The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.
Exam Question 551
Which of the following cryptographic attacks would salting of passwords render ineffective?
A. Brute force
B. Dictionary
C. Rainbow tables
D. Birthday
Correct Answer:
C. Rainbow tables
Exam Question 552
An incident responder receives a call from a user who reports a computer is exhibiting symptoms consistent with a malware infection. Which of the following steps should the responder perform NEXT?
A. Capture and document necessary information to assist in the response.
B. Request the user capture and provide a screenshot or recording of the symptoms.
C. Use a remote desktop client to collect and analyze the malware in real time.
D. Ask the user to back up files for later recovery.
Correct Answer:
A. Capture and document necessary information to assist in the response.
Exam Question 553
Which of the following specifically describes the exploitation of an interactive process to access otherwise restricted areas of the OS?
A. Privilege escalation
B. Pivoting
C. Process affinity
D. Buffer overflow
Correct Answer:
A. Privilege escalation
Exam Question 554
After a user reports stow computer performance, a systems administrator detects a suspicious file, which was installed as part of a freeware software package.
The systems administrator reviews the output below:
The systems administrator reviews the output below
Based on the above information, which of the following types of malware was installed on the user’s computer?
A. RAT
B. Keylogger
C. Spyware
D. Worm
E. Bot
Correct Answer:
A. RAT
Exam Question 555
When systems, hardware, or software are not supported by the original vendor, it is a vulnerability known as:
A. system sprawl
B. end-of-life systems
C. resource exhaustion
D. a default configuration
Correct Answer:
B. end-of-life systems
Exam Question 556
Which of the following would MOST likely appear in an uncredentialed vulnerability scan?
A. Self-signed certificates
B. Missing patches
C. Auditing parameters
D. Inactive local accounts
Correct Answer:
D. Inactive local accounts
Exam Question 557
When identifying a company’s most valuable assets as part of a BIA, which of the following should be the FIRST priority?
A. Life
B. Intellectual property
C. Sensitive data
D. Public reputation
Correct Answer:
A. Life
Exam Question 558
An organization needs to implement a large PKI. Network engineers are concerned that repeated transmission of the OCSP will impact network performance. Which of the following should the security analyst recommend is lieu of an OCSP?
A. CSR
B. CRL
C. CA
D. OID
Correct Answer:
B. CRL
Exam Question 559
An analyst is reviewing a simple program for potential security vulnerabilities before being deployed to a Windows server. Given the following code:
An analyst is reviewing a simple program for potential security vulnerabilities before being deployed to a Windows server
Which of the following vulnerabilities is present?
A. Bad memory pointer
B. Buffer overflow
C. Integer overflow
D. Backdoor
Correct Answer:
B. Buffer overflow
Exam Question 560
A wireless network uses a RADIUS server that is connected to an authenticator, which in turn connects to a supplicant. Which of the following represents the authentication architecture in use?
A. Open systems authentication
B. Captive portal
C. RADIUS federation
D. 802.1x
Correct Answer:
D. 802.1x