The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.
Exam Question 161
The firewall administrator is adding a new certificate for the company’s remote access solution. The solution requires that the uploaded file contain the entire certificate chain for the certificate to load properly.
The administrator loads the company certificate and the root CA certificate into the file. The file upload is rejected.
Which of the following is required to complete the certificate chain?
A. Certificate revocation list
B. Intermediate authority
C. Recovery agent
D. Root of trust
Correct Answer:
B. Intermediate authority
Exam Question 162
The Chief Executive Officer (CEO) of a major defense contracting company a traveling overseas for a conference. The CEO will be taking a laptop.
Which of the following should the security administrator implement to ensure confidentiality of the data if the laptop were to be stolen or lost during the trip?
A. Remote wipe
B. Full device encryption
C. BIOS password
D. GPS tracking
Correct Answer:
B. Full device encryption
Exam Question 163
In an effort to reduce data storage requirements, some company devices to hash every file and eliminate duplicates. The data processing routines are time sensitive so the hashing algorithm is fast and supported on a wide range of systems.
Which of the following algorithms is BEST suited for this purpose?
A. MD5
B. SHA
C. RIPEMD
D. AES
Correct Answer:
B. SHA
Exam Question 164
Two users need to securely share encrypted files via email. Company policy prohibits users from sharing credentials or exchanging encryption keys.
Which of the following can be implemented to enable users to share encrypted data while abiding by company policies?
A. Key escrow
B. Digital signatures
C. PKI
D. Hashing
Correct Answer:
C. PKI
Exam Question 165
Joe a website administrator believes he owns the intellectual property for a company invention and has been replacing image files on the company’s public facing website in the DMZ. Joe is using steganography to hide stolen data.
Which of the following controls can be implemented to mitigate this type of inside threat?
A. Digital signatures
B. File integrity monitoring
C. Access controls
D. Change management
E. Stateful inspection firewall
Correct Answer:
B. File integrity monitoring
Exam Question 166
While performing surveillance activities, an attacker determines that an organization is using 802.1X to secure LAN access.
Which of the following attack mechanisms can the attacker utilize to bypass the identified network security?
A. MAC spoofing
B. Pharming
C. Xmas attack
D. ARP poisoning
Correct Answer:
A. MAC spoofing
Exam Question 167
A security administrator has been asked to implement a VPN that will support remote access over IPSEC.
Which of the following is an encryption algorithm that would meet this requirement?
A. MD5
B. AES
C. UDP
D. PKI
Correct Answer:
B. AES
Exam Question 168
A security administrator is evaluating three different services: radius, diameter, and Kerberos.
Which of the following is a feature that is UNIQUE to Kerberos?
A. It provides authentication services
B. It uses tickets to identify authenticated users
C. It provides single sign-on capability
D. It uses XML for cross-platform interoperability
Correct Answer:
B. It uses tickets to identify authenticated users
Exam Question 169
Which of the following can affect electrostatic discharge in a network operations center?
A. Fire suppression
B. Environmental monitoring
C. Proximity card access
D. Humidity controls
Correct Answer:
D. Humidity controls
Exam Question 170
A company would like to prevent the use of a known set of applications from being used on company computers.
Which of the following should the security administrator implement?
A. Whitelisting
B. Anti-malware
C. Application hardening
D. Blacklisting
E. Disable removable media
Correct Answer:
D. Blacklisting