resource exhaustion on VPN concentrators
    B. Weak SSL cipher strength
    C. Improper input handling on FTP site
    D. Race condition on packet inspection firewall

  • Question 752:

    New magnetic locks were ordered for an entire building. In accordance with company policy, employee safety is the top priority. In case of a fire where electricity is cut, which of the following should be taken into consideration when installing the new locks?

    A. Fail safe
    B. Fault tolerance
    C. Fail secure
    D. Redundancy

  • Question 753:

    When sending messages using symmetric encryption, which of the following must happen FIRST?

    A. Exchange encryption key
    B. Establish digital signatures
    C. Agree on an encryption method
    D. Install digital certificates

  • Question 754:

    A security analyst observes the following events in the logs of an employee workstation:

    Given the information provided, which of the following MOST likely occurred on the workstation?

    A. Application whitelisting controls blocked an exploit payload from executing.
    B. Antivirus software found and quarantined three malware files.
    C. Automatic updates were initiated but failed because they had not been approved.
    D. The SIEM log agent was not tuned properly and reported a false positive.

  • Question 755:

    A security administrator is reviewing the following information from a file that was found on a compromised host:

    Which of the following types of malware is MOST likely installed on the compromised host?

    A. Keylogger
    B. Spyware
    C. Trojan
    D. Backdoor
    E. Rootkit

  • Question 756:

    An auditor wants to test the security posture of an organization by running a tool that will display the following:

    Which of the following commands should be used?

    A. nbtstat
    B. nc
    C. arp
    D. ipconfig

  • Question 757:

    An attacker is able to capture the payload for the following packet:

    IP 192.168.1.22:2020 10.10.10.5:443 IP 192.168.1.10:1030 10.10.10.1:21 IP 192.168.1.57:5217 10.10.10.1:3389

    During an investigation, an analyst discovers that the attacker was able to capture the information above and use it to log on to other servers across the company. Which of the following is the MOST likely reason?

    A. The attacker has exploited a vulnerability that is commonly associated with TLS1.3.
    B. The application server is also running a web server that has been compromised.
    C. The attacker is picking off unencrypted credentials and using those to log in to the secure server.
    D. User accounts have been improperly configured to allow single sign-on across multiple servers.

  • Question 758:

    An application developer is working on a new calendar and scheduling application. The developer wants to test new functionality that is time/date dependent and set the local system time to one year in the future. The application also has a feature that uses SHA-256 hashing and AES encryption for data exchange. The application attempts to connect to a separate remote server using SSL, but the connection fails. Which of the following is the MOST likely cause and next step?

    A. The date is past the certificate expiration; reset the system to the current time and see if the connection still fails.
    B. The remote server cannot support SHA-256; try another hashing algorithm like SHA+1 and see if the application can connect.
    C. AES date/time dependent either the system time to the correct time or try a different encryption approach.
    D. SSL is not the correct protocol to use in this situation-damage to TLS and by the client- server connection again

  • Question 759:

    A security administrator is analyzing a user report in which the computer exhibits odd network- related outages. The administrator, however, does not see any suspicious process running. A prior technician's notes indicate the machine has been remediated twice, but the system still exhibits odd behavior. Files were deleted from the system recently.

    Which of the following is the MOST likely cause of this behavior?

    A. Crypto-malware
    B. Rootkit
    C. Logic bomb
    D. Session hijacking

  • Question 760:

    A security analyst has recently deployed an MDM solution that requires biometric authentication for company-issued smartphones As the solution was implemented the help desk has seen a dramatic increase in calls by employees frustrated

    that company-issued phones take several attempts to unlock using the fingerprint scanner.

    Which of the following should be reviewed to mitigate this problem?

    A. Crossover error rate
    B. False acceptance rate
    C. False rejection rate
    D. True rejection rate

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.