1. Home
  2. CompTIA
  3. SY0-501

CompTIA SY0-501 Online Practice Questions and Exam Preparation

SY0-501 Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA SY0-501 Online Questions & Answers

  • Question 81:

    A tester was able to leverage a pass-the-hash attack during a recent penetration test. The tester gained a foothold and moved laterally through the network. Which of the following would prevent this type of attack from reoccurring?

    A. Renaming all active service accounts and disabling all inactive service accounts
    B. Creating separate accounts for privileged access that are not used to log on to local machines
    C. Enabling full-disk encryption on all workstations that are used by administrators and disabling RDP
    D. Increasing the password complexity requirements and setting account expiration dates

  • Question 82:

    To reduce disk consumption, an organization's legal department has recently approved a new policy setting the data retention period for sent email at six months. Which of the following is the BEST way to ensure this goal is met?

    A. Create a daily encrypted backup of the relevant emails.
    B. Configure the email server to delete the relevant emails.
    C. Migrate the relevant emails into an "Archived" folder.
    D. Implement automatic disk compression on email servers.

  • Question 83:

    Management wants to ensure any sensitive data on company-provided cell phones is isolated in a single location that can be remotely wiped if the phone is lost. Which of the following technologies BEST meets this need?

    A. Geofencing
    B. Containerization
    C. Device encryption
    D. Sandboxing

  • Question 84:

    A security analyst is implementing PKI-based functionality to a web application that has the following requirements: File contains certificate information Certificate chains Root authority certificates Private key All of these components will be part of one file and cryptographically protected with a password. Given this scenario, which of the following certificate types should the analyst implement to BEST meet these requirements?

    A. .pfx certificate
    B. .cer certificate
    C. .der certificate
    D. .crt certificate

  • Question 85:

    A company has won an important government contract. Several employees have been transferred from their existing projects to support a new contract. Some of the employees who have transferred will be working long hours and still need

    access to their project information to transition work to their replacements.

    Which of the following should be implemented to validate that the appropriate offboarding process has been followed?

    A. Separation of duties
    B. Time-of-day restrictions
    C. Permission auditing
    D. Mandatory access control

  • Question 86:

    A mobile device user is concerned about geographic positioning information being included in messages sent between users on a popular social network platform. The user turns off the functionality in the application, but wants to ensure the

    application cannot re-enable the setting without the knowledge of the user.

    Which of the following mobile device capabilities should the user disable to achieve the stated goal?

    A. Device access control
    B. Location based services
    C. Application control
    D. GEO-Tagging

  • Question 87:

    Which of the following needs to be performed during a forensics investigation to ensure the data contained in a drive image has not been compromised?

    A. Follow the proper chain of custody procedures.
    B. Compare the image hash to the original hash.
    C. Ensure a legal hold has been placed on the image.
    D. Verify the time offset on the image file.

  • Question 88:

    A security analyst receives the following output

    Which of the following MOST likely occurred to produce this output?

    A. The host-based firewall prevented an attack from a Trojan horse
    B. USB-OTG prevented a file from being uploaded to a mobile device
    C. The host DLP prevented a file from being moved off a computer
    D. The firewall prevented an incoming malware-infected file

  • Question 89:

    Which of the following environments typically hosts the current version configurations and code, compares user-story responses and workflow, and uses a modified version of actual data for testing?

    A. Development
    B. Staging
    C. Production
    D. Test

  • Question 90:

    A technician wants to implement PKI-based authentication on an enterprise wireless network. Which of the following should configure to enforce the use for client-site certificates?

    A. 802.1X with PEAP
    B. WPA2-PSK
    C. EAP-TLS
    D. RADIUS Federation

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.