The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.
Question 301: Ann, a user, reports she is unable to access an application from her desktop. A security analyst verifies Ann’s access and checks the SIEM for any errors. The security analyst reviews the log file from Ann’s system and notices the following output:
Which of the following is MOST likely preventing Ann from accessing the application from the desktop?
A. Web application firewall
C. Host-based firewall
E. Network-based firewall
Question 302: Which of the following threats has sufficient knowledge to cause the MOST danger to an organization?
D. Script kiddies
Question 303: A business sector is highly competitive, and safeguarding trade secrets and critical information is paramount. On a seasonal basis, an organization employs temporary hires and contractor personnel to accomplish its mission objectives. The temporary and contract personnel require access to network resources only when on the clock.
Which of the following account management practices are the BEST ways to manage these accounts?
A. Employ time-of-day restrictions.
B. Employ password complexity.
C. Employ a random key generator strategy.
D. Employ an account expiration strategy.
E. Employ a password lockout policy
Question 304: Every morning, a systems administrator monitors failed login attempts on the company’s log management server. The administrator notices the DBAdmin account has five failed username and/or password alerts during a ten-minute window. The systems administrator determines the user account is a dummy account used to attract attackers.
Which of the following techniques should the systems administrator implement?
A. Role-based access control
C. Rule-based access control
D. Password cracker
Question 305: Joe, a user, has been trying to send Ann, a different user, an encrypted document via email. Ann has not received the attachment but is able to receive the header information.
Which of the following is MOST likely preventing Ann from receiving the encrypted file?
A. Unencrypted credentials
B. Authentication issues
C. Weak cipher suite
D. Permission issues
Question 306: A security analyst is reviewing patches on servers. One of the servers is reporting the following error message in the WSUS management console:
The computer has not reported status in 30 days.
Given this scenario, which of the following statements BEST represents the issue with the output above?
A. The computer in question has not pulled the latest ACL policies for the firewall.
B. The computer in question has not pulled the latest GPO policies from the management server.
C. The computer in question has not pulled the latest antivirus definitions from the antivirus program.
D. The computer in question has not pulled the latest application software updates.
Question 307: A bank is experiencing a DoS attack against an application designed to handle 500 IP-based sessions. in addition, the perimeter router can only handle 1Gbps of traffic.
Which of the following should be implemented to prevent a DoS attacks in the future?
A. Deploy multiple web servers and implement a load balancer
B. Increase the capacity of the perimeter router to 10 Gbps
C. Install a firewall at the network to prevent all attacks
D. Use redundancy across all network devices and services
Question 308: A malicious system continuously sends an extremely large number of SYN packets to a server. Which of the following BEST describes the resulting effect?
A. The server will be unable to server clients due to lack of bandwidth
B. The server’s firewall will be unable to effectively filter traffic due to the amount of data transmitted
C. The server will crash when trying to reassemble all the fragmented packets
D. The server will exhaust its memory maintaining half-open connections
Question 309: Which of the following is the proper order for logging a user into a system from the first step to the last step?
A. Identification, authentication, authorization
B. Identification, authorization, authentication
C. Authentication, identification, authorization
D. Authentication, identification, authorization
E. Authorization, identification, authentication
Question 310: A company stores highly sensitive data files used by the accounting system on a server file share.
The accounting system uses a service account named accounting-svc to access the file share.
The data is protected will a full disk encryption, and the permissions are set as follows:
File system permissions: Users = Read Only
Share permission: accounting-svc = Read Only
Given the listed protections are in place and unchanged, to which of the following risks is the data still subject?
A. Exploitation of local console access and removal of data
B. Theft of physical hard drives and a breach of confidentiality
C. Remote exfiltration of data using domain credentials
D. Disclosure of sensitive data to third parties due to excessive share permissions
Keyword: SY0-501 Free Exam Dumps, SY0-501 Exam Questions, SY0-501 Exam Dumps, SY0-501 Braindumps, SY0-501 Real Questions, SY0-501 Practice Test, SY0-501 Practice Exam, SY0-501 Free Test, SY0-501 Free Questions, SY0-501 Real Exam Questions and Answers, SY0-501 VCE Dumps, SY0-501 ETE Dumps, SY0-501 PDF Dumps, and SY0-501 Study Guide.