CompTIA Security+ SY0-501 Exam Questions and Answers – Page 9

The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.

Exam Question 851

A junior systems administrator noticed that one of two hard drives in a server room had a red error notification. The administrator removed the hard drive to replace it but was unaware that the server was configured in an array. Which of the following configurations would ensure no data is lost?

A. RAID 0
B. RAID 1
C. RAID 2
D. RAID 3

Correct Answer:
B. RAID 1

Exam Question 852

Joe, a user at a company, clicked an email link that led to a website that infected his workstation. Joe was connected to the network, and the virus spread to the network shares. The protective measures failed to stop this virus, and it has continued to evade detection. Which of the following should a security administrator implement to protect the environment from this malware?

A. Install a definition-based antivirus.
B. Implement an IDS/IPS.
C. Implement a heuristic behavior-detection solution.
D. Implement CASB to protect the network shares.

Correct Answer:
B. Implement an IDS/IPS.

Exam Question 853

A systems administrator wants to replace the process of using a CRL to verify certificate validity. Which of the following would BEST suit the administrator’s needs?

A. OCSP
B. CSR
C. Key escrow
D. CA

Correct Answer:
A. OCSP

Exam Question 854

A network administrator was concerned during an audit that users were able to use the same passwords the day after a password change policy took effect. The following settings are in place:

  • Users must change their passwords every 30 days.
  • Users cannot reuse the last 10 passwords.

Which of the following settings would prevent users from being able to immediately reuse the same passwords?

A. Minimum password age of five days
B. Password history of ten passwords
C. Password length greater than ten characters
D. Complex passwords must be used

Correct Answer:
A. Minimum password age of five days

Exam Question 855

After successfully breaking into several networks and infecting multiple machines with malware, hackers contact the network owners, demanding payment to remove the infection and decrypt files. The hackers threaten to publicly release information about the breach if they are not paid. Which of the following BEST describes these attackers?

A. Gray hat hackers
B. Organized crime
C. Insiders
D. Hacktivists

Correct Answer:
B. Organized crime

Exam Question 856

When implementing automation with IoT devices, which of the following should be considered FIRST to keep the network secure?

A. Z-Wave compatibility
B. Network range
C. Zigbee configuration
D. Communication protocols

Correct Answer:
D. Communication protocols

Exam Question 857

A local coffee shop runs a small WiFi hotspot for its customers that utilizes WPA2-PSK. The coffee shop would like to stay current with security trends and wants to implement WPA3 to make its WiFi even more secure. Which of the following technologies should the coffee shop use in place of PSK?

A. WEP
B. EAP
C. WPS
D. SAE

Correct Answer:
D. SAE

Exam Question 858

An organization just experienced a major cyberattack incident. The attack was well coordinated, sophisticated, and highly skilled. Which of the following targeted the organization?

A. Shadow IT
B. An insider threat
C. A hacktivist
D. An advanced persistent threat

Correct Answer:
D. An advanced persistent threat

Exam Question 859

Which of the following describes the ability of code to target a hypervisor from inside a guest OS?

A. Fog computing
B. VM escape
C. Software-defined networking
D. Image forgery
E. Container breakout

Correct Answer:
B. VM escape

Exam Question 860

A systems administrator needs to install the same X.509 certificate on multiple servers. Which of the following should the administrator use?

A. Key escrow
B. A self-signed certificate
C. Certificate chaining
D. An extended validation certificate

Correct Answer:
D. An extended validation certificate