The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.
Exam Question 191
A datacenter manager has been asked to prioritize critical system recovery priorities.
Which of the following is the MOST critical for immediate recovery?
A. Communications software
B. Operating system software
C. Weekly summary reports to management
D. Financial and production software
Correct Answer:
B. Operating system software
Exam Question 192
Which of the following techniques can be bypass a user or computer’s web browser privacy settings? (Choose two.)
A. SQL injection
B. Session hijacking
C. Cross-site scripting
D. Locally shared objects
E. LDAP injection
Correct Answer:
B. Session hijacking
C. Cross-site scripting
Exam Question 193
When designing a web based client server application with single application server and database cluster backend, input validation should be performed:
A. On the client
B. Using database stored procedures
C. On the application server
D. Using HTTPS
Correct Answer:
C. On the application server
Exam Question 194
The help desk is receiving numerous password change alerts from users in the accounting department.
These alerts occur multiple times on the same day for each of the affected users’ accounts.
Which of the following controls should be implemented to curtail this activity?
A. Password Reuse
B. Password complexity
C. Password History
D. Password Minimum age
Correct Answer:
D. Password Minimum age
Exam Question 195
A remote user (User1) is unable to reach a newly provisioned corporate windows workstation. The system administrator has been given the following log files from the VPN, corporate firewall and workstation host.
The system administrator has been given the following log files from the VPN, corporate firewall and workstation host.
Which of the following is preventing the remote user from being able to access the workstation?
A. Network latency is causing remote desktop service request to time out
B. User1 has been locked out due to too many failed passwords
C. Lack of network time synchronization is causing authentication mismatches
D. The workstation has been compromised and is accessing known malware sites
E. The workstation host firewall is not allowing remote desktop connections
Correct Answer:
E. The workstation host firewall is not allowing remote desktop connections
Exam Question 196
During a third-party audit, it is determined that a member of the firewall team can request, approve, and implement a new rule-set on the firewall.
Which of the following will the audit team most l likely recommend during the audit out brief?
A. Discretionary access control for the firewall team
B. Separation of duties policy for the firewall team
C. Least privilege for the firewall team
D. Mandatory access control for the firewall team
Correct Answer:
B. Separation of duties policy for the firewall team
Exam Question 197
An administrator has configured a new Linux server with the FTP service. Upon verifying that the service was configured correctly, the administrator has several users test the FTP service. Users report that they are able to connect to the FTP service and download their personal files, however, they cannot transfer new files to the server.
Which of the following will most likely fix the uploading issue for the users?
A. Create an ACL to allow the FTP service write access to user directories
B. Set the Boolean selinux value to allow FTP home directory uploads
C. Reconfigure the ftp daemon to operate without utilizing the PSAV mode
D. Configure the FTP daemon to utilize PAM authentication pass through user permissions
Correct Answer:
A. Create an ACL to allow the FTP service write access to user directories
Exam Question 198
An administrator thinks the UNIX systems may be compromised, but a review of system log files provides no useful information. After discussing the situation with the security team, the administrator suspects that the attacker may be altering the log files and removing evidence of intrusion activity.
Which of the following actions will help detect attacker attempts to further alter log files?
A. Enable verbose system logging
B. Change the permissions on the user’s home directory
C. Implement remote syslog
D. Set the bash_history log file to “read only”
Correct Answer:
C. Implement remote syslog
Exam Question 199
A global gaming console manufacturer is launching a new gaming platform to its customers.
Which of the following controls reduces the risk created by malicious gaming customers attempting to circumvent control by way of modifying consoles?
A. Firmware version control
B. Manual software upgrades
C. Vulnerability scanning
D. Automatic updates
E. Network segmentation
F. Application firewalls
Correct Answer:
A. Firmware version control
D. Automatic updates
Exam Question 200
A security administrator receives an alert from a third-party vendor that indicates a certificate that was installed in the browser has been hijacked at the root of a small public CA. The security administrator knows there are at least four different browsers in use on more than a thousand computers in the domain worldwide.
Which of the following solutions would be BEST for the security administrator to implement to most efficiently assist with this issue?
A. SSL
B. CRL
C. PKI
D. ACL
Correct Answer:
B. CRL