CompTIA Security+ SY0-501 Exam Questions and Answers – Page 4

The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.

Exam Question 361

A corporation is concerned that, if a mobile device is lost, any sensitive information on the device could be accessed by third parties. Which of the following would BEST prevent this from happening?

A. Initiate remote wiping on lost mobile devices
B. Use FDE and require PINs on all mobile devices
C. Use geolocation to track lost devices
D. Require biometric logins on all mobile devices

Correct Answer:
A. Initiate remote wiping on lost mobile devices

Exam Question 362

Ann, a security analyst, wants to implement a secure exchange of email. Which of the following is the BEST option for Ann to implement?

A. PGP
B. HTTPS
C. WPA
D. TLS

Correct Answer:
A. PGP

Exam Question 363

A security administrator wants to determine if a company’s web servers have the latest operating system and application patches installed. Which of the following types of vulnerability scans should be conducted?

A. Non-credentialed
B. Passive
C. Port
D. Credentialed
E. Red team
F. Active

Correct Answer:
D. Credentialed

Exam Question 364

During a recent audit, several undocumented and unpatched devices were discovered on the internal network. Which of the following can be done to prevent similar occurrences?

A. Run weekly vulnerability scans and remediate any missing patches on all company devices
B. Implement rogue system detection and configure automated alerts for new devices
C. Install DLP controls and prevent the use of USB drives on devices
D. Configure the WAPs to use NAC and refuse connections that do not pass the health check

Correct Answer:
A. Run weekly vulnerability scans and remediate any missing patches on all company devices

Exam Question 365

A company needs to implement a system that only lets a visitor use the company’s network infrastructure if the visitor accepts the AUP. Which of the following should the company use?

A. WiFi-protected setup
B. Password authentication protocol
C. Captive portal
D. RADIUS

Correct Answer:
C. Captive portal

Exam Question 366

An analyst is currently looking at the following output:

An analyst is currently looking at the following output
An analyst is currently looking at the following output

Which of the following security issues has been discovered based on the output?

A. Insider threat
B. License compliance violation
C. Unauthorized software
D. Misconfigured admin permissions

Correct Answer:
B. License compliance violation

Exam Question 367

A company recently updated its website to increase sales. The new website uses PHP forms for leads and provides a directory with sales staff and their phone numbers. A systems administrator is concerned with the new website and provides the following log to support the concern:

A systems administrator is concerned with the new website and provides the following log to support the concern
A systems administrator is concerned with the new website and provides the following log to support the concern

Which of the following is the systems administrator MOST likely to suggest to the Chief Information Security Officer (CISO) based on the above?

A. Changing the account standard naming convention
B. Implementing account lockouts
C. Discontinuing the use of privileged accounts
D. Increasing the minimum password length from eight to ten characters

Correct Answer:
A. Changing the account standard naming convention

Exam Question 368

A company hired a firm to test the security posture of its database servers and determine if any vulnerabilities can be exploited. The company provided limited imformation pertaining to the infrastructure and database server. Which of the following forms of testing does this BEST describe?

A. Black box
B. Gray box
C. White box
D. Vulnerability scanning

Correct Answer:
B. Gray box

Exam Question 369

When considering IoT systems, which of the following represents the GREATEST ongoing risk after a vulnerability has been discovered?

A. Difficult-to-update firmware
B. Tight integration to existing systems
C. IP address exhaustion
D. Not using industry standards

Correct Answer:
B. Tight integration to existing systems

Exam Question 370

A systems administrator has been assigned to create accounts for summer interns. The interns are only authorized to be in the facility and operate computers under close supervision. They must also leave the facility at designated times each day. However, the interns can access intern file folders without supervision. Which of the following represents the BEST way to configure the accounts? (Choose two.)

A. Implement time-of-day restrictions.
B. Modify archived data.
C. Access executive shared portals.
D. Create privileged accounts.
E. Enforce least privilege.

Correct Answer:
A. Implement time-of-day restrictions.
D. Create privileged accounts.