CompTIA Security+ SY0-501 Exam Questions and Answers – Page 6

The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.

Exam Question 551

Which of the following cryptographic attacks would salting of passwords render ineffective?

A. Brute force
B. Dictionary
C. Rainbow tables
D. Birthday

Correct Answer:
C. Rainbow tables

Exam Question 552

An incident responder receives a call from a user who reports a computer is exhibiting symptoms consistent with a malware infection. Which of the following steps should the responder perform NEXT?

A. Capture and document necessary information to assist in the response.
B. Request the user capture and provide a screenshot or recording of the symptoms.
C. Use a remote desktop client to collect and analyze the malware in real time.
D. Ask the user to back up files for later recovery.

Correct Answer:
A. Capture and document necessary information to assist in the response.

Exam Question 553

Which of the following specifically describes the exploitation of an interactive process to access otherwise restricted areas of the OS?

A. Privilege escalation
B. Pivoting
C. Process affinity
D. Buffer overflow

Correct Answer:
A. Privilege escalation

Exam Question 554

After a user reports stow computer performance, a systems administrator detects a suspicious file, which was installed as part of a freeware software package.
The systems administrator reviews the output below:

The systems administrator reviews the output below
The systems administrator reviews the output below

Based on the above information, which of the following types of malware was installed on the user’s computer?

A. RAT
B. Keylogger
C. Spyware
D. Worm
E. Bot

Correct Answer:
A. RAT

Exam Question 555

When systems, hardware, or software are not supported by the original vendor, it is a vulnerability known as:

A. system sprawl
B. end-of-life systems
C. resource exhaustion
D. a default configuration

Correct Answer:
B. end-of-life systems

Exam Question 556

Which of the following would MOST likely appear in an uncredentialed vulnerability scan?

A. Self-signed certificates
B. Missing patches
C. Auditing parameters
D. Inactive local accounts

Correct Answer:
D. Inactive local accounts

Exam Question 557

When identifying a company’s most valuable assets as part of a BIA, which of the following should be the FIRST priority?

A. Life
B. Intellectual property
C. Sensitive data
D. Public reputation

Correct Answer:
A. Life

Exam Question 558

An organization needs to implement a large PKI. Network engineers are concerned that repeated transmission of the OCSP will impact network performance. Which of the following should the security analyst recommend is lieu of an OCSP?

A. CSR
B. CRL
C. CA
D. OID

Correct Answer:
B. CRL

Exam Question 559

An analyst is reviewing a simple program for potential security vulnerabilities before being deployed to a Windows server. Given the following code:

An analyst is reviewing a simple program for potential security vulnerabilities before being deployed to a Windows server
An analyst is reviewing a simple program for potential security vulnerabilities before being deployed to a Windows server

Which of the following vulnerabilities is present?

A. Bad memory pointer
B. Buffer overflow
C. Integer overflow
D. Backdoor

Correct Answer:
B. Buffer overflow

Exam Question 560

A wireless network uses a RADIUS server that is connected to an authenticator, which in turn connects to a supplicant. Which of the following represents the authentication architecture in use?

A. Open systems authentication
B. Captive portal
C. RADIUS federation
D. 802.1x

Correct Answer:
D. 802.1x

Published by Emma Watson

, an Information Technology Engineer By qualification who loves to write about Windows, macOS and technical solutions for various error and problems. Coming from a solid background in PC building and software development, with complete expertise in touch-based devices, I am constantly keeping an eye out for the latest and greatest!