CompTIA Security+ SY0-501 Exam Questions and Answers – Page 9

The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.

Exam Question 831

A systems administrator needs to install the same X.509 certificate on multiple servers. Which of the following should the administrator use?

A. Key escrow
B. A self-signed certificate
C. Certificate chaining
D. An extended validation certificate

Correct Answer:
D. An extended validation certificate

Exam Question 832

Which of the following scenarios would make a DNS sinkhole effective in thwarting an attack?

A. An attacker is sniffing traffic to port 53, and the server is managed using unencrypted usernames and passwords.
B. An organization is experiencing excessive traffic on port 53 and suspects an attacker is trying to DoS the domain name server.
C. Malware is trying to resolve an unregistered domain name to determine if it is running in an isolated sandbox.
D. DNS routing tables have been compromised, and an attacker is rerouting traffic to malicious websites.

Correct Answer:
D. DNS routing tables have been compromised, and an attacker is rerouting traffic to malicious websites.

Exam Question 833

While reviewing the wireless router, the systems administrator of a small business determines someone is spoofing the MAC address of an authorized device. Given the table below:

While reviewing the wireless router, the systems administrator of a small business determines someone is spoofing the MAC address of an authorized device.
While reviewing the wireless router, the systems administrator of a small business determines someone is spoofing the MAC address of an authorized device.

Which of the following should be the administrator’s NEXT step to detect if there is a rogue system without impacting availability?

A. Conduct a ping sweep.
B. Physically check each system.
C. Deny Internet access to the “UNKNOWN” hostname.
D. Apply MAC filtering.

Correct Answer:
A. Conduct a ping sweep.

Exam Question 834

Which of the following is the primary reason for implementing layered security measures in a cybersecurity architecture?

A. It increases the number of controls required to subvert a system
B. It decreases the time a CERT has to respond to a security incident.
C. It alleviates problems associated with EOL equipment replacement.
D. It allows for bandwidth upgrades to be made without user disruption.

Correct Answer:
A. It increases the number of controls required to subvert a system

Exam Question 835

Which of the following attacks can be used to exploit a vulnerability that was created by untrained users?

A. A spear-phishing email with a file attachment.
B. A DoS using IoT devices
C. An evil twin wireless access point
D. A domain hijacking of a bank website

Correct Answer:
A. A spear-phishing email with a file attachment.

Exam Question 836

A company recently experienced a security incident in which its domain controllers were the target of a DoS attack. In which of the following steps should technicians connect domain controllers to the network and begin authenticating users again?

A. Preparation
B. Identification
C. Containment
D. Eradication
E. Recovery
F. Lessons learned

Correct Answer:
E. Recovery

Exam Question 837

Which of the following explains why a vulnerability scan might return a false positive?

A. The scan is performed at a time of day when the vulnerability does not exist.
B. The test is performed against the wrong host.
C. The signature matches the product but not the version information.
D. The hosts are evaluated based on an OS-specific profile.

Correct Answer:
A. The scan is performed at a time of day when the vulnerability does not exist.

Exam Question 838

An organization has implemented a two-step verification process to protect user access to data that is stored in the cloud. Each employee now uses an email address or mobile number to receive a code to access the data. Which of the following authentication methods did the organization implement?

A. Token key
B. Static code
C. Push notification
D. HOTP

Correct Answer:
D. HOTP

Exam Question 839

Which of the following policies would help an organization identify and mitigate potential single points of failure in the company’s IT/security operations?

A. Least privilege
B. Awareness training
C. Separation of duties
D. Mandatory vacation

Correct Answer:
C. Separation of duties

Exam Question 840

Which of the following may indicate a configuration item has reached end-of-life?

A. The device will no longer turn on and indicated an error.
B. The vendor has not published security patches recently.
C. The object has been removed from the Active Directory.
D. Logs show a performance degradation of the component.

Correct Answer:
B. The vendor has not published security patches recently.