The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.
Exam Question 361
A corporation is concerned that, if a mobile device is lost, any sensitive information on the device could be accessed by third parties. Which of the following would BEST prevent this from happening?
A. Initiate remote wiping on lost mobile devices
B. Use FDE and require PINs on all mobile devices
C. Use geolocation to track lost devices
D. Require biometric logins on all mobile devices
Correct Answer:
A. Initiate remote wiping on lost mobile devices
Exam Question 362
Ann, a security analyst, wants to implement a secure exchange of email. Which of the following is the BEST option for Ann to implement?
A. PGP
B. HTTPS
C. WPA
D. TLS
Correct Answer:
A. PGP
Exam Question 363
A security administrator wants to determine if a company’s web servers have the latest operating system and application patches installed. Which of the following types of vulnerability scans should be conducted?
A. Non-credentialed
B. Passive
C. Port
D. Credentialed
E. Red team
F. Active
Correct Answer:
D. Credentialed
Exam Question 364
During a recent audit, several undocumented and unpatched devices were discovered on the internal network. Which of the following can be done to prevent similar occurrences?
A. Run weekly vulnerability scans and remediate any missing patches on all company devices
B. Implement rogue system detection and configure automated alerts for new devices
C. Install DLP controls and prevent the use of USB drives on devices
D. Configure the WAPs to use NAC and refuse connections that do not pass the health check
Correct Answer:
A. Run weekly vulnerability scans and remediate any missing patches on all company devices
Exam Question 365
A company needs to implement a system that only lets a visitor use the company’s network infrastructure if the visitor accepts the AUP. Which of the following should the company use?
A. WiFi-protected setup
B. Password authentication protocol
C. Captive portal
D. RADIUS
Correct Answer:
C. Captive portal
Exam Question 366
An analyst is currently looking at the following output:
An analyst is currently looking at the following output
Which of the following security issues has been discovered based on the output?
A. Insider threat
B. License compliance violation
C. Unauthorized software
D. Misconfigured admin permissions
Correct Answer:
B. License compliance violation
Exam Question 367
A company recently updated its website to increase sales. The new website uses PHP forms for leads and provides a directory with sales staff and their phone numbers. A systems administrator is concerned with the new website and provides the following log to support the concern:
A systems administrator is concerned with the new website and provides the following log to support the concern
Which of the following is the systems administrator MOST likely to suggest to the Chief Information Security Officer (CISO) based on the above?
A. Changing the account standard naming convention
B. Implementing account lockouts
C. Discontinuing the use of privileged accounts
D. Increasing the minimum password length from eight to ten characters
Correct Answer:
A. Changing the account standard naming convention
Exam Question 368
A company hired a firm to test the security posture of its database servers and determine if any vulnerabilities can be exploited. The company provided limited imformation pertaining to the infrastructure and database server. Which of the following forms of testing does this BEST describe?
A. Black box
B. Gray box
C. White box
D. Vulnerability scanning
Correct Answer:
B. Gray box
Exam Question 369
When considering IoT systems, which of the following represents the GREATEST ongoing risk after a vulnerability has been discovered?
A. Difficult-to-update firmware
B. Tight integration to existing systems
C. IP address exhaustion
D. Not using industry standards
Correct Answer:
B. Tight integration to existing systems
Exam Question 370
A systems administrator has been assigned to create accounts for summer interns. The interns are only authorized to be in the facility and operate computers under close supervision. They must also leave the facility at designated times each day. However, the interns can access intern file folders without supervision. Which of the following represents the BEST way to configure the accounts? (Choose two.)
A. Implement time-of-day restrictions.
B. Modify archived data.
C. Access executive shared portals.
D. Create privileged accounts.
E. Enforce least privilege.
Correct Answer:
A. Implement time-of-day restrictions.
D. Create privileged accounts.