Skip to Content

CompTIA Security+ SY0-501 Exam Questions and Answers – Page 4

The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.

Exam Question 341

A network administrator is creating a new network for an office. For security purposes, each department should have its resources isolated from every other department but be able to communicate back to central servers. Which of the following architecture concepts would BEST accomplish this?

A. Air gapped network
B. Load balanced network
C. Network address translation
D. Network segmentation

Correct Answer:
D. Network segmentation

Exam Question 342

A customer calls a technician and needs to remotely connect to a web server to change some code manually. The technician needs to configure the user’s machine with protocols to connect to the Unix web server, which is behind a firewall. Which of the following protocols does the technician MOST likely need to configure?


Correct Answer:

Exam Question 343

Joe recently assumed the role of data custodian for this organization. While cleaning out an unused storage safe, he discovers several hard drives that are labeled “unclassified” and awaiting destruction. The hard drives are obsolete and cannot be installed in any of his current computing equipment. Which of the following is the BEST method for disposing of the hard drives?

A. Burning
B. Wiping
C. Purging
D. Pulverizing

Correct Answer:
D. Pulverizing

Exam Question 344

A security administrator is reviewing the following firewall configuration after receiving reports that users are unable to connect to remote websites:

Which of the following is the MOST secure solution the security administrator can implement to fix this issue?

A. Add the following rule to the firewall: 5 PERMIT FROM:ANY TO:ANY PORT:53
B. Replace rule number 10 with the following rule: 10 PERMIT FROM:ANY TO:ANY PORT:22
C. Insert the following rule in the firewall: 25 PERMIT FROM:ANY TO:ANY PORTS:ANY
D. Remove the following rule from the firewall: 30 DENY FROM:ANY TO:ANY PORT:ANY

Correct Answer:
A. Add the following rule to the firewall: 5 PERMIT FROM:ANY TO:ANY PORT:53

Exam Question 345

A security administrator is performing a risk assessment on a legacy WAP with a WEP-enabled wireless infrastructure. Which of the following should be implemented to harden the infrastructure without upgrading the WAP?

A. Implement WPA and TKIP
B. Implement WPS and an eight-digit pin
C. Implement WEP and RC4
D. Implement WPA2 Enterprise

Correct Answer:
D. Implement WPA2 Enterprise

Exam Question 346

A systems administrator is installing a new server in a large datacenter. Which of the following BEST describes the importance of properly positioning servers in the rack to maintain availability?

A. To allow for visibility of the servers’ status indicators
B. To adhere to cable management standards
C. To maximize the fire suppression system’s efficiency
D. To provide consistent air flow

Correct Answer:
D. To provide consistent air flow

Exam Question 347

To get the most accurate results on the security posture of a system, which of the following actions should the security analyst do prior to scanning?

A. Log all users out of the system
B. Patch the scanner
C. Reboot the target host
D. Update the web plugins

Correct Answer:
B. Patch the scanner

Exam Question 348

While investigating a virus infection, a security analyst discovered the following on an employee laptop:

  • Multiple folders containing a large number of newly released movies and music files
  • Proprietary company data
  • A large amount of PHI data
  • Unapproved FTP software
  • Documents that appear to belong to a competitor

Which of the following should the analyst do FIRST?

A. Contact the legal and compliance department for guidance
B. Delete the files, remove the FTP software, and notify management
C. Back up the files and return the device to the user
D. Wipe and reimage the device

Correct Answer:
A. Contact the legal and compliance department for guidance

Exam Question 349

Which of the following penetration testing concepts is an attacker MOST interested in when placing the path of a malicious file in the Windows/CurrentVersion/Run registry key?

A. Persistence
B. Pivoting
C. Active reconnaissance
D. Escalation of privilege

Correct Answer:
D. Escalation of privilege

Exam Question 350

A security analyst is implementing PKI-based functionality to a web application that has the following requirements:

  • File contains certificate information
  • Certificate chains
  • Root authority certificates
  • Private key

All of these components will be part of one file and cryptographically protected with a password. Given this scenario, which of the following certificate types should the analyst implement to BEST meet these requirements?

A. .pfx certificate
B. .cer certificate
C. .der certificate
D. .crt certificate

Correct Answer:
A. .pfx certificate

    Ads Blocker Image Powered by Code Help Pro

    It looks like you are using an adblocker.

    Ads keep our content free. Please consider supporting us by allowing ads on