The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.
Exam Question 621
Which of the following would enhance the security of accessing data stored in the cloud? (Select TWO)
A. Block level encryption
B. SAML authentication
C. Transport encryption
D. Multifactor authentication
E. Predefined challenge questions
F. Hashing
Correct Answer:
B. SAML authentication
D. Multifactor authentication
Exam Question 622
An audit has revealed that database administrators are also responsible for auditing database changes and backup logs.
Which of the following access control methodologies would BEST mitigate this concern?
A. Time of day restrictions
B. Principle of least privilege
C. Role-based access control
D. Separation of duties
Correct Answer:
D. Separation of duties
Exam Question 623
An external contractor, who has not been given information about the software or network architecture, is conducting a penetration test. Which of the following BEST describes the test being performed?
A. Black box
B. White box
C. Passive reconnaissance
D. Vulnerability scan
Correct Answer:
A. Black box
Exam Question 624
A security analyst has set up a network tap to monitor network traffic for vulnerabilities. Which of the following techniques would BEST describe the approach the analyst has taken?
A. Compliance scanning
B. Credentialed scanning
C. Passive vulnerability scanning
D. Port scanning
Correct Answer:
D. Port scanning
Exam Question 625
A company’s loss control department identifies theft as a recurring loss type over the past year. Based on the department’s report, the Chief Information Officer (CIO) wants to detect theft of datacenter equipment.
Which of the following controls should be implemented?
A. Biometrics
B. Cameras
C. Motion detectors
D. Mantraps
Correct Answer:
B. Cameras
Exam Question 626
While performing a penetration test, the technicians want their efforts to go unnoticed for as long as possible while they gather useful data about the network they are assessing.
Which of the following would be the BEST choice for the technicians?
A. Vulnerability scanner
B. Offline password cracker
C. Packet sniffer
D. Banner grabbing
Correct Answer:
C. Packet sniffer
Exam Question 627
A datacenter recently experienced a breach. When access was gained, an RF device was used to access an air-gapped and locked server rack. Which of the following would BEST prevent this type of attack?
A. Faraday cage
B. Smart cards
C. Infrared detection
D. Alarms
Correct Answer:
A. Faraday cage
Exam Question 628
A security analyst is working on a project that requires the implementation of a stream cipher. Which of the following should the analyst use?
A. Hash function
B. Elliptic curve
C. Symmetric algorithm
D. Public key cryptography
Correct Answer:
C. Symmetric algorithm
Exam Question 629
A security auditor is putting together a report for the Chief Executive Officer (CEO) on personnel security and its impact on the security posture of the whole organization. Which of the following would be the MOST important factor to consider when it comes to personnel security?
A. Insider threats
B. Privilege escalation
C. Hacktivist
D. Phishing through social media
E. Corporate espionage
Correct Answer:
A. Insider threats
Exam Question 630
Security administrators attempted corrective action after a phishing attack. Users are still experiencing trouble logging in, as well as an increase in account lockouts. Users’ email contacts are complaining of an increase in spam and social networking requests. Due to the large number of affected accounts, remediation must be accomplished quickly.
Which of the following actions should be taken FIRST? (Select TWO)
A. Disable the compromised accounts
B. Update WAF rules to block social networks
C. Remove the compromised accounts with all AD groups
D. Change the compromised accounts’ passwords
E. Disable the open relay on the email server
F. Enable sender policy framework
Correct Answer:
E. Disable the open relay on the email server
F. Enable sender policy framework
Answer Description:
Sender Policy Framework (SPF) is a simple email-validation system designed to detect email spoofing by providing a mechanism to allow receiving mail exchangers to check that incoming mail from a domain comes from a host authorized by that domain’s administrators.
In a Small Business Server environment, you may have to prevent your Microsoft Exchange Server-based server from being used as an open relay SMTP server for unsolicited commercial e-mail messages, or spam.
You may also have to clean up the Exchange server’s SMTP queues to delete the unsolicited commercial e- mail messages.
If your Exchange server is being used as an open SMTP relay, you may experience one or more of the following symptoms:
The Exchange server cannot deliver outbound SMTP mail to a growing list of e-mail domains. Internet browsing is slow from the server and from local area network (LAN) clients.
Free disk space on the Exchange server in the location of the Exchange information store databases or the Exchange information store transaction logs is reduced more rapidly than you expect.
The Microsoft Exchange information store databases spontaneously dismount. You may be able to manually mount the stores by using Exchange System Manager, but the stores may dismount on their own after they run for a short time. For more information, click the following article number to view the article in the Microsoft Knowledge Base.