Skip to Content

CompTIA Security+ SY0-501 Exam Questions and Answers – Page 10

The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.

Exam Question 921

A transitive trust:

A. is automatically established between a parent and a child
B. is used to update DNS records
C. allows access to untrusted domains
D. can be used in place of a hardware token for logins

Correct Answer:
A. is automatically established between a parent and a child

Exam Question 922

Which of the following BEST explains why a development environment should have the same database server secure baseline that exists in production even if there is no PII in the database?

A. Without the same configuration in both development and production, there are no assurances that changes made in development will have the same effect in production
B. Attackers can extract sensitive, personal information from lower development environment databases just as easily as they can from production databases
C. Databases are unique in their need to have secure configurations applied in all environments because they are attacked more often
D. Laws stipulate that databases with the ability to store personal information must be secured regardless of the environment or if they actually have PII

Correct Answer:
A. Without the same configuration in both development and production, there are no assurances that changes made in development will have the same effect in production

Exam Question 923

A network administrator was provided the following output from a vulnerability scan:

A network administrator was provided the following output from a vulnerability scan.

A network administrator was provided the following output from a vulnerability scan.

The network administrator has been instructed to prioritize remediation efforts based on overall risk to the enterprise. Which of the following plugin IDs should be remediated FIRST?

A. 10
B. 11
C. 12
D. 13
E. 14

Correct Answer:
D. 13

Exam Question 924

A security administrator wants to better prepare the incident response team for possible security events.
The IRP has been updated and distributed to incident response team members. Which of the following is the BEST option to fulfill the administrator’s objective?

A. Identify the member’s roles and responsibilities
B. Select a backup/failover location
C. Determine the order of restoration
D. Conduct a tabletop test

Correct Answer:
D. Conduct a tabletop test

Exam Question 925

Which of the following is the purpose of an industry-standard framework?

A. To promulgate compliance requirements for sales of common IT systems
B. To provide legal relief to participating organizations in the event of a security breach
C. To promulgate security settings on a vendor-by-vendor basis
D. To provide guidance across common system implementations

Correct Answer:
D. To provide guidance across common system implementations

Exam Question 926

Which of the following physical security controls is MOST effective when trying to prevent tailgating?

A. CCTV
B. Mantrap
C. Biometrics
D. RFID badge
E. Motion detection

Correct Answer:
B. Mantrap

Exam Question 927

A company has three divisions, each with its own networks and services. The company decides to make its secure web portal accessible to all employees utilizing their existing usernames and passwords. The security administrator has elected to use SAML to support authentication. In this scenario, which of the following will occur when users try to authenticate to the portal? (Choose two.)

A. The portal will function as a service provider and request an authentication assertion.
B. The portal will function as an identity provider and issue an authentication assertion.
C. The portal will request an authentication ticket from each network that is transitively trusted.
D. The back-end networks will function as an identity provider and issue an authentication assertion.
E. The back-end networks will request authentication tickets from the portal, which will act as the thirdparty service provider authentication store.
F. The back-end networks will verify the assertion token issued by the portal functioning as the identity provider.

Correct Answer:
C. The portal will request an authentication ticket from each network that is transitively trusted.
D. The back-end networks will function as an identity provider and issue an authentication assertion.

Exam Question 928

Adhering to a layered security approach, a controlled access facility employs security guards who verify the authorization of all personnel entering the facility. Which of the following terms BEST describes the security control being employed?

A. Administrative
B. Corrective
C. Deterrent
D. Compensating

Correct Answer:
A. Administrative

Exam Question 929

A security administrator has been assigned to review the security posture of the standard corporate system image for virtual machines. The security administrator conducts a thorough review of the system logs, installation procedures, and network configuration of the VM image. Upon reviewing the access logs and user accounts, the security administrator determines that several accounts will not be used in production.
Which of the following would correct the deficiencies?

A. Mandatory access controls
B. Disable remote login
C. Host hardening
D. Disabling services

Correct Answer:
C. Host hardening

Exam Question 930

A new security policy in an organization requires that all file transfers within the organization be completed using applications that provide secure transfer. Currently, the organization uses FTP and HTTP to transfer files.
Which of the following should the organization implement in order to be compliant with the new policy?

A. Replace FTP with SFTP and replace HTTP with TLS
B. Replace FTP with FTPS and replaces HTTP with TFTP
C. Replace FTP with SFTP and replace HTTP with Telnet
D. Replace FTP with FTPS and replaces HTTP with IPSec

Correct Answer:
A. Replace FTP with SFTP and replace HTTP with TLS

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker