The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.
Exam Question 641
A security engineer is configuring a wireless network with EAP-TLS. Which of the following activities is a requirement for this configuration?
A. Setting up a TACACS+ server
B. Configuring federation between authentication servers
C. Enabling TOTP
D. Deploying certificates to endpoint devices
Correct Answer:
D. Deploying certificates to endpoint devices
Exam Question 642
A systems administrator wants to generate a self-signed certificate for an internal website.
Which of the following steps should the systems administrator complete prior to installing the certificate on the server?
A. Provide the private key to a public CA.
B. Provide the public key to the internal CA.
C. Provide the public key to a public CA.
D. Provide the private key to the internal CA.
E. Provide the public/private key pair to the internal CA
F. Provide the public/private key pair to a public CA.
Correct Answer:
D. Provide the private key to the internal CA.
Exam Question 643
Which of the following controls allows a security guard to perform a post-incident review?
A. Detective
B. Preventive
C. Corrective
D. Deterrent
Correct Answer:
C. Corrective
Exam Question 644
After attempting to harden a web server, a security analyst needs to determine if an application remains vulnerable to SQL injection attacks.
Which of the following would BEST assist the analyst in making this determination?
A. tracert
B. Fuzzer
C. nslookup
D. Nmap
E. netcat
Correct Answer:
B. Fuzzer
Exam Question 645
Which of the following describes the key difference between vishing and phishing attacks?
A. Phishing is used by attackers to steal a person’s identity.
B. Vishing attacks require some knowledge of the target of attack.
C. Vishing attacks are accomplished using telephony services.
D. Phishing is a category of social engineering attack.
Correct Answer:
C. Vishing attacks are accomplished using telephony services.
Exam Question 646
Which of the following components of printers and MFDs are MOST likely to be used as vectors of compromise if they are improperly configured?
A. Embedded web server
B. Spooler
C. Network interface
D. LCD control panel
Correct Answer:
A. Embedded web server
Exam Question 647
A technician receives a device with the following anomalies:
- Frequent pop-up ads
- Show response-time switching between active programs Unresponsive peripherals
The technician reviews the following log file entries:
File Name Source MD5 Target MD5
Status
antivirus.exe F794F21CD33E4F57890DDEA5CF267ED2 F794F21CD33E4F57890DDEA5CF267ED2
Automatic iexplore.exe 7FAAF21CD33E4F57890DDEA5CF29CCEA
AA87F21CD33E4F57890DDEAEE2197333 Automatic service.exe
77FF390CD33E4F57890DDEA5CF28881F 77FF390CD33E4F57890DDEA5CF28881F Manual USB.exe
E289F21CD33E4F57890DDEA5CF28EDC0 E289F21CD33E4F57890DDEA5CF28EDC0 Stopped
Based on the above output, which of the following should be reviewed?
A. The web application firewall
B. The file integrity check
C. The data execution prevention
D. The removable media control
Correct Answer:
B. The file integrity check
Exam Question 648
When it comes to cloud computing, if one of the requirements for a project is to have the most control over the systems in the cloud, which of the following is a service model that would be BEST suited for this goal?
A. Infrastructure
B. Platform
C. Software
D. Virtualization
Correct Answer:
A. Infrastructure
Exam Question 649
The help desk received a call after hours from an employee who was attempting to log into the payroll server remotely. When the help desk returned the call the next morning, the employee was able to log into the server remotely without incident. However, the incident occurred again the next evening.
Which of the following BEST describes the cause of the issue?
A. The password expired on the account and needed to be reset
B. The employee does not have the rights needed to access the database remotely
C. Time-of-day restrictions prevented the account from logging in
D. The employee’s account was locked out and needed to be unlocked
Correct Answer:
C. Time-of-day restrictions prevented the account from logging in
Exam Question 650
An analyst receives an alert from the SIEM showing an IP address that does not belong to the assigned network can be seen sending packets to the wrong gateway.
Which of the following network devices is misconfigured and which of the following should be done to remediate the issue?
A. Firewall; implement an ACL on the interface
B. Router; place the correct subnet on the interface
C. Switch; modify the access port to trunk port
D. Proxy; add the correct transparent interface
Correct Answer:
B. Router; place the correct subnet on the interface