1. Home
  2. CompTIA
  3. SY0-501

CompTIA Security+

Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA CompTIA Certifications SY0-501 Questions & Answers

  • Question 801:

    A researcher has been analyzing large data sets for the last ten months. The researcher works with colleagues from other institutions and typically connects via SSH to retrieve additional data. Historically, this setup has worked without issue, but the researcher recently started getting the following message:

    Which of the following network attacks Is the researcher MOST likely experiencing?

    A. MAC cloning

    B. Evil twin

    C. Man-in-the-middle

    D. ARP poisoning

  • Question 802:

    Which of the following is the BEST use of a WAF?

    A. To protect sites on web servers that are publicly accessible

    B. To allow access to web services of internal users of the organization

    C. To maintain connection status of all HTTP requests

    D. To deny access to all websites with certain contents

  • Question 803:

    A Chief Security Officer's (CSO's) key priorities are to improve preparation response, and recovery practices to minimize system downtime and enhance organizational resilience to ransomware attacks. Which of the following would BEST meet the CSO's objectives?

    A. Use email-filtering software and centralized account management, patch high-risk systems, and restrict administration privileges on fileshares.

    B. Purchase cyber insurance from a reputable provider to reduce expenses during an incident

    C. Invest in end-user awareness training to change the long-term culture and behavior of staff and executives, reducing the organization's susceptibility to phishing attacks

    D. Implement application whitelisting and centralized event-log management and perform regular testing and validation of full backups.

  • Question 804:

    A security administrator suspects an employee has been emailing proprietary information to a competitor. Company policy requires the administrator to capture an exact copy of the employee's hard disk. Which of the following should the administrator use?

    A. dd

    B. chmod

    C. dnaenum

    D. logger

  • Question 805:

    During a risk assessment, results show that a fire in one of the company's datacenters could cost up to $20 million in equipment damages and lost revenue. As a result, the company insures the datacenter for up to $20 million in damages for the cost of $30,000 a year. Which of the following risk response techniques has the company chosen?

    A. Transference

    B. Avoidance

    C. Mitigation

    D. Acceptance

  • Question 806:

    An incident response analyst in a corporate security operations center receives a phone call from an SOC analyst. The SOC analyst explains the help desk recently reimaged a workstation that was suspected of being infected with an unknown type of malware; however, even after reimaging, the host continued to generate SIEM alerts. Which of the following types of malware is MOST likely responsible for producing the SIEM alerts?

    A. Ransomware

    B. Logic bomb

    C. Rootkit

    D. Adware

  • Question 807:

    During a forensic investigation, which of the following must be addressed FIRST according to the order of volatility?

    A. Hard drive

    B. RAM

    C. Network attached storage

    D. USB flash drive

  • Question 808:

    Which of the following would provide a safe environment for an application to access only the resources needed to function while not having access to run at the system level?

    A. Sandbox

    B. Honey pot

    C. GPO

    D. DMZ

  • Question 809:

    An administrator is beginning an authorized penetration test of a corporate network. Which of the following tools would BEST assist in identifying potential attacks?

    A. Netstat

    B. Honey pot

    C. Company directory

    D. Nmap

  • Question 810:

    A security team has downloaded a public database of the largest collection of password dumps on the Internet. This collection contains the cleartext credentials of every major breach for the last four years. The security team pulls and compares users' credentials to the database and discovers that more than 30% of the users were still using passwords discovered in this list. Which of the following would be the BEST combination to reduce the risks discovered?

    A. Password length, password encryption, password complexity

    B. Password complexity, least privilege, password reuse

    C. Password reuse, password complexity, password expiration

    D. Group policy, password history, password encryption

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.