The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.
Exam Question 381
A user needs to transmit confidential information to a third party.
Which of the following should be used to encrypt the message?
A. AES
B. SHA-2
C. SSL
D. RSA
Correct Answer:
A. AES
Exam Question 382
A security analyst believes an employee’s workstation has been compromised. The analyst reviews the system logs, but does not find any attempted logins. The analyst then runs the diff command, comparing the C:\Windows\System32 directory and the installed cache directory. The analyst finds a series of files that look suspicious.
One of the files contains the following commands:
One of the files contains the following commands
Which of the following types of malware was used?
A. Worm
B. Spyware
C. Logic bomb
D. Backdoor
Correct Answer:
D. Backdoor
Exam Question 383
Which of the following differentiates ARP poisoning from a MAC spoofing attack?
A. ARP poisoning uses unsolicited ARP replies.
B. ARP poisoning overflows a switch’s CAM table.
C. MAC spoofing uses DHCPOFFER/DHCPACK packets.
D. MAC spoofing can be performed across multiple routers.
Correct Answer:
A. ARP poisoning uses unsolicited ARP replies.
Exam Question 384
A company has just completed a vulnerability scan of its servers. A legacy application that monitors the HVAC system in the datacenter presents several challenges, as the application vendor is no longer in business.
Which of the following secure network architecture concepts would BEST protect the other company servers if the legacy server were to be exploited?
A. Virtualization
B. Air gap
C. VLAN
D. Extranet
Correct Answer:
B. Air gap
Exam Question 385
Which of the following methods is used by internal security teams to assess the security of internally developed applications?
A. Active reconnaissance
B. Pivoting
C. White box testing
D. Persistence
Correct Answer:
C. White box testing
Exam Question 386
A technician has discovered a crypto-virus infection on a workstation that has access to sensitive remote resources.
Which of the following is the immediate NEXT step the technician should take?
A. Determine the source of the virus that has infected the workstation.
B. Sanitize the workstation’s internal drive.
C. Reimage the workstation for normal operation.
D. Disable the network connections on the workstation.
Correct Answer:
D. Disable the network connections on the workstation.
Exam Question 387
A security engineer implements multiple technical measures to secure an enterprise network. The engineer also works with the Chief Information Officer (CIO) to implement policies to govern user behavior.
Which of the following strategies is the security engineer executing?
A. Baselining
B. Mandatory access control
C. Control diversity
D. System hardening
Correct Answer:
C. Control diversity
Exam Question 388
A security analyst identified an SQL injection attack.
Which of the following is the FIRST step in remediating the vulnerability?
A. Implement stored procedures.
B. Implement proper error handling.
C. Implement input validations.
D. Implement a WAF.
Correct Answer:
C. Implement input validations.
Exam Question 389
A company is performing an analysis of the corporate enterprise network with the intent of identifying any one system, person, function, or service that, when neutralized, will cause or cascade disproportionate damage to the company’s revenue, referrals, and reputation.
Which of the following an element of the BIA that this action is addressing?
A. Identification of critical systems
B. Single point of failure
C. Value assessment
D. Risk register
Correct Answer:
A. Identification of critical systems
Exam Question 390
An analyst generates the following color-coded table shown in the exhibit to help explain the risk of potential incidents in the company. The vertical axis indicates the likelihood of an incident, while the horizontal axis indicates the impact.
An analyst generates the following color-coded table shown in the exhibit to help explain the risk of potential incidents in the company
Which of the following is this table an example of?
A. Internal threat assessment
B. Privacy impact assessment
C. Qualitative risk assessment
D. Supply chain assessment
Correct Answer:
C. Qualitative risk assessment