The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.
Exam Question 311
A bank uses a wireless network to transmit credit card purchases to a billing system.
Which of the following would be MOST appropriate to protect credit card information from being accessed by unauthorized individuals outside of the premises?
A. Air gap
B. Infrared detection
C. Faraday cage
D. Protected distributions
Correct Answer:
C. Faraday cage
Exam Question 312
An external auditor visits the human resources department and performs a physical security assessment.
The auditor observed documents on printers that are unclaimed. A closer look at these documents reveals employee names, addresses, ages, and types of medical and dental coverage options each employee has selected.
Which of the following is the MOST appropriate actions to take?
A. Flip the documents face down so no one knows these documents are PII sensitive
B. Shred the documents and let the owner print the new set
C. Retrieve the documents, label them with a PII cover sheet, and return them to the printer
D. Report to the human resources manager that their personnel are violating a privacy policy
Correct Answer:
D. Report to the human resources manager that their personnel are violating a privacy policy
Exam Question 313
Which of the following authentication concepts is a gait analysis MOST closely associated?
A. Somewhere you are
B. Something you are
C. Something you do
D. Something you know
Correct Answer:
C. Something you do
Exam Question 314
Which of the following metrics are used to calculate the SLE? (Choose two.)
A. ROI
B. ARO
C. ALE
D. MTBF
E. MTTF
F. TCO
Correct Answer:
B. ARO
C. ALE
Exam Question 315
Due to regulatory requirements, server in a global organization must use time synchronization. Which of the following represents the MOST secure method of time synchronization?
A. The server should connect to external Stratum 0 NTP servers for synchronization
B. The server should connect to internal Stratum 0 NTP servers for synchronization
C. The server should connect to external Stratum 1 NTP servers for synchronization
D. The server should connect to external Stratum 1 NTP servers for synchronization
Correct Answer:
B. The server should connect to internal Stratum 0 NTP servers for synchronization
Exam Question 316
When sending messages using symmetric encryption, which of the following must happen FIRST?
A. Exchange encryption key
B. Establish digital signatures
C. Agree on an encryption method
D. Install digital certificates
Correct Answer:
C. Agree on an encryption method
Exam Question 317
Which of the following scenarios BEST describes an implementation of non-repudiation?
A. A user logs into a domain workstation and access network file shares for another department
B. A user remotely logs into the mail server with another user’s credentials
C. A user sends a digitally signed email to the entire finance department about an upcoming meeting
D. A user access the workstation registry to make unauthorized changes to enable functionality within an
application
Correct Answer:
C. A user sends a digitally signed email to the entire finance department about an upcoming meeting
Exam Question 318
An office manager found a folder that included documents with various types of data relating to corporate clients. The office manager notified the data included dates of birth, addresses, and phone numbers for the clients. The office manager then reported this finding to the security compliance officer. Which of the following portions of the policy would the security officer need to consult to determine if a breach has occurred?
A. Public
B. Private
C. PHI
D. PII
Correct Answer:
D. PII
Exam Question 319
Which of the following would be considered multifactor authentication?
A. Hardware token and smart card
B. Voice recognition and retina scan
C. Strong password and fingerprint
D. PIN and security questions
Correct Answer:
C. Strong password and fingerprint
Exam Question 320
A user receives an email from ISP indicating malicious traffic coming from the user’s home network is detected. The traffic appears to be Linux-based, and it is targeting a website that was recently featured on the news as being taken offline by an Internet attack. The only Linux device on the network is a home surveillance camera system.
Which of the following BEST describes what is happening?
A. The camera system is infected with a bot.
B. The camera system is infected with a RAT.
C. The camera system is infected with a Trojan.
D. The camera system is infected with a backdoor.
Correct Answer:
A. The camera system is infected with a bot.