CompTIA Security+ SY0-501 Exam Questions and Answers – Page 3

The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.

Exam Question 291

Systems administrator and key support staff come together to simulate a hypothetical interruption of service. The team updates the disaster recovery processes and documentation after meeting. Which of the following describes the team’s efforts?

A. Business impact analysis
B. Continuity of operation
C. Tabletop exercise
D. Order of restoration

Correct Answer:
C. Tabletop exercise

Exam Question 292

A company has two wireless networks utilizing captive portals. Some employees report getting a trust error in their browsers when connecting to one of the networks.
Both captive portals are using the same server certificate for authentication, but the analyst notices the following differences between the two certificate details:
Certificate 1
Certificate Path:
Geotrust Global CA
*company.com
Certificate 2
Certificate Path:
*company.com
Which of the following would resolve the problem?

A. Use a wildcard certificate.
B. Use certificate chaining.
C. Use a trust model.
D. Use an extended validation certificate.

Correct Answer:
B. Use certificate chaining.

Exam Question 293

Company A has acquired Company B. Company A has different domains spread globally, and typically migrates its acquisitions infrastructure under its own domain infrastructure. Company B, however, cannot be merged into Company A’s domain infrastructure.
Which of the following methods would allow the two companies to access one another’s resources?

A. Attestation
B. Federation
C. Single sign-on
D. Kerberos

Correct Answer:
B. Federation

Exam Question 294

A technician is configuring a load balancer for the application team to accelerate the network performance of their applications. The applications are hosted on multiple servers and must be redundant.
Given this scenario, which of the following would be the BEST method of configuring the load balancer?

A. Round-robin
B. Weighted
C. Least connection
D. Locality-based

Correct Answer:
D. Locality-based

Exam Question 295

An organization’s employees currently use three different sets of credentials to access multiple internal resources. Management wants to make this process less complex. Which of the following would be the
BEST option to meet this goal?

A. Transitive trust
B. Single sign-on
C. Federation
D. Secure token

Correct Answer:
B. Single sign-on

Exam Question 296

An external attacker can modify the ARP cache of an internal computer.
Which of the following types of attacks is described?

A. Replay
B. Spoofing
C. DNS poisoning
D. Client-side attack

Correct Answer:
B. Spoofing

Exam Question 297

A systems administrator has isolated an infected system from the network and terminated the malicious process from executing.
Which of the following should the administrator do NEXT according to the incident response process?

A. Restore lost data from a backup.
B. Wipe the system.
C. Document the lessons learned.
D. Notify regulations of the incident.

Correct Answer:
A. Restore lost data from a backup.

Exam Question 298

A new security administrator ran a vulnerability scanner for the first time and caused a system outage.
Which of the following types of scans MOST likely caused the outage?

A. Non-intrusive credentialed scan
B. Non-intrusive non-credentialed scan
C. Intrusive credentialed scan
D. Intrusive non-credentialed scan

Correct Answer:
D. Intrusive non-credentialed scan

Exam Question 299

A security administrator is trying to eradicate a worm, which is spreading throughout the organization, using an old remote vulnerability in the SMB protocol. The worm uses Nmap to identify target hosts within the company. The administrator wants to implement a solution that will eradicate the current worm and any future attacks that may be using zero-day vulnerabilities.
Which of the following would BEST meet the requirements when implemented?

A. Host-based firewall
B. Enterprise patch management system
C. Network-based intrusion prevention system
D. Application blacklisting
E. File integrity checking

Correct Answer:
C. Network-based intrusion prevention system

Exam Question 300

A procedure differs from a policy in that it:

A. is a high-level statement regarding the company’s position on a topic.
B. sets a minimum expected baseline of behavior.
C. provides step-by-step instructions for performing a task.
D. describes adverse actions when violations occur.

Correct Answer:
C. provides step-by-step instructions for performing a task.