The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.
Exam Question 221
The IT department is deploying new computers. To ease the transition, users will be allowed to access their old and new systems.
The help desk is receiving reports that users are experiencing the following error when attempting to log in to their previous system:
Logon Failure: Access Denied
Which of the following can cause this issue?
A. Permission issues
B. Access violations
C. Certificate issues
D. Misconfigured devices
Correct Answer:
C. Certificate issues
Exam Question 222
To determine the ALE of a particular risk, which of the following must be calculated? (Choose two.)
A. ARO
B. ROI
C. RPO
D. SLE
E. RTO
Correct Answer:
A. ARO
D. SLE
Exam Question 223
Users in a corporation currently authenticate with a username and password. A security administrator wishes to implement two-factor authentication to improve security.
Which of the following authentication methods should be deployed to achieve this goal?
A. PIN
B. Security question
C. Smart card
D. Passphrase
E. CAPTCHA
Correct Answer:
C. Smart card
Exam Question 224
An organization recently moved its custom web applications to the cloud, and it is obtaining managed services of the back-end environment as part of its subscription. Which of the following types of services is this company now using?
A. SaaS
B. CASB
C. IaaS
D. PaaS
Correct Answer:
B. CASB
Answer Description:
Security Broker (CASB) gives you both visibility into your entire cloud stack and the security automation tool your IT team needs.
Exam Question 225
Which of the following is commonly done as part of a vulnerability scan?
A. Exploiting misconfigured applications
B. Cracking employee passwords
C. Sending phishing emails to employees
D. Identifying unpatched workstations
Correct Answer:
D. Identifying unpatched workstations
Exam Question 226
A company is evaluating cloud providers to reduce the cost of its internal IT operations. The company’s aging systems are unable to keep up with customer demand. Which of the following cloud models will the company MOST likely select?
A. PaaS
B. SaaS
C. IaaS
D. BaaS
Correct Answer:
C. IaaS
Exam Question 227
A user needs to send sensitive information to a colleague using PKI.
Which of the following concepts apply when a sender encrypts the message hash with the sender’s private key? (Choose two.)
A. Non-repudiation
B. Email content encryption
C. Steganography
D. Transport security
E. Message integrity
Correct Answer:
A. Non-repudiation
E. Message integrity
Exam Question 228
As part of a new BYOD rollout, a security analyst has been asked to find a way to securely store company data on personal devices.
Which of the following would BEST help to accomplish this?
A. Require the use of an eight-character PIN.
B. Implement containerization of company data.
C. Require annual AUP sign-off.
D. Use geofencing tools to unlock devices while on the premises.
Correct Answer:
B. Implement containerization of company data.
Exam Question 229
A vice president at a manufacturing organization is concerned about desktops being connected to the network. Employees need to log onto the desktops’ local account to verify that a product is being created within specifications; otherwise, the desktops should be as isolated as possible. Which of the following is the BEST way to accomplish this?
A. Put the desktops in the DMZ.
B. Create a separate VLAN for the desktops.
C. Air gap the desktops.
D. Join the desktops to an ad-hoc network.
Correct Answer:
C. Air gap the desktops.
Exam Question 230
An in-house penetration tester has been asked to evade a new DLP system. The tester plans to exfiltrate data through steganography.
Discovery of which of the following would help catch the tester in the act?
A. Abnormally high numbers of outgoing instant messages that contain obfuscated text
B. Large-capacity USB drives on the tester’s desk with encrypted zip files
C. Outgoing emails containing unusually large image files
D. Unusual SFTP connections to a consumer IP address
Correct Answer:
C. Outgoing emails containing unusually large image files