CompTIA Security+ SY0-501 Exam Questions and Answers – Page 5

The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.

Exam Question 491

A systems engineer wants to leverage a cloud-based architecture with low latency between networkconnected devices that also reduces the bandwidth that is required by performing analytics directly on the endpoints. Which of the following would BEST meet the requirements? (Choose two.)

A. Private cloud
B. SaaS
C. Hybrid cloud
D. IaaS
E. DRaaS
F. Fog computing

Correct Answer:
A. Private cloud
B. SaaS

Exam Question 492

A systems engineer is setting up a RADIUS server to support a wireless network that uses certificate authentication. Which of the following protocols must be supported by both the RADIUS server and the WAPs?

A. CCMP
B. TKIP
C. WPS
D. EAP

Correct Answer:
D. EAP

Exam Question 493

A systems engineer is configuring a wireless network. The network must not require installation of thirdparty software. Mutual authentication of the client and the server must be used. The company has an internal PKI. Which of the following configurations should the engineer choose?

A. EAP-TLS
B. EAP-TTLS
C. EAP-FAST
D. EAP-MD5
E. PEAP

Correct Answer:
A. EAP-TLS

Exam Question 494

An organization plans to transition the intrusion detection and prevention techniques on a critical subnet to an anomaly-based system. Which of the following does the organization need to determine for this to be successful?

A. The baseline
B. The endpoint configurations
C. The adversary behavior profiles
D. The IPS signatures

Correct Answer:
A. The baseline

Exam Question 495

Joe, an employee, knows he is going to be fired in three days. Which of the following is Joe?

A. An insider threat
B. A competitor
C. A hacktivist
D. A state actor

Correct Answer:
A. An insider threat

Exam Question 496

An intruder sniffs network traffic and captures a packet of internal network transactions that add funds to a game card. The intruder pushes the same packet multiple times across the network, which increments the funds on the game card. Which of the following should a security administrator implement to BEST protect against this type of attack?

A. An IPS
B. A WAF
C. SSH
D. An IPSec VPN

Correct Answer:
D. An IPSec VPN

Exam Question 497

A Chief Security Office’s (CSO’s) key priorities are to improve preparation, response, and recovery practices to minimize system downtime and enhance organizational resilience to ransomware attacks.
Which of the following would BEST meet the CSO’s objectives?

A. Use email-filtering software and centralized account management, patch high-risk systems, and restrict administration privileges on fileshares.
B. Purchase cyber insurance from a reputable provider to reduce expenses during an incident.
C. Invest in end-user awareness training to change the long-term culture and behavior of staff and executives, reducing the organization’s susceptibility to phishing attacks.
D. Implement application whitelisting and centralized event-log management, and perform regular testing and validation of full backups.

Correct Answer:
D. Implement application whitelisting and centralized event-log management, and perform regular testing and validation of full backups.

Exam Question 498

Which of the following types of controls is a turnstile?

A. Physical
B. Detective
C. Corrective
D. Technical

Correct Answer:
A. Physical

Exam Question 499

After being alerted to potential anomalous activity related to trivial DNS lookups, a security analyst looks at the following output of implemented firewall rules:

A security analyst looks at the following output of implemented firewall rules
A security analyst looks at the following output of implemented firewall rules

The analyst notices that the expected policy has no hit count for the day. Which of the following MOST likely occurred?

A. Data execution prevention is enabled.
B. The VLAN is not trunked properly.
C. There is a policy violation for DNS lookups.
D. The firewall policy is misconfigured.

Correct Answer:
D. The firewall policy is misconfigured.

Exam Question 500

A security analyst is performing a BIA. The analyst notes that in a disaster, failover systems must be up and running within 30 minutes. The failover systems must use backup data that is no older than one hour.
Which of the following should the analyst include in the business continuity plan?

A. A maximum MTTR of 30 minutes
B. A maximum MTBF of 30 minutes
C. A maximum RTO of 60 minutes
D. A maximum RPO of 60 minutes
E. An SLA guarantee of 60 minutes

Correct Answer:
D. A maximum RPO of 60 minutes