CompTIA Security+ SY0-501 Exam Questions and Answers – Page 3

The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.

Exam Question 281

A recent internal audit is forcing a company to review each internal business unit’s VMs because the cluster they are installed on is in danger of running out of computer resources. Which of the following vulnerabilities exists?

A. Buffer overflow
B. End-of-life systems
C. System sprawl
D. Weak configuration

Correct Answer:
C. System sprawl

Exam Question 282

Two users must encrypt and transmit large amounts of data between them.
Which of the following should they use to encrypt and transmit the data?

A. Symmetric algorithm
B. Hash function
C. Digital signature
D. Obfuscation

Correct Answer:
A. Symmetric algorithm

Exam Question 283

A new Chief Information Officer (CIO) has been reviewing the badging procedures and decides to write a policy that all employees must have their badges rekeyed at least annually. Which of the following controls
BEST describes this policy?

A. Physical
B. Corrective
C. Technical
D. Administrative

Correct Answer:
D. Administrative

Exam Question 284

A software developer is concerned about DLL hijacking in an application being written. Which of the following is the MOST viable mitigation measure of this type of attack?

A. The DLL of each application should be set individually
B. All calls to different DLLs should be hard-coded in the application
C. Access to DLLs from the Windows registry should be disabled
D. The affected DLLs should be renamed to avoid future hijacking

Correct Answer:
B. All calls to different DLLs should be hard-coded in the application

Exam Question 285

While working on an incident, Joe, a technician, finished restoring the OS and applications on a workstation from the original media. Joe is about to begin copying the user’s files back onto the hard drive.
Which of the following incident response steps is Joe working on now?

A. Recovery
B. Eradication
C. Containment
D. Identification

Correct Answer:
A. Recovery

Exam Question 286

A systems administrator found a suspicious file in the root of the file system. The file contains URLs, usernames, passwords, and text from other documents being edited on the system. Which of the following types of malware would generate such a file?

A. Keylogger
B. Rootkit
C. Bot
D. RAT

Correct Answer:
A. Keylogger

Exam Question 287

A computer emergency response team is called at midnight to investigate a case in which a mail server was restarted. After an initial investigation, it was discovered that email is being exfiltrated through an active connection.
Which of the following is the NEXT step the team should take?

A. Identify the source of the active connection
B. Perform eradication of active connection and recover
C. Performance containment procedure by disconnecting the server
D. Format the server and restore its initial configuration

Correct Answer:
A. Identify the source of the active connection

Exam Question 288

A security technician is configuring an access management system to track and record user actions. Which of the following functions should the technician configure?

A. Accounting
B. Authorization
C. Authentication
D. Identification

Correct Answer:
A. Accounting

Exam Question 289

A security administrator installed a new network scanner that identifies new host systems on the network.
Which of the following did the security administrator install?

A. Vulnerability scanner
B. Network-based IDS
C. Rogue system detection
D. Configuration compliance scanner

Correct Answer:
C. Rogue system detection

Exam Question 290

When attempting to secure a mobile workstation, which of the following authentication technologies rely on the user’s physical characteristics? (Choose two.)

A. MAC address table
B. Retina scan
C. Fingerprint scan
D. Two-factor authentication
E. CAPTCHA
F. Password string

Correct Answer:
B. Retina scan
C. Fingerprint scan