CompTIA Security+ SY0-501 Exam Questions and Answers – Page 5

The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.

Exam Question 421

When backing up a database server to LTO tape drives, the following backup schedule is used. Backups take one hour to complete:
Sunday (7 PM): Full backup
Monday (7 PM): Incremental
Tuesday (7 PM): Incremental
Wednesday (7 PM): Differential
Thurday (7 PM): Incremental
Friday (7 PM): Incremental
Saturdayday (7 PM): Incremental

On Friday at 9:00 p.m., there is a RAID failure on the database server. The data must be restored from backup. Which of the following is the number of backup tapes that will be needed to complete this operation?

A. 1
B. 2
C. 3
D. 4
E. 6

Correct Answer:
C. 3

Exam Question 422

An administrator is implementing a secure web server and wants to ensure that if the web server application is compromised, the application does not have access to other parts of the server or network.
Which of the following should the administrator implement? (Choose two.)

A. Mandatory access control
B. Discretionary access control
C. Rule-based access control
D. Role-based access control
E. Attribute-based access control

Correct Answer:
A. Mandatory access control
C. Rule-based access control

Exam Question 423

A developer has incorporated routines into the source code for controlling the length of the input passed to the program. Which of the following types of vulnerabilities is the developer protecting the code against?

A. DLL injection
B. Memory leak
C. Buffer overflow
D. Pointer dereference

Correct Answer:
C. Buffer overflow

Exam Question 424

An application developer has neglected to include input validation checks in the design of the company’s new web application. An employee discovers that repeatedly submitting large amounts of data, including custom code, to an application will allow the execution of the custom code at the administrator level. Which of the following BEST identifies this application attack?

A. Cross-site scripting
B. Clickjacking
C. Buffer overflow
D. Replay

Correct Answer:
C. Buffer overflow

Exam Question 425

Which of the following identity access methods creates a cookie on the first login to a central authority to allow logins to subsequent applications without re-entering credentials?

A. Multifactor authentication
B. Transitive trust
C. Federated access
D. Single sign-on

Correct Answer:
D. Single sign-on

Exam Question 426

A network technician is designing a network for a small company. The network technician needs to implement an email server and web server that will be accessed by both internal employees and external customers. Which of the following would BEST secure the internal network and allow access to the needed servers?

A. Implementing a site-to-site VPN for server access.
B. Implementing a DMZ segment for the server.
C. Implementing NAT addressing for the servers.
D. Implementing a sandbox to contain the servers.

Correct Answer:
B. Implementing a DMZ segment for the server.

Exam Question 427

A company has a team of penetration testers. This team has located a file on the company file server that they believe contains cleartext usernames followed by a hash. Which of the following tools should the penetration testers use to learn more about the content of this file?

A. Exploitation framework
B. Vulnerability scanner
C. Netcat
D. Password cracker

Correct Answer:
D. Password cracker

Exam Question 428

The Chief Information Security Officer (CISO) in a company is working to maximize protection efforts of sensitive corporate data. The CISO implements a “100% shred” policy within the organization, with the intent to destroy any documentation that is not actively in use in a way that it cannot be recovered or reassembled. Which of the following attacks is this deterrent MOST likely to mitigate?

A. Dumpster diving
B. Whaling
C. Shoulder surfing
D. Vishing

Correct Answer:
A. Dumpster diving

Exam Question 429

An organization has air gapped a critical system.
Which of the following BEST describes the type of attacks that are prevented by this security measure?

A. Attacks from another local network segment
B. Attacks exploiting USB drives and removable media
C. Attacks that spy on leaked emanations or signals
D. Attacks that involve physical intrusion or theft

Correct Answer:
A. Attacks from another local network segment

Exam Question 430

A security administrator is choosing an algorithm to generate password hashes.
Which of the following would offer the BEST protection against offline brute force attacks?

A. MD5
B. 3DES
C. AES
D. SHA-1

Correct Answer:
C. AES