CompTIA Security+ SY0-501 Exam Questions and Answers – Page 5

The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.

Exam Question 431

A security administrator is investigating many recent incidents of credential theft for users accessing the company’s website, despite the hosting web server requiring HTTPS for access. The server’s logs show the website leverages the HTTP POST method for carrying user authentication details.
Which of the following is the MOST likely reason for compromise?

A. The HTTP POST method is not protected by HTTPS.
B. The web server is running a vulnerable SSL configuration.
C. The HTTP response is susceptible to sniffing.
D. The company doesn’t support DNSSEC.

Correct Answer:
A. The HTTP POST method is not protected by HTTPS.

Exam Question 432

A manager makes an unannounced visit to the marketing department and performs a walk-through of the office. The manager observes unclaimed documents on printers. A closer look at these documents reveals employee names, addresses, ages, birth dates, marital/dependent statuses, and favorite ice cream flavors.
The manager brings this to the attention of the marketing department head. The manager believes this information to be PII, but the marketing head does not agree. Having reached a stalemate, which of the following is the MOST appropriate action to take NEXT?

A. Elevate to the Chief Executive Officer (CEO) for redress; change from the top down usually succeeds.
B. Find the privacy officer in the organization and let the officer act as the arbiter.
C. Notify employees whose names are on these files that their personal information is being compromised.
D. To maintain a working relationship with marketing, quietly record the incident in the risk register.

Correct Answer:
B. Find the privacy officer in the organization and let the officer act as the arbiter.

Exam Question 433

A security administrator is implementing a secure method that allows developers to place files or objects onto a Linux server. Developers are required to log in using a username, password, and asymmetric key.
Which of the following protocols should be implemented?

A. SSL/TLS
B. SFTP
C. SRTP
D. IPSec

Correct Answer:
B. SFTP

Exam Question 434

Which of the following BEST describes the purpose of authorization?

A. Authorization provides logging to a resource and comes after authentication.
B. Authorization provides authentication to a resource and comes after identification.
C. Authorization provides identification to a resource and comes after authentication.
D. Authorization provides permissions to a resource and comes after authentication.

Correct Answer:
D. Authorization provides permissions to a resource and comes after authentication.

Exam Question 435

A security analyst is emailing PII in a spreadsheet file to an audit validator for after-actions related to a security assessment. The analyst must make sure the PII data is protected with the following minimum requirements:

  • Ensure confidentiality at rest.
  • Ensure the integrity of the original email message.

Which of the following controls would ensure these data security requirements are carried out?

A. Encrypt and sign the email using S/MIME.
B. Encrypt the email and send it using TLS.
C. Hash the email using SHA-1.
D. Sign the email using MD5.

Correct Answer:
A. Encrypt and sign the email using S/MIME.

Exam Question 436

The network information for a workstation is as follows:
IP Address/Subnet Mask: 172.16.17.200/24
Default Gateway: 172.16.17.254
DNS Server: 172.16.17.254
When the workstation’s user attempts to access www.example.com, the URL that actually opens is www.notexample.com. The user successfully connects to several other legitimate URLs. Which of the following have MOST likely occurred? (Choose two.)

A. ARP poisoning
B. Buffer overflow
C. DNS poisoning
D. Domain hijacking
E. IP spoofing

Correct Answer:
C. DNS poisoning
D. Domain hijacking

Exam Question 437

A security technician has been assigned data destruction duties. The hard drives that are being disposed of contain highly sensitive information. Which of the following data destruction techniques is MOST appropriate?

A. Degaussing
B. Purging
C. Wiping
D. Shredding

Correct Answer:
D. Shredding

Exam Question 438

Which of the following BEST explains how the use of configuration templates reduces organization risk?

A. It ensures consistency of configuration for initial system implementation.
B. It enables system rollback to a last known-good state if patches break functionality.
C. It facilitates fault tolerance since applications can be migrated across templates.
D. It improves vulnerability scanning efficiency across multiple systems.

Correct Answer:
A. It ensures consistency of configuration for initial system implementation.

Exam Question 439

Which of the following should a technician use to protect a cellular phone that is needed for an investigation, to ensure the data will not be removed remotely?

A. Air gap
B. Secure cabinet
C. Faraday cage
D. Safe

Correct Answer:
C. Faraday cage

Exam Question 440

While reviewing system logs, a security analyst notices that a large number of end users are changing their passwords four times on the day the passwords are set to expire. The analyst suspects they are cycling their passwords to circumvent current password controls. Which of the following would provide a technical control to prevent this activity from occurring?

A. Set password aging requirements.
B. Increase the password history from three to five.
C. Create an AUP that prohibits password reuse.
D. Implement password complexity requirements.

Correct Answer:
A. Set password aging requirements.