The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.
Exam Question 831
A systems administrator needs to install the same X.509 certificate on multiple servers. Which of the following should the administrator use?
A. Key escrow
B. A self-signed certificate
C. Certificate chaining
D. An extended validation certificate
Correct Answer:
D. An extended validation certificate
Exam Question 832
Which of the following scenarios would make a DNS sinkhole effective in thwarting an attack?
A. An attacker is sniffing traffic to port 53, and the server is managed using unencrypted usernames and passwords.
B. An organization is experiencing excessive traffic on port 53 and suspects an attacker is trying to DoS the domain name server.
C. Malware is trying to resolve an unregistered domain name to determine if it is running in an isolated sandbox.
D. DNS routing tables have been compromised, and an attacker is rerouting traffic to malicious websites.
Correct Answer:
D. DNS routing tables have been compromised, and an attacker is rerouting traffic to malicious websites.
Exam Question 833
While reviewing the wireless router, the systems administrator of a small business determines someone is spoofing the MAC address of an authorized device. Given the table below:
While reviewing the wireless router, the systems administrator of a small business determines someone is spoofing the MAC address of an authorized device.
Which of the following should be the administrator’s NEXT step to detect if there is a rogue system without impacting availability?
A. Conduct a ping sweep.
B. Physically check each system.
C. Deny Internet access to the “UNKNOWN” hostname.
D. Apply MAC filtering.
Correct Answer:
A. Conduct a ping sweep.
Exam Question 834
Which of the following is the primary reason for implementing layered security measures in a cybersecurity architecture?
A. It increases the number of controls required to subvert a system
B. It decreases the time a CERT has to respond to a security incident.
C. It alleviates problems associated with EOL equipment replacement.
D. It allows for bandwidth upgrades to be made without user disruption.
Correct Answer:
A. It increases the number of controls required to subvert a system
Exam Question 835
Which of the following attacks can be used to exploit a vulnerability that was created by untrained users?
A. A spear-phishing email with a file attachment.
B. A DoS using IoT devices
C. An evil twin wireless access point
D. A domain hijacking of a bank website
Correct Answer:
A. A spear-phishing email with a file attachment.
Exam Question 836
A company recently experienced a security incident in which its domain controllers were the target of a DoS attack. In which of the following steps should technicians connect domain controllers to the network and begin authenticating users again?
A. Preparation
B. Identification
C. Containment
D. Eradication
E. Recovery
F. Lessons learned
Correct Answer:
E. Recovery
Exam Question 837
Which of the following explains why a vulnerability scan might return a false positive?
A. The scan is performed at a time of day when the vulnerability does not exist.
B. The test is performed against the wrong host.
C. The signature matches the product but not the version information.
D. The hosts are evaluated based on an OS-specific profile.
Correct Answer:
A. The scan is performed at a time of day when the vulnerability does not exist.
Exam Question 838
An organization has implemented a two-step verification process to protect user access to data that is stored in the cloud. Each employee now uses an email address or mobile number to receive a code to access the data. Which of the following authentication methods did the organization implement?
A. Token key
B. Static code
C. Push notification
D. HOTP
Correct Answer:
D. HOTP
Exam Question 839
Which of the following policies would help an organization identify and mitigate potential single points of failure in the company’s IT/security operations?
A. Least privilege
B. Awareness training
C. Separation of duties
D. Mandatory vacation
Correct Answer:
C. Separation of duties
Exam Question 840
Which of the following may indicate a configuration item has reached end-of-life?
A. The device will no longer turn on and indicated an error.
B. The vendor has not published security patches recently.
C. The object has been removed from the Active Directory.
D. Logs show a performance degradation of the component.
Correct Answer:
B. The vendor has not published security patches recently.