CompTIA Security+ SY0-501 Exam Questions and Answers (10)

The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.

CompTIA Security+ (SY0-501) Exam Questions and Answers
CompTIA Security+ (SY0-501) Exam Questions and Answers

Question 901: A company has just experienced a malware attack affecting a large number of desktop users. The antivirus solution was not able to block the malware, but the HIDS alerted to C2 calls as ‘Troj.Generic’. Once the security team found a solution to remove the malware, they were able to remove the malware files successfully, and the HIDS stopped alerting. The next morning, however, the HIDS once again started alerting on the same desktops, and the security team discovered the files were back. Which of the following BEST describes the type of malware infecting this company’s network?
A. Trojan
B. Spyware
C. Rootkit
D. Botnet

Question 902: A hospital has received reports from multiple patients that their PHI was stolen after completing forms on the hospital’s website. Upon investigation, the hospital finds a packet analyzer was used to steal data.
Which of the following protocols would prevent this attack from reoccurring?
A. SFTP
B. HTTPS
C. FTPS
D. SRTP

Question 903: A security consultant was asked to revise the security baselines that are utilized by a large organization.
Although the company provides different platforms for its staff, including desktops, laptops, and mobile devices, the applications do not vary by platform. Which of the following should the consultant recommend? (Choose two.)
A. Apply patch management on a daily basis.
B. Allow full functionality for all applications that are accessed remotely.
C. Apply default configurations of all operating systems.
D. Apply application whitelisting.
E. Disable default accounts and/or passwords.

Question 904: Which of the following types of attack is being used when an attacker responds by sending the MAC address of the attacking machine to resolve the MAC to IP address of a valid server?
A. Session hijacking
B. IP spoofing
C. Evil twin
D. ARP poisoning

Question 905: A security researcher is tracking an adversary by noting its attacks and techniques based on its capabilities, infrastructure, and victims. Which of the following is the researcher MOST likely using?
A. The Diamond Model of Intrusion Analysis
B. The Cyber Kill Chain
C. The MITRE CVE database
D. The incident response process

Question 906: Which of the following implements two-factor authentication on a VPN?
A. Username, password, and source IP
B. Public and private keys
C. HOTP token and logon credentials
D. Source and destination IP addresses

Question 907: A technician is auditing network security by connecting a laptop to open hardwired jacks within the facility to verify they cannot connect. Which of the following is being tested?
A. Layer 3 routing
B. Port security
C. Secure IMAP
D. S/MIME

Question 908: A network technician discovered the usernames and passwords used for network device configuration have been compromised by a user with a packet sniffer. Which of the following would secure the credentials from sniffing?
A. Implement complex passwords
B. Use SSH for remote access
C. Configure SNMPv2 for device management
D. Use TFTP to copy device configuration

Question 909: A company is looking for an all-in-one solution to provide identification, authentication, authorization, and accounting services. Which of the following technologies should the company use?
A. Diameter
B. SAML
C. Kerberos
D. CHAP

Question 910: An organization has the following password policies:

  • Passwords must be at least 16 characters long.
  • A password cannot be the same as any previous 20 passwords.
  • Three failed login attempts will lock the account for five minutes.
  • Passwords must have one uppercase letter, one lowercase letter, and one non-alphanumeric symbol.

A database server was recently breached, and the incident response team suspects the passwords were compromised. Users with permission on that database server were forced to change their passwords for that server. Unauthorized and suspicious logins are now being detected on a completely separate server.
Which of the following is MOST likely the issue and the best solution?
A. Some users are reusing passwords for different systems; the organization should scan for password reuse across systems.
B. The organization has improperly configured single sign-on; the organization should implement a RADIUS server to control account logins.
C. User passwords are not sufficiently long or complex; the organization should increase the complexity and length requirements for passwords.
D. The trust relationship between the two servers has been compromised; the organization should place each server on a separate VLAN.

Keyword: SY0-501 Free Exam Dumps, SY0-501 Exam Questions, SY0-501 Exam Dumps, SY0-501 Braindumps, SY0-501 Real Questions, SY0-501 Practice Test, SY0-501 Practice Exam, SY0-501 Free Test, SY0-501 Free Questions, SY0-501 Real Exam Questions and Answers, SY0-501 VCE Dumps, SY0-501 ETE Dumps, SY0-501 PDF Dumps, and SY0-501 Study Guide.

Published by Emma Watson

, an Information Technology Engineer By qualification who loves to write about Windows, macOS and technical solutions for various error and problems. Coming from a solid background in PC building and software development, with complete expertise in touch-based devices, I am constantly keeping an eye out for the latest and greatest!