CompTIA Security+ SY0-501 Exam Questions and Answers – Page 7

The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.

CompTIA Security+ (SY0-501) Exam Questions and Answers
CompTIA Security+ (SY0-501) Exam Questions and Answers

Exam Question 601

Which of the following technologies would be MOST appropriate to utilize when testing a new software patch before a company-wide deployment?

A. Cloud computing
B. Virtualization
C. Redundancy
D. Application control

Correct Answer:
B. Virtualization

Exam Question 602

A system administrator needs to implement 802.1x whereby when a user logs into the network, the authentication server communicates to the network switch and assigns the user to the proper VLAN.
Which of the following protocols should be used?

A. RADIUS
B. Kerberos
C. LDAP
D. MSCHAP

Correct Answer:
A. RADIUS

Exam Question 603

A security administrator is developing training for corporate users on basic security principles for personal email accounts.
Which of the following should be mentioned as the MOST secure way for password recovery?

A. Utilizing a single Qfor password recovery
B. Sending a PIN to a smartphone through text message
C. Utilizing CAPTCHA to avoid brute force attacks
D. Use a different e-mail address to recover password

Correct Answer:
B. Sending a PIN to a smartphone through text message

Exam Question 604

A company researched the root cause of a recent vulnerability in its software. It was determined that the vulnerability was the result of two updates made in the last release. Each update alone would not have resulted in the vulnerability.
In order to prevent similar situations in the future, the company should improve which of the following?

A. Change management procedures
B. Job rotation policies
C. Incident response management
D. Least privilege access controls

Correct Answer:
A. Change management procedures

Exam Question 605

An administrator is testing the collision resistance of different hashing algorithms.
Which of the following is the strongest collision resistance test?

A. Find two identical messages with different hashes
B. Find two identical messages with the same hash
C. Find a common has between two specific messages
D. Find a common hash between a specific message and a random message

Correct Answer:
A. Find two identical messages with different hashes

Exam Question 606

Which of the following should be used to implement voice encryption?

A. SSLv3
B. VDSL
C. SRTP
D. VoIP

Correct Answer:
C. SRTP

Exam Question 607

During an application design, the development team specifics a LDAP module for single sign-on communication with the company’s access control database.
This is an example of which of the following?

A. Application control
B. Data in-transit
C. Identification
D. Authentication

Correct Answer:
D. Authentication

Exam Question 608

A company exchanges information with a business partner. An annual audit of the business partner is conducted against the SLA in order to verify:

A. Performance and service delivery metrics
B. Backups are being performed and tested
C. Data ownership is being maintained and audited
D. Risk awareness is being adhered to and enforced

Correct Answer:
A. Performance and service delivery metrics

Exam Question 609

Having adequate lighting on the outside of a building is an example of which of the following security controls?

A. Deterrent
B. Compensating
C. Detective
D. Preventative

Correct Answer:
A. Deterrent

Exam Question 610

An organization is working with a cloud services provider to transition critical business applications to a hybrid cloud environment. The organization retains sensitive customer data and wants to ensure the provider has sufficient administrative and logical controls in place to protect its data.
In which of the following documents would this concern MOST likely be addressed?

A. Service level agreement
B. Interconnection security agreement
C. Non-disclosure agreement
D. Business process analysis

Correct Answer:
A. Service level agreement