The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.
Exam Question 421
When backing up a database server to LTO tape drives, the following backup schedule is used. Backups take one hour to complete:
Sunday (7 PM): Full backup
Monday (7 PM): Incremental
Tuesday (7 PM): Incremental
Wednesday (7 PM): Differential
Thurday (7 PM): Incremental
Friday (7 PM): Incremental
Saturdayday (7 PM): Incremental
On Friday at 9:00 p.m., there is a RAID failure on the database server. The data must be restored from backup. Which of the following is the number of backup tapes that will be needed to complete this operation?
A. 1
B. 2
C. 3
D. 4
E. 6
Correct Answer:
C. 3
Exam Question 422
An administrator is implementing a secure web server and wants to ensure that if the web server application is compromised, the application does not have access to other parts of the server or network.
Which of the following should the administrator implement? (Choose two.)
A. Mandatory access control
B. Discretionary access control
C. Rule-based access control
D. Role-based access control
E. Attribute-based access control
Correct Answer:
A. Mandatory access control
C. Rule-based access control
Exam Question 423
A developer has incorporated routines into the source code for controlling the length of the input passed to the program. Which of the following types of vulnerabilities is the developer protecting the code against?
A. DLL injection
B. Memory leak
C. Buffer overflow
D. Pointer dereference
Correct Answer:
C. Buffer overflow
Exam Question 424
An application developer has neglected to include input validation checks in the design of the company’s new web application. An employee discovers that repeatedly submitting large amounts of data, including custom code, to an application will allow the execution of the custom code at the administrator level. Which of the following BEST identifies this application attack?
A. Cross-site scripting
B. Clickjacking
C. Buffer overflow
D. Replay
Correct Answer:
C. Buffer overflow
Exam Question 425
Which of the following identity access methods creates a cookie on the first login to a central authority to allow logins to subsequent applications without re-entering credentials?
A. Multifactor authentication
B. Transitive trust
C. Federated access
D. Single sign-on
Correct Answer:
D. Single sign-on
Exam Question 426
A network technician is designing a network for a small company. The network technician needs to implement an email server and web server that will be accessed by both internal employees and external customers. Which of the following would BEST secure the internal network and allow access to the needed servers?
A. Implementing a site-to-site VPN for server access.
B. Implementing a DMZ segment for the server.
C. Implementing NAT addressing for the servers.
D. Implementing a sandbox to contain the servers.
Correct Answer:
B. Implementing a DMZ segment for the server.
Exam Question 427
A company has a team of penetration testers. This team has located a file on the company file server that they believe contains cleartext usernames followed by a hash. Which of the following tools should the penetration testers use to learn more about the content of this file?
A. Exploitation framework
B. Vulnerability scanner
C. Netcat
D. Password cracker
Correct Answer:
D. Password cracker
Exam Question 428
The Chief Information Security Officer (CISO) in a company is working to maximize protection efforts of sensitive corporate data. The CISO implements a “100% shred” policy within the organization, with the intent to destroy any documentation that is not actively in use in a way that it cannot be recovered or reassembled. Which of the following attacks is this deterrent MOST likely to mitigate?
A. Dumpster diving
B. Whaling
C. Shoulder surfing
D. Vishing
Correct Answer:
A. Dumpster diving
Exam Question 429
An organization has air gapped a critical system.
Which of the following BEST describes the type of attacks that are prevented by this security measure?
A. Attacks from another local network segment
B. Attacks exploiting USB drives and removable media
C. Attacks that spy on leaked emanations or signals
D. Attacks that involve physical intrusion or theft
Correct Answer:
A. Attacks from another local network segment
Exam Question 430
A security administrator is choosing an algorithm to generate password hashes.
Which of the following would offer the BEST protection against offline brute force attacks?
A. MD5
B. 3DES
C. AES
D. SHA-1
Correct Answer:
C. AES