CompTIA Security+ SY0-501 Exam Questions and Answers – Page 5

The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.

Exam Question 411

A water utility company has seen a dramatic increase in the number of water pumps burning out. A malicious actor was attacking the company and is responsible for the increase. Which of the following systems has the attacker compromised?

A. DMZ
B. RTOS
C. SCADA
D. IoT

Correct Answer:
C. SCADA

Exam Question 412

An organization’s Chief Executive Officer (CEO) directs a newly hired computer technician to install an OS on the CEO’s personal laptop. The technician performs the installation, and a software audit later in the month indicates a violation of the EULA occurred as a result. Which of the following would address this violation going forward?

A. Security configuration baseline
B. Separation of duties
C. AUP
D. NDA

Correct Answer:
C. AUP

Exam Question 413

Which of the following attackers generally possesses minimal technical knowledge to perform advanced attacks and uses widely available tools as well as publicly available information?

A. Hacktivist
B. White hat hacker
C. Script kiddle
D. Penetration tester

Correct Answer:
C. Script kiddle

Exam Question 414

A company is performing an analysis of which corporate units are most likely to cause revenue loss in the event the unit is unable to operate. Which of the following is an element of the BIA that this action is addressing?

A. Critical system inventory
B. Single point of failure
C. Continuity of operations
D. Mission-essential functions

Correct Answer:
A. Critical system inventory

Exam Question 415

A company’s IT staff is given the task of securely disposing of 100 server HDDs. The security team informs the IT staff that the data must not be accessible by a third party after disposal. Which of the following is the MOST time-efficient method to achieve this goal?

A. Use a degausser to sanitize the drives.
B. Remove the platters from the HDDs and shred them.
C. Perform a quick format of the HDD drives.
D. Use software to zero fill all of the hard drives.

Correct Answer:
A. Use a degausser to sanitize the drives.

Exam Question 416

Two companies are enabling TLS on their respective email gateways to secure communications over the Internet. Which of the following cryptography concepts is being implemented?

A. Perfect forward secrecy
B. Ephemeral keys
C. Domain validation
D. Data in transit

Correct Answer:
D. Data in transit

Exam Question 417

The Chief Executive Officer (CEO) received an email from the Chief Financial Officer (CFO), asking the CEO to send financial details. The CEO thought it was strange that the CFO would ask for the financial details via email. The email address was correct in the “From” section of the email. The CEO clicked the form and sent the financial information as requested. Which of the following caused the incident?

A. Domain hijacking
B. SPF not enabled
C. MX records rerouted
D. Malicious insider

Correct Answer:
B. SPF not enabled

Exam Question 418

Which of the following control types would a backup of server data provide in case of a system issue?

A. Corrective
B. Deterrent
C. Preventive
D. Detective

Correct Answer:
A. Corrective

Exam Question 419

Which of the following can occur when a scanning tool cannot authenticate to a server and has to rely on limited information obtained from service banners?

A. False positive
B. Passive reconnaissance
C. Access violation
D. Privilege escalation

Correct Answer:
A. False positive

Exam Question 420

A systems administrator needs to integrate multiple IoT and small embedded devices into the company’s wireless network securely. Which of the following should the administrator implement to ensure low-power and legacy devices can connect to the wireless network?

A. WPS
B. WPA
C. EAP-FAST
D. 802.1X

Correct Answer:
A. WPS