The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.
Question 801: Which of the following is the MOST significant difference between intrusive and non-intrusive vulnerability scanning?
A. One uses credentials, but the other does not.
B. One has a higher potential for disrupting system operations.
C. One allows systems to activate firewall countermeasures.
D. One returns service banners, including running versions.
Question 802: A security analyst is running a credential-based vulnerability scanner on a Windows host. The vulnerability scanner is using the protocol NetBIOS over TCP/IP to connect to various systems, However, the scan does not return any results. To address the issue, the analyst should ensure that which of the following default ports is open on systems?
Question 803: A network administrator is implementing multifactor authentication for employees who travel and use company devices remotely by using the company VPN. Which of the following would provide the required level of authentication?
A. 802.1X and OTP
B. Fingerprint scanner and voice recognition
C. RBAC and PIN
D. Username/Password and TOTP
Question 804: A preventive control differs from a compensating control in that a preventive control is:
A. put in place to mitigate a weakness in a user control.
B. deployed to supplement an existing control that is EOL.
C. relied on to address gaps in the existing control structure.
D. designed to specifically mitigate a risk.
Question 805: A security administrator is investigating a report that a user is receiving suspicious emails. The user’s machine has an old functioning modem installed. Which of the following security concerns need to be identified and mitigated? (Choose two.)
C. Spear phishing
E. War dialing
E. War dialing
Question 806: Which of the following is unique to a stream cipher?
A. It encrypt 128 bytes at a time.
B. It uses AES encryption.
C. It performs bit-level encryption.
D. It is used in HTTPS.
Question 807: A company moved into a new building next to a sugar mill. Cracks have been discovered in the walls of the server room, which is located on the same side as the sugar mill loading docks. The cracks are believed to have been caused by heavy trucks. Moisture has begun to seep into the server room, causing extreme humidification problems and equipment failure. Which of the following BEST describes the type of threat the organization faces?
Question 808: Which of the following represents a multifactor authentication system?
A. An iris scanner coupled with a palm print reader and fingerprint scanner with liveness detection.
B. A secret passcode that prompts the user to enter a secret key if entered correctly.
C. A digital certificate on a physical token that is unlocked with a secret passcode.
D. A one-time password token combined with a proximity badge.
Question 809: An administrator is disposing of media that contains sensitive information. Which of the following will provide the MOST effective method to dispose of the media while ensuring the data will be unrecoverable?
A. Wipe the hard drive.
B. Shred the hard drive.
C. Sanitize all of the data.
D. Degauss the hard drive.
Question 810: Which of the following documents would provide specific guidance regarding ports and protocols that should be disabled on an operating system?
A. Regulatory requirements
B. Secure configuration guide
C. Application installation guides
D. User manuals
Keyword: SY0-501 Free Exam Dumps, SY0-501 Exam Questions, SY0-501 Exam Dumps, SY0-501 Braindumps, SY0-501 Real Questions, SY0-501 Practice Test, SY0-501 Practice Exam, SY0-501 Free Test, SY0-501 Free Questions, SY0-501 Real Exam Questions and Answers, SY0-501 VCE Dumps, SY0-501 ETE Dumps, SY0-501 PDF Dumps, and SY0-501 Study Guide.