The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.
Exam Question 771
Joe, a contractor, is hired by a firm to perform a penetration test against the firm’s infrastructure. When conducting the scan, he receives only the network diagram and the network list to scan against the network.
Which of the following scan types is Joe performing?
A. Authenticated
B. White box
C. Automated
D. Gray box
Correct Answer:
D. Gray box
Exam Question 772
Which of the following needs to be performed during a forensics investigation to ensure the data contained in a drive image has not been compromised?
A. Follow the proper chain of custody procedures.
B. Compare the image hash to the original hash.
C. Ensure a legal hold has been placed on the image.
D. Verify the time offset on the image file.
Correct Answer:
B. Compare the image hash to the original hash.
Exam Question 773
A security administrator is analyzing a user report in which the computer exhibits odd network-related outages. The administrator, however, does not see any suspicious process running. A prior technician’s notes indicate the machine has been remediated twice, but the system still exhibits odd behavior. Files were deleted from the system recently.
Which of the following is the MOST likely cause of this behavior?
A. Crypto-malware
B. Rootkit
C. Logic bomb
D. Session hijacking
Correct Answer:
B. Rootkit
Exam Question 774
A security administrator is creating a risk assessment with regard to how to harden internal communications in transit between servers.
Which of the following should the administrator recommend in the report?
A. Configure IPSec in transport mode.
B. Configure server-based PKI certificates.
C. Configure the GRE tunnel.
D. Configure a site-to-site tunnel.
Correct Answer:
B. Configure server-based PKI certificates.
Exam Question 775
A security specialist is notified about a certificate warning that users receive when using a new internal website. After being given the URL from one of the users and seeing the warning, the security specialist inspects the certificate and realizes it has been issued to the IP address, which is how the developers reach the site.
Which of the following would BEST resolve the issue?
A. OSCP
B. OID
C. PEM
D. SAN
Correct Answer:
A. OSCP
Exam Question 776
A technician has installed a new AAA server, which will be used by the network team to control access to a company’s routers and switches. The technician completes the configuration by adding the network team members to the NETWORK_TEAM group, and then adding the NETWORK_TEAM group to the appropriate ALLOW_ACCESS access list. Only members of the network team should have access to the company’s routers and switches.
NETWORK_TEAM
Lee
Andrea
Pete
ALLOW_ACCESS
Domain_USERS
AUTHENTICATED_USERS
NETWORK_TEAM
Members of the network team successfully test their ability to log on to various network devices configured to use the AAA server. Weeks later, an auditor asks to review the following access log sample:
5/26/2017 10:20 PERMIT: LEE
5/27/2017 13:45 PERMIT: ANDREA
5/25/2017 09:12 PERMIT: LEE
5/28/2017 16:37 PERMIT: JOHN
5/29/2017 08:53 PERMIT: LEE
Which of the following should the auditor recommend based on the above information?
A. Configure the ALLOW_ACCESS group logic to use AND rather than OR.
B. Move the NETWORK_TEAM group to the top of the ALLOW_ACCESS access list.
C. Disable groups nesting for the ALLOW_ACCESS group in the AAA server.
D. Remove the DOMAIN_USERS group from ALLOW_ACCESS group.
Correct Answer:
D. Remove the DOMAIN_USERS group from ALLOW_ACCESS group.
Exam Question 777
Which of the following is a random value appended to a credential that makes the credential less susceptible to compromise when hashed?
A. Nonce
B. Salt
C. OTP
D. Block cipher
E. IV
Correct Answer:
B. Salt
Exam Question 778
A security analyst is hardening a web server, which should allow a secure certificate-based session using the organization’s PKI infrastructure. The web server should also utilize the latest security techniques and standards. Given this set of requirements, which of the following techniques should the analyst implement to BEST meet these requirements? (Choose two.)
A. Install an X- 509-compliant certificate.
B. Implement a CRL using an authorized CA.
C. Enable and configure TLS on the server.
D. Install a certificate signed by a public CA.
E. Configure the web server to use a host header.
Correct Answer:
A. Install an X- 509-compliant certificate.
C. Enable and configure TLS on the server.
Exam Question 779
An audit takes place after company-wide restricting, in which several employees changed roles. The following deficiencies are found during the audit regarding access to confidential data:
The following deficiencies are found during the audit regarding access to confidential data.
Which of the following would be the BEST method to prevent similar audit findings in the future?
A. Implement separation of duties for the payroll department.
B. Implement a DLP solution on the payroll and human resources servers.
C. Implement rule-based access controls on the human resources server.
D. Implement regular permission auditing and reviews.
Correct Answer:
D. Implement regular permission auditing and reviews.
Exam Question 780
Which of the following types of attacks precedes the installation of a rootkit on a server?
A. Pharming
B. DDoS
C. Privilege escalation
D. DoS
Correct Answer:
C. Privilege escalation