CompTIA Security+ SY0-501 Exam Questions and Answers – Page 8

The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.

CompTIA Security+ (SY0-501) Exam Questions and Answers
CompTIA Security+ (SY0-501) Exam Questions and Answers

Exam Question 701

A salesperson often uses a USB drive to save and move files from a corporate laptop. The coprorate laptop was recently updated, and now the files on the USB are read-only. Which of the following was recently added to the laptop?

A. Antivirus software
B. File integrity check
C. HIPS
D. DLP

Correct Answer:
D. DLP

Exam Question 702

Which of the following terms BEST describes an exploitable vulnerability that exists but has not been publicly disclosed yet?

A. Design weakness
B. Zero-day
C. Logic bomb
D. Trojan

Correct Answer:
B. Zero-day

Exam Question 703

A company has migrated to two-factor authentication for accessing the corporate network, VPN, and SSO.
Several legacy applications cannot support multifactor authentication and must continue to use usernames and passwords. Which of the following should be implemented to ensure the legacy applications are as secure as possible while ensuring functionality? (Choose two.)

A. Priveleged accounts
B. Password reuse restrictions
C. Password complexity requirements
D. Password recovery
E. Account disablement

Correct Answer:
C. Password complexity requirements
E. Account disablement

Exam Question 704

A recent penetration test revealed several issues with a public-facing website used by customers. The testers were able to:

  • Enter long lines of code and special characters
  • Crash the system
  • Gain unauthorized access to the internal application server
  • Map the internal network

The development team has stated they will need to rewrite a significant portion of the code used, and it will take more than a year to deliver the finished product. Which of the following would be the BEST solution to introduce in the interim?

A. Content fileting
B. WAF
C. TLS
D. IPS/IDS
E. UTM

Correct Answer:
E. UTM

Exam Question 705

Management wants to ensure any sensitive data on company-provided cell phones is isolated in a single location that can be remotely wiped if the phone is lost. Which of the following technologies BEST meets this need?

A. Geofencing
B. Containerization
C. Device encryption
D. Sandboxing

Correct Answer:
B. Containerization

Exam Question 706

A company is planning to utilize its legacy desktop systems by converting them into dummy terminals and moving all heavy applications and storage to a centralized server that hosts all of the company’s required desktop applications. Which of the following describes the BEST deployment method to meet these requirements?

A. IaaS
B. VM sprawl
C. VDI
D. PaaS

Correct Answer:
C. VDI

Exam Question 707

Joe, a user, reports to the help desk that he can no longer access any documents on his PC. He states that he saw a window appear on the screen earlier, but he closed it without reading it. Upon investigation, the technician sees high disk activity on Joe’s PC. Which of the following types of malware is MOST likely indicated by these findings?

A. Keylogger
B. Trojan
C. Rootkit
D. Crypto-malware

Correct Answer:
D. Crypto-malware

Exam Question 708

Ann, a new employee, received an email from an unknown source indicating she needed to click on the provided link to update her company’s profile. Once Ann clicked the link, a command prompt appeared with the following output:
c:\Users\Ann\Documents\File1.pgp
c:\Users\Ann\Documents\AdvertisingRepot.pgp
c:\Users\Ann\Documents\FinancialReport.pgp

Which of the following types of malware was executed?

A. Ransomware
B. Adware
C. Spyware
D. Virus

Correct Answer:
D. Virus

Exam Question 709

Which of the following BEST describes an important security advantage yielded by implementing vendor diversity?

A. Sustainability
B. Homogeneity
C. Resiliency
D. Configurability

Correct Answer:
C. Resiliency

Exam Question 710

In a corporation where compute utilization spikes several times a year, the Chief Information Officer (CIO) has requested a cost-effective architecture to handle the variable capacity demand. Which of the following characteristics BEST describes what the CIO has requested?

A. Elasticity
B. Scalability
C. High availability
D. Redundancy

Correct Answer:
A. Elasticity
Answer Description:
Elasticity is defined as “the degree to which a system is able to adapt to workload changes by provisioning and de-provisioning resources in an autonomic manner, such that at each point in time the available resources match the current demand as closely as possible”.