CompTIA Security+ SY0-501 Exam Questions and Answers – Page 4

The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.

Exam Question 351

Which of the following encryption algorithms is used primarily to secure data at rest?

A. AES
B. SSL
C. TLS
D. RSA

Correct Answer:
A. AES

Exam Question 352

A security auditor is performing a vulnerability scan to find out if mobile applications used in the organization are secure. The auditor discovers that one application has been accessed remotely with no legitimate account credentials. After investigating, it seems the application has allowed some users to bypass authentication of that application. Which of the following types of malware allow such a compromise to take place? (Choose two.)

A. RAT
B. Ransomware
C. Worm
D. Trojan
E. Backdoor

Correct Answer:
A. RAT
E. Backdoor

Exam Question 353

An organization electronically processes sensitive data within a controlled facility. The Chief Information Security Officer (CISO) wants to limit emissions from emanating from the facility. Which of the following mitigates this risk?

A. Upgrading facility cabling to a higher standard of protected cabling to reduce the likelihood of emission spillage
B. Hardening the facility through the use of secure cabinetry to block emissions
C. Hardening the facility with a Faraday cage to contain emissions produced from data processing
D. Employing security guards to ensure unauthorized personnel remain outside of the facility

Correct Answer:
C. Hardening the facility with a Faraday cage to contain emissions produced from data processing

Exam Question 354

A company wants to provide centralized authentication for its wireless system. The wireless authentication system must integrate with the directory back end. Which of the following is a AAA solution that will provide the required wireless authentication?

A. TACACS+
B. MSCHAPv2
C. RADIUS
D. LDAP

Correct Answer:
C. RADIUS

Exam Question 355

An incident response analyst at a large corporation is reviewing proxy log data. The analyst believes a malware infection may have occurred. Upon further review, the analyst determines the computer responsible for the suspicious network traffic is used by the Chief Executive Officer (CEO).
Which of the following is the best NEXT step for the analyst to take?

A. Call the CEO directly to ensure awareness of the event
B. Run a malware scan on the CEO’s workstation
C. Reimage the CEO’s workstation
D. Disconnect the CEO’s workstation from the network

Correct Answer:
D. Disconnect the CEO’s workstation from the network

Exam Question 356

A law office has been leasing dark fiber from a local telecommunications company to connect a remote office to company headquarters. The telecommunications company has decided to discontinue its dark fiber product and is offering an MPLS connection, which the law office feels is too expensive. Which of the following is the BEST solution for the law office?

A. Remote access VPN
B. VLAN
C. VPN concentrator
D. Site-to-site VPN

Correct Answer:
D. Site-to-site VPN

Exam Question 357

An analyst is part of a team that is investigating a potential breach of sensitive data at a large financial services organization. The organization suspects a breach occurred when proprietary data was disclosed to the public. The team finds servers were accessed using shared credentials that have been in place for some time. In addition, the team discovers undocumented firewall rules, which provided unauthorized external access to a server. Suspecting the activities of a malicious insider threat, which of the following was MOST likely to have been utilized to exfiltrate the proprietary data?

A. Keylogger
B. Botnet
C. Crypto-malware
D. Backdoor
E. Ransomware
F. DLP

Correct Answer:
D. Backdoor

Exam Question 358

A member of the human resources department is searching for candidate resumes and encounters the following error message when attempting to access popular job search websites:

A member of the human resources department is searching for candidate resumes and encounters the following error message
A member of the human resources department is searching for candidate resumes and encounters the following error message

Which of the following would resolve this issue without compromising the company’s security policies?

A. Renew the DNS settings and IP address on the employee’s computer
B. Add the employee to a less restrictive group on the content filter
C. Remove the proxy settings from the employee’s web browser
D. Create an exception for the job search sites in the host-based firewall on the employee’s computer

Correct Answer:
B. Add the employee to a less restrictive group on the content filter

Exam Question 359

A security administrator has replaced the firewall and notices a number of dropped connections. After looking at the data the security administrator sees the following information that was flagged as a possible issue: “SELECT * FROM” and ‘1’=’1′
Which of the following can the security administrator determine from this?

A. An SQL injection attack is being attempted
B. Legitimate connections are being dropped
C. A network scan is being done on the system
D. An XSS attack is being attempted

Correct Answer:
A. An SQL injection attack is being attempted

Exam Question 360

A penetration testing team deploys a specifically crafted payload to a web server, which results in opening a new session as the web server daemon. This session has full read/write access to the file system and the admin console. Which of the following BEST describes the attack?

A. Domain hijacking
B. Injection
C. Buffer overflow
D. Privilege escalation

Correct Answer:
D. Privilege escalation