The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.
Exam Question 761
A Chief Information Security Officer (CISO) asks the security architect to design a method for contractors to access the company’s internal network securely without allowing access to systems beyond the scope of their project. Which of the following methods would BEST fit the needs of the CISO?
A. VPN
B. PaaS
C. IaaS
D. VDI
Correct Answer:
A. VPN
Exam Question 762
As part of a corporate merger, two companies are combining resources. As a result, they must transfer files through the Internet in a secure manner. Which of the following protocols would BEST meet this objective? (Choose two.)
A. LDAPS
B. SFTP
C. HTTPS
D. DNSSEC
E. SRTP
Correct Answer:
B. SFTP
C. HTTPS
Exam Question 763
A company is deploying a file-sharing protocol access a network and needs to select a protocol for authenticating clients. Management requests that the service be configured in the most secure way possible. The protocol must also be capable of mutual authentication, and support SSO and smart card logons. Which of the following would BEST accomplish this task?
A. Store credentials in LDAP
B. Use NTLM authentication
C. Implement Kerberos
D. Use MSCHAP authentication
Correct Answer:
C. Implement Kerberos
Exam Question 764
After a security assessment was performed on the enterprise network, it was discovered that:
- Configuration changes have been made by users without the consent of IT.
- Network congestion has increased due to the use of social media.
- Users are accessing file folders and network shares that are beyond the scope of their need to know.
Which of the following BEST describe the vulnerabilities that exist in this environment? (Choose two.)
A. Poorly trained users
B. Misconfigured WAP settings
C. Undocumented assets
D. Improperly configured accounts
E. Vulnerable business processes
Correct Answer:
A. Poorly trained users
D. Improperly configured accounts
Exam Question 765
An organization wants to implement a method to correct risks at the system/application layer. Which of the following is the BEST method to accomplish this goal?
A. IDS/IPS
B. IP tunneling
C. Web application firewall
D. Patch management
Correct Answer:
C. Web application firewall
Exam Question 766
A member of the human resources department received the following email message after sending an email containing benefit and tax information to a candidate: “Your message has been quarantined for the following policy violation: external potential_PII. Please contact the IT security administrator for further details”.
Which of the following BEST describes why this message was received?
A. The DLP system flagged the message.
B. The mail gateway prevented the message from being sent to personal email addresses.
C. The company firewall blocked the recipient’s IP address.
D. The file integrity check failed for the attached files.
Correct Answer:
A. The DLP system flagged the message.
Exam Question 767
After discovering the /etc/shadow file had been rewritten, a security administrator noticed an application insecurely creating files in / tmp.
Which of the following vulnerabilities has MOST likely been exploited?
A. Privilege escalation
B. Resource exhaustion
C. Memory leak
D. Pointer dereference
Correct Answer:
A. Privilege escalation
Exam Question 768
A company is planning to build an internal website that allows for access to outside contracts and partners.
A majority of the content will only be to internal employees with the option to share.
Which of the following concepts is MOST appropriate?
A. VPN
B. Proxy
C. DMZ
D. Extranet
Correct Answer:
D. Extranet
Exam Question 769
A company has won an important government contract. Several employees have been transferred from their existing projects to support a new contract. Some of the employees who have transferred will be working long hours and still need access to their project information to transition work to their replacements.
Which of the following should be implemented to validate that the appropriate offboarding process has been followed?
A. Separation of duties
B. Time-of-day restrictions
C. Permission auditing
D. Mandatory access control
Correct Answer:
C. Permission auditing
Exam Question 770
Which of the following access management concepts is MOST closely associated with the use of a password or PIN??
A. Authorization
B. Authentication
C. Accounting
D. Identification
Correct Answer:
B. Authentication