The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.
Exam Question 411
A water utility company has seen a dramatic increase in the number of water pumps burning out. A malicious actor was attacking the company and is responsible for the increase. Which of the following systems has the attacker compromised?
A. DMZ
B. RTOS
C. SCADA
D. IoT
Correct Answer:
C. SCADA
Exam Question 412
An organization’s Chief Executive Officer (CEO) directs a newly hired computer technician to install an OS on the CEO’s personal laptop. The technician performs the installation, and a software audit later in the month indicates a violation of the EULA occurred as a result. Which of the following would address this violation going forward?
A. Security configuration baseline
B. Separation of duties
C. AUP
D. NDA
Correct Answer:
C. AUP
Exam Question 413
Which of the following attackers generally possesses minimal technical knowledge to perform advanced attacks and uses widely available tools as well as publicly available information?
A. Hacktivist
B. White hat hacker
C. Script kiddle
D. Penetration tester
Correct Answer:
C. Script kiddle
Exam Question 414
A company is performing an analysis of which corporate units are most likely to cause revenue loss in the event the unit is unable to operate. Which of the following is an element of the BIA that this action is addressing?
A. Critical system inventory
B. Single point of failure
C. Continuity of operations
D. Mission-essential functions
Correct Answer:
A. Critical system inventory
Exam Question 415
A company’s IT staff is given the task of securely disposing of 100 server HDDs. The security team informs the IT staff that the data must not be accessible by a third party after disposal. Which of the following is the MOST time-efficient method to achieve this goal?
A. Use a degausser to sanitize the drives.
B. Remove the platters from the HDDs and shred them.
C. Perform a quick format of the HDD drives.
D. Use software to zero fill all of the hard drives.
Correct Answer:
A. Use a degausser to sanitize the drives.
Exam Question 416
Two companies are enabling TLS on their respective email gateways to secure communications over the Internet. Which of the following cryptography concepts is being implemented?
A. Perfect forward secrecy
B. Ephemeral keys
C. Domain validation
D. Data in transit
Correct Answer:
D. Data in transit
Exam Question 417
The Chief Executive Officer (CEO) received an email from the Chief Financial Officer (CFO), asking the CEO to send financial details. The CEO thought it was strange that the CFO would ask for the financial details via email. The email address was correct in the “From” section of the email. The CEO clicked the form and sent the financial information as requested. Which of the following caused the incident?
A. Domain hijacking
B. SPF not enabled
C. MX records rerouted
D. Malicious insider
Correct Answer:
B. SPF not enabled
Exam Question 418
Which of the following control types would a backup of server data provide in case of a system issue?
A. Corrective
B. Deterrent
C. Preventive
D. Detective
Correct Answer:
A. Corrective
Exam Question 419
Which of the following can occur when a scanning tool cannot authenticate to a server and has to rely on limited information obtained from service banners?
A. False positive
B. Passive reconnaissance
C. Access violation
D. Privilege escalation
Correct Answer:
A. False positive
Exam Question 420
A systems administrator needs to integrate multiple IoT and small embedded devices into the company’s wireless network securely. Which of the following should the administrator implement to ensure low-power and legacy devices can connect to the wireless network?
A. WPS
B. WPA
C. EAP-FAST
D. 802.1X
Correct Answer:
A. WPS