CompTIA Security+ SY0-501 Exam Questions and Answers – Page 5

The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.

CompTIA Security+ (SY0-501) Exam Questions and Answers
CompTIA Security+ (SY0-501) Exam Questions and Answers

Exam Question 401

When accessing a popular website, a user receives a warming that the certificate for the website is not valid. Upon investigation, it was noted that the certificate is not revoked and the website is working fine for other users.
Which of the following is the MOST likely cause for this?

A. The certificate is corrupted on the server.
B. The certificate was deleted from the local cache.
C. The user needs to restart the machine.
D. The system date on the user’s device is out of sync.

Correct Answer:
D. The system date on the user’s device is out of sync.

Exam Question 402

A systems administrator has created network file shares for each department with associated security groups for each role within the organization.
Which of the following security concepts is the systems administrator implementing?

A. Separation of duties
B. Permission auditing
C. Least privilege
D. Standard naming conversation

Correct Answer:
C. Least privilege

Exam Question 403

Which of the following outcomes is a result of proper error-handling procedures in secure code?

A. Execution continues with no notice or logging of the error condition.
B. Minor fault conditions result in the system stopping to preserve state.
C. The program runs through to completion with no detectable impact or output.
D. All fault conditions are logged and do not result in a program crash.

Correct Answer:
D. All fault conditions are logged and do not result in a program crash.

Exam Question 404

Which of the following enables sniffing attacks against a switched network?

A. ARP poisoning
B. IGMP snooping
C. IP spoofing
D. SYN flooding

Correct Answer:
A. ARP poisoning

Exam Question 405

A company wants to ensure users are only logging into the system from their laptops when they are on site.
Which of the following would assist with this?

A. Geofencing
B. Smart cards
C. Biometrics
D. Tokens

Correct Answer:
A. Geofencing

Exam Question 406

During a penetration test, the tester performs a preliminary scan for any responsive hosts. Which of the following BEST explains why the tester is doing this?

A. To determine if the network routes are improperly forwarding request packets
B. To identify the total number of hosts and determine if the network can be victimized by a DoS attack
C. To identify servers for subsequent scans and further investigation
D. To identify the unresponsive hosts and determine if those could be used as zombies in a follow-up scan.

Correct Answer:
C. To identify servers for subsequent scans and further investigation

Exam Question 407

Which of the following is being used when a malicious actor searches various social media websites to find information about a company’s system administrators and help desk staff?

A. Passive reconnaissance
B. Initial exploitation
C. Vulnerability scanning
D. Social engineering

Correct Answer:
A. Passive reconnaissance

Exam Question 408

Given the following requirements:

  • Help to ensure non-repudiation
  • Capture motion in various formats

Which of the following physical controls BEST matches the above descriptions?

A. Camera
B. Mantrap
C. Security guard
D. Motion sensor

Correct Answer:
A. Camera

Exam Question 409

An organization has hired a new remote workforce. Many new employees are reporting that they are unable to access the shared network resources while traveling. They need to be able to travel to and from different locations on a weekly basis. Shared offices are retained at the headquarters location. The remote workforce will have identical file and system access requirements, and must also be able to log in to the headquarters location remotely. Which of the following BEST represent how the remote employees should have been set up initially? (Choose two.)

A. User-based access control
B. Shared accounts
C. Group-based access control
D. Mapped drives
E. Individual accounts
F. Location-based policies

Correct Answer:
C. Group-based access control
E. Individual accounts

Exam Question 410

A network technician is setting up a new branch for a company. The users at the new branch will need to access resources securely as if they were at the main location. Which of the following networking concepts would BEST accomplish this?

A. Virtual network segmentation
B. Physical network segmentation
C. Site-to-site VPN
D. Out-of-band access
E. Logical VLANs

Correct Answer:
C. Site-to-site VPN