CompTIA Security+ SY0-501 Exam Questions and Answers – Page 3

The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.

Exam Question 261

Which of the following solutions should an administrator use to reduce the risk from an unknown vulnerability in a third-party software application?

A. Sandboxing
B. Encryption
C. Code signing
D. Fuzzing

Correct Answer:
A. Sandboxing

Exam Question 262

A network administrator needs to allocate a new network for the R&D group. The network must not be accessible from the Internet regardless of the network firewall or other external misconfigurations. Which of the following settings should the network administrator implement to accomplish this?

A. Configure the OS default TTL to 1
B. Use NAT on the R&D network
C. Implement a router ACL
D. Enable protected ports on the switch

Correct Answer:
A. Configure the OS default TTL to 1

Exam Question 263

To help prevent one job role from having sufficient access to create, modify, and approve payroll data, which of the following practices should be employed?

A. Least privilege
B. Job rotation
C. Background checks
D. Separation of duties

Correct Answer:
D. Separation of duties

Exam Question 264

When attackers use a compromised host as a platform for launching attacks deeper into a company’s network, it is said that they are:

A. escalating privilege
B. becoming persistent
C. fingerprinting
D. pivoting

Correct Answer:
D. pivoting

Exam Question 265

A home invasion occurred recently in which an intruder compromised a home network and accessed a WiFI- enabled baby monitor while the baby’s parents were sleeping.
Which of the following BEST describes how the intruder accessed the monitor?

A. Outdated antivirus
B. WiFi signal strength
C. Social engineering
D. Default configuration

Correct Answer:
D. Default configuration

Exam Question 266

Which of the following refers to the term used to restore a system to its operational state?

A. MTBF
B. MTTR
C. RTO
D. RPO

Correct Answer:
B. MTTR

Exam Question 267

A Chief Information Officer (CIO) recently saw on the news that a significant security flaws exists with a specific version of a technology the company uses to support many critical application. The CIO wants to know if this reported vulnerability exists in the organization and, if so, to what extent the company could be harmed.
Which of the following would BEST provide the needed information?

A. Penetration test
B. Vulnerability scan
C. Active reconnaissance
D. Patching assessment report

Correct Answer:
A. Penetration test

Exam Question 268

An active/passive configuration has an impact on:

A. confidentiality
B. integrity
C. availability
D. non-repudiation

Correct Answer:
C. availability

Exam Question 269

Which of the following uses precomputed hashes to guess passwords?

A. Iptables
B. NAT tables
C. Rainbow tables
D. ARP tables

Correct Answer:
C. Rainbow tables

Exam Question 270

A Chief Information Security Officer (CISO) has tasked a security analyst with assessing the security posture of an organization and which internal factors would contribute to a security compromise. The analyst performs a walk-through of the organization and discovers there are multiple instances of unlabeled optical media on office desks. Employees in the vicinity either do not claim ownership or disavow any knowledge concerning who owns the media. Which of the following is the MOST immediate action to be taken?

A. Confiscate the media and dispose of it in a secure manner as per company policy.
B. Confiscate the media, insert it into a computer, find out what is on the disc, and then label it and return it to where it was found.
C. Confiscate the media and wait for the owner to claim it. If it is not claimed within one month, shred it.
D. Confiscate the media, insert it into a computer, make a copy of the disc, and then return the original to where it was found.

Correct Answer:
A. Confiscate the media and dispose of it in a secure manner as per company policy.