1. Home
  2. CompTIA
  3. SY0-501

CompTIA SY0-501 Online Practice Questions and Exam Preparation

SY0-501 Exam Details

  • Exam Code
    :SY0-501
  • Exam Name
    :CompTIA Security+
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :1423 Q&As
  • Last Updated
    :Sep 04, 2023

CompTIA SY0-501 Online Questions & Answers

  • Question 951:

    A company has purchased a new SaaS application and is in the process of configuring it to meet the company's needs. The director of security has requested that the SaaS application be integrated into the company's IAM processes. Which of the following configurations should the security administrator set up in order to complete this request?

    A. LDAP
    B. RADIUS
    C. SAML
    D. NTLM

  • Question 952:

    An organization has created a review process to determine how to best handle data with different sensitivity levels. The process includes the following requirements:

    Soft copy Pll must be encrypted.

    Hard copy Pll must be placed In a locked container.

    Soft copy PHI must be encrypted and audited monthly.

    Hard copy PHI must be placed in a locked container and inventoried monthly.

    Locked containers must be approved and designated for document storage. Any violations must be reported to the Chief Security Officer {CSO}.

    While searching for coffee in the kitchen, an employee unlocks a cabinet and discovers a list of customer names and phone numbers. Which of the following actions should the employee take?

    A. Put the document back in the cabinet, lock the cabinet, and report the incident to the CSO.
    B. Take custody of the document, secure it at a desk, and report the incident to the CSO.
    C. Take custody of the document and immediately report the incident to the CSO.
    D. Put the document back in the cabinet, inventory the contents, lock the cabinet, and report the incident to the CSO.

  • Question 953:

    A security administrator is developing controls for creating audit trails and tracking if a PHI data breach is to occur. The administrator has been given the following requirements:

    1.

    All access must be correlated to a user account.

    2.

    All user accounts must be assigned to a single individual.

    3.

    User access to the PHI data must be recorded.

    4.

    Anomalies in PHI data access must be reported.

    5.

    Logs and records cannot be deleted or modified.

    Which of the following should the administrator implement to meet the above requirements? (Select three.)

    A. Eliminate shared accounts.
    B. Create a standard naming convention for accounts.
    C. Implement usage auditing and review.
    D. Enable account lockout thresholds.
    E. Copy logs in real time to a secured WORM drive.
    F. Implement time-of-day restrictions.
    G. Perform regular permission audits and reviews.

  • Question 954:

    A network administrator was provided the following output from a vulnerability scan.

    The network administrator has been instructed to prioritize remediation efforts based on overall risk to the enterprise. Which of the following plugin IDs should be remediated FIRST?

    A. 10
    B. 11
    C. 12
    D. 13
    E. 14

  • Question 955:

    A new security administrator ran a vulnerability scanner for the first time and caused a system outage. Which of the following types of scans MOST likely caused the outage?

    A. Non-intrusive credentialed scan
    B. Non-intrusive non-credentialed scan
    C. Intrusive credentialed scan
    D. Intrusive non-credentialed scan

  • Question 956:

    An internal intranet site is required to authenticate users and restrict access to content to only those who are authorized to view it The site administrator previously encountered issues with credential spoofing when using the default NTLM

    setting and wants to move to a system that will be more resilient to replay attacks.

    Which of the following should the administrator implement?

    A. NTLMv2
    B. TACACS+
    C. Kerberos
    D. Shibboleth

  • Question 957:

    Which of the following differentiates ARP poisoning from a MAC spoofing attack?

    A. ARP poisoning uses unsolicited ARP replies.
    B. ARP poisoning overflows a switch's CAM table.
    C. MAC spoofing uses DHCPOFFER/DHCPACK packets.
    D. MAC spoofing can be performed across multiple routers.

  • Question 958:

    Which of the following metrics are used to calculate the SLE? (Select TWO)

    A. ROI
    B. ARO
    C. ALE
    D. MTBF
    E. MTTF
    F. TCO

  • Question 959:

    While reviewing system logs, a security analyst notices that a large number of end users are changing their passwords four times on the day the passwords are set to expire. The analyst suspects they are cycling their passwords to circumvent current password controls. Which of the following would provide a technical control to prevent this activity from occurring?

    A. Set password aging requirements.
    B. Increase the password history from three to five.
    C. Create an AUP that prohibits password reuse.
    D. Implement password complexity requirements.

  • Question 960:

    In which of the following risk management strategies would cybersecurity insurance be used?

    A. Transference
    B. Avoidance
    C. Acceptance
    D. Mitigation

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.