The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.
Exam Question 861
The Chief Executive Officer (CEO) of an organization would like staff members to have the flexibility to work from home anytime during business hours, including during a pandemic or crisis. However, the CEO is concerned that some staff members may take advantage of the flexibility and work from high-risk countries while on holiday or outsource work to a third-party organization in another country. The Chief Information Officer (CIO) believes the company can implement some basic controls to mitigate the majority of the risk.
Which of the following would be BEST to mitigate the CEO’s concerns? (Choose two.)
A. Geolocation
B. Time-of-day restrictions
C. Certificates
D. Tokens
E. Geotagging
F. Role-based access controls
Correct Answer:
A. Geolocation
B. Time-of-day restrictions
Exam Question 862
Which of the following scenarios would make a DNS sinkhole effective in thwarting an attack?
A. An attacker is sniffing traffic to port 53, and the server is managed using unencrypted usernames and passwords.
B. An organization is experiencing excessive traffic on port 53 and suspects an attacker is trying to DoS the domain name server.
C. Malware is trying to resolve an unregistered domain name to determine if it is running in an isolated sandbox.
D. DNS routing tables have been compromised, and an attacker is rerouting traffic to malicious websites.
Correct Answer:
D. DNS routing tables have been compromised, and an attacker is rerouting traffic to malicious websites.
Exam Question 863
While reviewing the wireless router, the systems administrator of a small business determines someone is spoofing the MAC address of an authorized device. Given the table below:
While reviewing the wireless router, the systems administrator of a small business determines someone is spoofing the MAC address of an authorized device.
Which of the following should be the administrator’s NEXT step to detect if there is a rogue system without impacting availability?
A. Conduct a ping sweep.
B. Physically check each system.
C. Deny Internet access to the “UNKNOWN” hostname.
D. Apply MAC filtering.
Correct Answer:
A. Conduct a ping sweep.
Exam Question 864
A university is opening a facility in a location where there is an elevated risk of theft. The university wants to protect the desktops in its classrooms and labs. Which of the following should the university use to BEST protect these assets deployed in the facility?
A. Visitor logs
B. Cable locks
C. Guards
D. Disk encryption
E. Motion detection
Correct Answer:
B. Cable locks
Exam Question 865
Which of the following is the primary reason for implementing layered security measures in a cybersecurity architecture?
A. It increases the number of controls required to subvert a system
B. It decreases the time a CERT has to respond to a security incident.
C. It alleviates problems associated with EOL equipment replacement.
D. It allows for bandwidth upgrades to be made without user disruption.
Correct Answer:
A. It increases the number of controls required to subvert a system
Exam Question 866
Which of the following explains why a vulnerability scan might return a false positive?
A. The scan is performed at a time of day when the vulnerability does not exist.
B. The test is performed against the wrong host.
C. The signature matches the product but not the version information.
D. The hosts are evaluated based on an OS-specific profile.
Correct Answer:
A. The scan is performed at a time of day when the vulnerability does not exist.
Exam Question 867
Which of the following policies would help an organization identify and mitigate potential single points of failure in the company’s IT/security operations?
A. Least privilege
B. Awareness training
C. Separation of duties
D. Mandatory vacation
Correct Answer:
C. Separation of duties
Exam Question 868
Which of the following may indicate a configuration item has reached end-of-life?
A. The device will no longer turn on and indicated an error.
B. The vendor has not published security patches recently.
C. The object has been removed from the Active Directory.
D. Logs show a performance degradation of the component.
Correct Answer:
B. The vendor has not published security patches recently.
Exam Question 869
Using an ROT13 cipher to protect confidential information for unauthorized access is known as:
A. steganography.
B. obfuscation.
C. non-repudiation.
D. diffusion.
Correct Answer:
B. obfuscation.
Exam Question 870
A company is implementing a tool to mask all PII when moving data from a production server to a testing server. Which of the following security techniques is the company applying?
A. Data wiping
B. Steganography
C. Data obfuscation
D. Data sanitization
Correct Answer:
C. Data obfuscation