1. Home
  2. CompTIA
  3. SY0-501

CompTIA SY0-501 Online Practice Questions and Exam Preparation

SY0-501 Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA SY0-501 Online Questions & Answers

  • Question 901:

    A member of the human resources department is searching for candidate resumes and encounters the following error message when attempting to access popular job search websites:

    Which of the following would resolve this issue without compromising the company's security policies?

    A. Renew the DNS settings and IP address on the employee's computer
    B. Add the employee to a less restrictive group on the content filter
    C. Remove the proxy settings from the employee's web browser
    D. Create an exception for the job search sites in the host-based firewall on the employee's computer

  • Question 902:

    A network administrator wants to gather information on the security of the network servers in the DMZ. The administrator runs the following command:

    Telnet www.example.com 80

    Which of the following actions is the administrator performing?

    A. Grabbing the web server banner
    B. Logging into the web server
    C. Harvesting cleartext credentials
    D. Accessing the web server management console

  • Question 903:

    An employee uses RDP to connect back to the office network. If RDP is misconfigured, which of the following security exposures would this lead to?

    A. A virus on the administrator's desktop would be able to sniff the administrator's username and password.
    B. Result in an attacker being able to phish the employee's username and password.
    C. A social engineering attack could occur, resulting in the employee's password being extracted.
    D. A man in the middle attack could occur, resulting the employee's username and password being captured.

  • Question 904:

    An attacker discovers a new vulnerability in an enterprise application. The attacker takes advantage of the vulnerability by developing new malware. After installing the malware, the attacker is provided with access to the infected machine. Which of the following is being described?

    A. Zero-day exploit
    B. Remote code execution
    C. Session hijacking
    D. Command injection

  • Question 905:

    A wireless network uses a RADIUS server that is connected to an authenticator, which in turn connects to a supplicant. Which of the following represents the authentication architecture in use?

    A. Open systems authentication
    B. Captive portal
    C. RADIUS federation
    D. 802.1x

  • Question 906:

    Which of the following are the MAIN reasons why a systems administrator would install security patches in a staging environment before the patches are applied to the production server? (Select two.)

    A. To prevent server availability issues
    B. To verify the appropriate patch is being installed
    C. To generate a new baseline hash after patching
    D. To allow users to test functionality
    E. To ensure users are trained on new functionality

  • Question 907:

    An attacker wearing a building maintenance uniform approached a company's receptionist asking for access to a secure are the receptionist asks for identification, a building access badge and checks the company's list approved maintenance personnel prior to granting physical access to the secure are. The controls used by the receptionist are in place to prevent which of the following types of attacks?

    A. Tailgating
    B. Shoulder surfing
    C. Impersonation
    D. Hoax

  • Question 908:

    Users report the following message appears when browsing to the company's secure site: This website cannot be trusted. Which of the following actions should a security analyst take to resolve these messages? (Select two.)

    A. Verify the certificate has not expired on the server.
    B. Ensure the certificate has a .pfx extension on the server.
    C. Update the root certificate into the client computer certificate store.
    D. Install the updated private key on the web server.
    E. Have users clear their browsing history and relaunch the session.

  • Question 909:

    Joe, an employee, asks a coworker how long ago Ann started working at the help desk. The coworker expresses surprise since nobody named Ann works at the help desk. Joe mentions that Ann called several people in the customer service department to help reset their passwords over the phone due to unspecified "server issues".

    Which of the following has occurred?

    A. Social engineering
    B. Whaling
    C. Watering hole attack
    D. Password cracking

  • Question 910:

    A company has a backup site with equipment on site without any data. This is an example of:

    A. a hot site.
    B. a cold site.
    C. a hot standby.
    D. a warrn site.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.