The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.
CompTIA Security+ (SY0-501) Exam Questions and Answers
Exam Question 701
A salesperson often uses a USB drive to save and move files from a corporate laptop. The coprorate laptop was recently updated, and now the files on the USB are read-only. Which of the following was recently added to the laptop?
A. Antivirus software
B. File integrity check
C. HIPS
D. DLP
Correct Answer:
D. DLP
Exam Question 702
Which of the following terms BEST describes an exploitable vulnerability that exists but has not been publicly disclosed yet?
A. Design weakness
B. Zero-day
C. Logic bomb
D. Trojan
Correct Answer:
B. Zero-day
Exam Question 703
A company has migrated to two-factor authentication for accessing the corporate network, VPN, and SSO.
Several legacy applications cannot support multifactor authentication and must continue to use usernames and passwords. Which of the following should be implemented to ensure the legacy applications are as secure as possible while ensuring functionality? (Choose two.)
A. Priveleged accounts
B. Password reuse restrictions
C. Password complexity requirements
D. Password recovery
E. Account disablement
Correct Answer:
C. Password complexity requirements
E. Account disablement
Exam Question 704
A recent penetration test revealed several issues with a public-facing website used by customers. The testers were able to:
- Enter long lines of code and special characters
- Crash the system
- Gain unauthorized access to the internal application server
- Map the internal network
The development team has stated they will need to rewrite a significant portion of the code used, and it will take more than a year to deliver the finished product. Which of the following would be the BEST solution to introduce in the interim?
A. Content fileting
B. WAF
C. TLS
D. IPS/IDS
E. UTM
Correct Answer:
E. UTM
Exam Question 705
Management wants to ensure any sensitive data on company-provided cell phones is isolated in a single location that can be remotely wiped if the phone is lost. Which of the following technologies BEST meets this need?
A. Geofencing
B. Containerization
C. Device encryption
D. Sandboxing
Correct Answer:
B. Containerization
Exam Question 706
A company is planning to utilize its legacy desktop systems by converting them into dummy terminals and moving all heavy applications and storage to a centralized server that hosts all of the company’s required desktop applications. Which of the following describes the BEST deployment method to meet these requirements?
A. IaaS
B. VM sprawl
C. VDI
D. PaaS
Correct Answer:
C. VDI
Exam Question 707
Joe, a user, reports to the help desk that he can no longer access any documents on his PC. He states that he saw a window appear on the screen earlier, but he closed it without reading it. Upon investigation, the technician sees high disk activity on Joe’s PC. Which of the following types of malware is MOST likely indicated by these findings?
A. Keylogger
B. Trojan
C. Rootkit
D. Crypto-malware
Correct Answer:
D. Crypto-malware
Exam Question 708
Ann, a new employee, received an email from an unknown source indicating she needed to click on the provided link to update her company’s profile. Once Ann clicked the link, a command prompt appeared with the following output:
c:\Users\Ann\Documents\File1.pgp
c:\Users\Ann\Documents\AdvertisingRepot.pgp
c:\Users\Ann\Documents\FinancialReport.pgp
Which of the following types of malware was executed?
A. Ransomware
B. Adware
C. Spyware
D. Virus
Correct Answer:
D. Virus
Exam Question 709
Which of the following BEST describes an important security advantage yielded by implementing vendor diversity?
A. Sustainability
B. Homogeneity
C. Resiliency
D. Configurability
Correct Answer:
C. Resiliency
Exam Question 710
In a corporation where compute utilization spikes several times a year, the Chief Information Officer (CIO) has requested a cost-effective architecture to handle the variable capacity demand. Which of the following characteristics BEST describes what the CIO has requested?
A. Elasticity
B. Scalability
C. High availability
D. Redundancy
Correct Answer:
A. Elasticity
Answer Description:
Elasticity is defined as “the degree to which a system is able to adapt to workload changes by provisioning and de-provisioning resources in an autonomic manner, such that at each point in time the available resources match the current demand as closely as possible”.