The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.
CompTIA Security+ (SY0-501) Exam Questions and Answers
Exam Question 301
Ann, a user, reports she is unable to access an application from her desktop. A security analyst verifies Ann’s access and checks the SIEM for any errors. The security analyst reviews the log file from Ann’s system and notices the following output:
The security analyst reviews the log file from Ann’s system and notices the following output
Which of the following is MOST likely preventing Ann from accessing the application from the desktop?
A. Web application firewall
B. DLP
C. Host-based firewall
D. UTM
E. Network-based firewall
Correct Answer:
C. Host-based firewall
Exam Question 302
Which of the following threats has sufficient knowledge to cause the MOST danger to an organization?
A. Competitors
B. Insiders
C. Hacktivists
D. Script kiddies
Correct Answer:
B. Insiders
Exam Question 303
A business sector is highly competitive, and safeguarding trade secrets and critical information is paramount. On a seasonal basis, an organization employs temporary hires and contractor personnel to accomplish its mission objectives. The temporary and contract personnel require access to network resources only when on the clock.
Which of the following account management practices are the BEST ways to manage these accounts?
A. Employ time-of-day restrictions.
B. Employ password complexity.
C. Employ a random key generator strategy.
D. Employ an account expiration strategy.
E. Employ a password lockout policy
Correct Answer:
A. Employ time-of-day restrictions.
Exam Question 304
Every morning, a systems administrator monitors failed login attempts on the company’s log management server. The administrator notices the DBAdmin account has five failed username and/or password alerts during a ten-minute window. The systems administrator determines the user account is a dummy account used to attract attackers.
Which of the following techniques should the systems administrator implement?
A. Role-based access control
B. Honeypot
C. Rule-based access control
D. Password cracker
Correct Answer:
B. Honeypot
Exam Question 305
Joe, a user, has been trying to send Ann, a different user, an encrypted document via email. Ann has not received the attachment but is able to receive the header information.
Which of the following is MOST likely preventing Ann from receiving the encrypted file?
A. Unencrypted credentials
B. Authentication issues
C. Weak cipher suite
D. Permission issues
Correct Answer:
B. Authentication issues
Exam Question 306
A security analyst is reviewing patches on servers. One of the servers is reporting the following error message in the WSUS management console:
The computer has not reported status in 30 days.
Given this scenario, which of the following statements BEST represents the issue with the output above?
A. The computer in question has not pulled the latest ACL policies for the firewall.
B. The computer in question has not pulled the latest GPO policies from the management server.
C. The computer in question has not pulled the latest antivirus definitions from the antivirus program.
D. The computer in question has not pulled the latest application software updates.
Correct Answer:
D. The computer in question has not pulled the latest application software updates.
Exam Question 307
A bank is experiencing a DoS attack against an application designed to handle 500 IP-based sessions. in addition, the perimeter router can only handle 1Gbps of traffic.
Which of the following should be implemented to prevent a DoS attacks in the future?
A. Deploy multiple web servers and implement a load balancer
B. Increase the capacity of the perimeter router to 10 Gbps
C. Install a firewall at the network to prevent all attacks
D. Use redundancy across all network devices and services
Correct Answer:
D. Use redundancy across all network devices and services
Exam Question 308
A malicious system continuously sends an extremely large number of SYN packets to a server. Which of the following BEST describes the resulting effect?
A. The server will be unable to server clients due to lack of bandwidth
B. The server’s firewall will be unable to effectively filter traffic due to the amount of data transmitted
C. The server will crash when trying to reassemble all the fragmented packets
D. The server will exhaust its memory maintaining half-open connections
Correct Answer:
D. The server will exhaust its memory maintaining half-open connections
Exam Question 309
Which of the following is the proper order for logging a user into a system from the first step to the last step?
A. Identification, authentication, authorization
B. Identification, authorization, authentication
C. Authentication, identification, authorization
D. Authentication, identification, authorization
E. Authorization, identification, authentication
Correct Answer:
A. Identification, authentication, authorization
Exam Question 310
A company stores highly sensitive data files used by the accounting system on a server file share.
The accounting system uses a service account named accounting-svc to access the file share.
The data is protected will a full disk encryption, and the permissions are set as follows:
File system permissions: Users = Read Only
Share permission: accounting-svc = Read Only
Given the listed protections are in place and unchanged, to which of the following risks is the data still subject?
A. Exploitation of local console access and removal of data
B. Theft of physical hard drives and a breach of confidentiality
C. Remote exfiltration of data using domain credentials
D. Disclosure of sensitive data to third parties due to excessive share permissions
Correct Answer:
A. Exploitation of local console access and removal of data