The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.
Exam Question 281
A recent internal audit is forcing a company to review each internal business unit’s VMs because the cluster they are installed on is in danger of running out of computer resources. Which of the following vulnerabilities exists?
A. Buffer overflow
B. End-of-life systems
C. System sprawl
D. Weak configuration
Correct Answer:
C. System sprawl
Exam Question 282
Two users must encrypt and transmit large amounts of data between them.
Which of the following should they use to encrypt and transmit the data?
A. Symmetric algorithm
B. Hash function
C. Digital signature
D. Obfuscation
Correct Answer:
A. Symmetric algorithm
Exam Question 283
A new Chief Information Officer (CIO) has been reviewing the badging procedures and decides to write a policy that all employees must have their badges rekeyed at least annually. Which of the following controls
BEST describes this policy?
A. Physical
B. Corrective
C. Technical
D. Administrative
Correct Answer:
D. Administrative
Exam Question 284
A software developer is concerned about DLL hijacking in an application being written. Which of the following is the MOST viable mitigation measure of this type of attack?
A. The DLL of each application should be set individually
B. All calls to different DLLs should be hard-coded in the application
C. Access to DLLs from the Windows registry should be disabled
D. The affected DLLs should be renamed to avoid future hijacking
Correct Answer:
B. All calls to different DLLs should be hard-coded in the application
Exam Question 285
While working on an incident, Joe, a technician, finished restoring the OS and applications on a workstation from the original media. Joe is about to begin copying the user’s files back onto the hard drive.
Which of the following incident response steps is Joe working on now?
A. Recovery
B. Eradication
C. Containment
D. Identification
Correct Answer:
A. Recovery
Exam Question 286
A systems administrator found a suspicious file in the root of the file system. The file contains URLs, usernames, passwords, and text from other documents being edited on the system. Which of the following types of malware would generate such a file?
A. Keylogger
B. Rootkit
C. Bot
D. RAT
Correct Answer:
A. Keylogger
Exam Question 287
A computer emergency response team is called at midnight to investigate a case in which a mail server was restarted. After an initial investigation, it was discovered that email is being exfiltrated through an active connection.
Which of the following is the NEXT step the team should take?
A. Identify the source of the active connection
B. Perform eradication of active connection and recover
C. Performance containment procedure by disconnecting the server
D. Format the server and restore its initial configuration
Correct Answer:
A. Identify the source of the active connection
Exam Question 288
A security technician is configuring an access management system to track and record user actions. Which of the following functions should the technician configure?
A. Accounting
B. Authorization
C. Authentication
D. Identification
Correct Answer:
A. Accounting
Exam Question 289
A security administrator installed a new network scanner that identifies new host systems on the network.
Which of the following did the security administrator install?
A. Vulnerability scanner
B. Network-based IDS
C. Rogue system detection
D. Configuration compliance scanner
Correct Answer:
C. Rogue system detection
Exam Question 290
When attempting to secure a mobile workstation, which of the following authentication technologies rely on the user’s physical characteristics? (Choose two.)
A. MAC address table
B. Retina scan
C. Fingerprint scan
D. Two-factor authentication
E. CAPTCHA
F. Password string
Correct Answer:
B. Retina scan
C. Fingerprint scan