1. Home
  2. CompTIA
  3. SY0-501

CompTIA SY0-501 Online Practice Questions and Exam Preparation

SY0-501 Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA SY0-501 Online Questions & Answers

  • Question 781:

    A Chief Security Officer's (CSO's) key priorities are to improve preparation response, and recovery practices to minimize system downtime and enhance organizational resilience to ransomware attacks. Which of the following would BEST meet the CSO's objectives?

    A. Use email-filtering software and centralized account management, patch high-risk systems, and restrict administration privileges on fileshares.
    B. Purchase cyber insurance from a reputable provider to reduce expenses during an incident
    C. Invest in end-user awareness training to change the long-term culture and behavior of staff and executives, reducing the organization's susceptibility to phishing attacks
    D. Implement application whitelisting and centralized event-log management and perform regular testing and validation of full backups.

  • Question 782:

    A security administrator wants to implement a logon script that will prevent MITM attacks on the local LAN. Which of the following commands should the security administrator implement within the script to accomplish this task?

    A. arp - s 192.168.1.1 00-3a-d1-fa-b1-06
    B. dig - [email protected] mypc.comptia.com
    C. nmap - A - T4 192.168.1.1
    D. tcpdump - lnv host 192.168.1.1 or either 00:3a:d1:fa:b1:06

  • Question 783:

    When it comes to cloud computing, if one of the requirements for a project is to have the most control over the systems in the cloud, which of the following is a service model that would be BEST suited for this goal?

    A. Infrastructure
    B. Platform
    C. Software
    D. Virtualization

  • Question 784:

    An administrator intends to configure an IPSec solution that provides ESP with integrity protection, but not confidentiality protection. Which of the following AES modes of operation would meet this integrity-only requirement?

    A. HMAC
    B. PCBC
    C. CBC
    D. GCM
    E. CFB

  • Question 785:

    Which of the following would provide a safe environment for an application to access only the resources needed to function while not having access to run at the system level?

    A. Sandbox
    B. Honey pot
    C. GPO
    D. DMZ

  • Question 786:

    Which of the following is the MOST likely motivation for a script kiddie threat actor?

    A. Financial gain
    B. Notoriety
    C. Political expression
    D. Corporate espionage

  • Question 787:

    A government organization recently contacted three different vendors to obtain cost quotes for a desktop PC refresh. The quote from one of the vendors was significantly lower than the other two and was selected for the purchase. When the PCs arrived, a technician determined some NICs had been tampered with. Which of the following MOST accurately describes the security risk presented in this situation?

    A. Hardware root of trust
    B. UEFI
    C. Supply chain
    D. TPM
    E. Crypto-malware
    F. ARP poisoning

  • Question 788:

    A security administrator is creating a risk assessment on BYOD. One of the requirements of the risk assessment is to address the following:

    1.

    Centrally managing mobile devices

    2.

    Data loss prevention

    Which of the following recommendations should the administrator include in the assessment? (Select TWO).

    A. implement encryption.
    B. implement hashing.
    C. implement an MDM with mobile device hardening.
    D. implement a VPN with secure connection in webmail.
    E. implement and allow cloud storage features on the network.

  • Question 789:

    Which of the following is a document that contains detailed information about actions that include how something will be done, when the actions will be performed, and penalties for failure?

    A. MOU
    B. ISA
    C. BPA
    D. SLA

  • Question 790:

    A Chief Information Security Officer (CISO) for a school district wants to enable SSL to protect all of the public- facing servers in the domain. Which of the following is a secure solution that is the MOST cost effective?

    A. Create and install a self-signed certificate on each of the servers in the domain.
    B. Purchase a load balancer and install a single certificate on the load balancer.
    C. Purchase a wildcard certificate and implement it on every server.
    D. Purchase individual certificates and apply them to the individual servers.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.