The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.
Exam Question 691
A user is unable to open a file that has a grayed-out icon with a lock. The user receives a pop-up message indicating that payment must be sent in Bitcoin to unlock the file. Later in the day, other users in the organization lose the ability to open files on the server.
Which of the following has MOST likely occurred? (Choose three.)
A. Crypto-malware
B. Adware
C. Botnet attack
D. Virus
E. Ransomware
F. Backdoor
G. DDoS attack
Correct Answer:
A. Crypto-malware
D. Virus
E. Ransomware
Exam Question 692
Which of the following types of security testing is the MOST cost-effective approach used to analyze existing code and identity areas that require patching?
A. Black box
B. Gray box
C. White box
D. Red team
E. Blue team
Correct Answer:
C. White box
Exam Question 693
Upon learning about a user who has reused the same password for the past several years, a security specialist reviews the logs. The following is an extraction of the report after the most recent password change requirement:
The following is an extraction of the report after the most recent password change requirement
Which of the following security controls is the user’s behavior targeting?
A. Password expiration
B. Password history
C. Password complexity
D. Password reuse
Correct Answer:
B. Password history
Exam Question 694
A company utilizes 802.11 for all client connectivity within a facility. Users in one part of the building are reporting they are unable to access company resources when connected to the company SSID.
Which of the following should the security administrator use to assess connectivity?
A. Sniffer
B. Honeypot
C. Routing tables
D. Wireless scanner
Correct Answer:
C. Routing tables
Exam Question 695
Which of the following strategies helps reduce risk if a rollback is needed when upgrading a critical system platform?
A. Non-persistent configuration
B. Continuous monitoring
C. Firmware updates
D. Fault tolerance
Correct Answer:
A. Non-persistent configuration
Exam Question 696
A security analyst monitors the syslog server and notices the following:
A security analyst monitors the syslog server and notices the following
A. Memory leak
B. Buffer overflow
C. Null pointer deference
D. Integer overflow
Correct Answer:
B. Buffer overflow
Exam Question 697
Which of the following is an example of resource exhaustion?
A. A penetration tester requests every available IP address from a DHCP server.
B. An SQL injection attack returns confidential data back to the browser.
C. Server CPU utilization peaks at 100% during the reboot process.
D. System requirements for a new software package recommend having 12GB of RAM, but only BGB are available.
Correct Answer:
A. A penetration tester requests every available IP address from a DHCP server.
Exam Question 698
A security consultant is setting up a new electronic messaging platform and wants to ensure the platform supports message integrity validation.
Which of the following protocols should the consultant recommend?
A. S/MIME
B. DNSSEC
C. RADIUS
D. 802.11x
Correct Answer:
A. S/MIME
Exam Question 699
A company wishes to move all of its services and applications to a cloud provider but wants to maintain full control of the deployment, access, and provisions of its services to its users.
Which of the following BEST represents the required cloud deployment model?
A. SaaS
B. IaaS
C. MaaS
D. Hybrid
E. Private
Correct Answer:
A. SaaS
Exam Question 700
A security technician has been given the task of preserving emails that are potentially involved in a dispute between a company and a contractor.
Which of the following BEST describes this forensic concept?
A. Legal hold
B. Chain of custody
C. Order of volatility
D. Data acquisition
Correct Answer:
A. Legal hold