The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.
Exam Question 931
The process of applying a salt and cryptographic hash to a password then repeating the process many times is known as which of the following?
A. Collision resistance
B. Rainbow table
C. Key stretching
D. Brute force attack
Correct Answer:
C. Key stretching
Exam Question 932
Which of the following strategies should a systems architect use to minimize availability risks due to insufficient storage capacity?
A. High availability
B. Scalability
C. Distributive allocation
D. Load balancing
Correct Answer:
B. Scalability
Exam Question 933
An incident involving a workstation that is potentially infected with a virus has occurred. The workstation may have sent confidential data to an unknown internet server.
Which of the following should a security analyst do FIRST?
A. Make a copy of everything in memory on the workstation.
B. Turn off the workstation.
C. Consult information security policy.
D. Run a virus scan.
Correct Answer:
A. Make a copy of everything in memory on the workstation.
Exam Question 934
A systems administrator wants to implement a wireless protocol that will allow the organization to authenticate mobile devices prior to providing the user with a captive portal login. Which of the following should the systems administrator configure?
A. L2TP with MAC filtering
B. EAP-TTLS
C. WPA2-CCMP with PSK
D. RADIUS federation
Correct Answer:
D. RADIUS federation
Answer Description:
RADIUS generally includes 802.1X that pre-authenticates devices.
Exam Question 935
A Chief Information Officer (CIO) asks the company’s security specialist if the company should spend any funds on malware protection for a specific server. Based on a risk assessment, the ARO value of a malware infection for a server is 5 and the annual cost for the malware protection is $2500.
Which of the following SLE values warrants a recommendation against purchasing the malware protection?
A. $500
B. $1000
C. $2000
D. $2500
Correct Answer:
A. $500
Exam Question 936
An instructor is teaching a hands-on wireless security class and needs to configure a test access point to show students an attack on a weak protocol. Which of the following configurations should the instructor implement?
A. WPA2
B. WPA
C. EAP
D. WEP
Correct Answer:
D. WEP
Exam Question 937
Which of the following is the BEST way for home users to mitigate vulnerabilities associated with IoT devices on their home networks?
A. Power off the devices when they are not in use.
B. Prevent IoT devices from contacting the Internet directly.
C. Apply firmware and software updates upon availability.
D. Deploy a bastion host on the home network.
Correct Answer:
C. Apply firmware and software updates upon availability.
Exam Question 938
Joe, a member of the sales team, recently logged into the company servers after midnight local time to download the daily lead form before his coworkers did. Management has asked the security team to provide a method for detecting this type of behavior without impeding the access for sales employee as they travel overseas.
Which of the following would be the BEST method to achieve this objective?
A. Configure time-of-day restrictions for the sales staff.
B. Install DLP software on the devices used by sales employees.
C. Implement a filter on the mail gateway that prevents the lead form from being emailed.
D. Create an automated alert on the SIEM for anomalous sales team activity.
Correct Answer:
D. Create an automated alert on the SIEM for anomalous sales team activity.
Exam Question 939
A user from the financial aid office is having trouble interacting with the finaid directory on the university’s ERP system. The systems administrator who took the call ran a command and received the following output:
Subsequently, the systems administrator has also confirmed the user is a member of the finaid group on the ERP system.
Which of the following is the MOST likely reason for the issue?
A. The permissions on the finaid directory should be drwxrwxrwx.
B. The problem is local to the user, and the user should reboot the machine.
C. The permissions on the finaid directory should be d—rwx—.
D. The finaid directory has an improper group assignment.
Correct Answer:
A. The permissions on the finaid directory should be drwxrwxrwx.
Exam Question 940
A Chief Information Security Officer (CISO) is performing a BIA for the organization in case of a natural disaster. Which of the following should be at the top of the CISO’s list?
A. Identify redundant and high-availability systems.
B. Identity mission-critical applications and systems.
C. Identify the single point of failure in the system.
D. Identity the impact on safety of the property.
Correct Answer:
B. Identity mission-critical applications and systems.