CompTIA Security+ SY0-501 Exam Questions and Answers – Page 9

The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.

Exam Question 871

A security analyst has received several reports of an issue on an internal web application. Users state they are having to provide their credentials twice to log in. The analyst checks with the application team and notes this is not an expected behavior. After looking at several logs, the analyst decides to run some commands on the gateway and obtains the following output:

fter looking at several logs, the analyst decides to run some commands on the gateway and obtains the following output.
fter looking at several logs, the analyst decides to run some commands on the gateway and obtains the following output.

Which of the following BEST describes the attack the company is experiencing?

A. MAC flooding
B. URL redirection
C. ARP poisoning
D. DNS hijacking

Correct Answer:
C. ARP poisoning

Exam Question 872

A technician needs to document which application versions are listening on open ports. Which of the following is MOST likely to return the information the technician needs?

A. Banner grabbing
B. Steganography tools
C. Protocol analyzer
D. Wireless scanner

Correct Answer:
A. Banner grabbing

Exam Question 873

A government contracting company issues smartphones to employees to enable access to corporate resources. Several employees will need to travel to a foreign country for business purposes and will require access to their phones. However, the company recently received intelligence that its intellectual property is highly desired by the same country’s government. Which of the following MDM configurations would BEST reduce the disk of compromise while on foreign soil?

A. Disable firmware OTA updates.
B. Disable location services.
C. Disable push notification services.
D. Disable wipe.

Correct Answer:
B. Disable location services.

Exam Question 874

A security analyst is performing a manual audit of captured data from a packet analyzer. The analyst looks for Base64 encoded strings and applies the filter http.authbasic. Which of the following BEST describes what the analyst is looking for?

A. Unauthorized software
B. Unencrypted credentials
C. SSL certificate issues
D. Authentication tokens

Correct Answer:
B. Unencrypted credentials

Exam Question 875

An organization wants to separate permissions for individuals who perform system changes from individuals who perform auditing of those system changes. Which of the following access control approaches is BEST suited for this?

A. Assign administrators and auditors to different groups and restrict permissions on system log files to read-only for the auditor group.
B. Assign administrators and auditors to the same group, but ensure they have different permissions based on the function they perform.
C. Create two groups and ensure each group has representation from both the auditors and the administrators so they can verify any changes that were made.
D. Assign file and folder permissions on an individual user basis and avoid group assignment altogether.

Correct Answer:
A. Assign administrators and auditors to different groups and restrict permissions on system log files to read-only for the auditor group.

Exam Question 876

Which of the following concepts ensure ACL rules on a directory are functioning as expected? (Choose two.)

A. Accounting
B. Authentication
C. Auditing
D. Authorization
E. Non-repudiation

Correct Answer:
A. Accounting
C. Auditing

Exam Question 877

A datacenter engineer wants to ensure an organization’s servers have high speed and high redundancy and can sustain the loss of two physical disks in an array. Which of the following RAID configurations should the engineer implement to deliver this functionality?

A. RAID 0
B. RAID 1
C. RAID 5
D. RAID 10
E. RAID 50

Correct Answer:
D. RAID 10

Exam Question 878

An organization requires secure configuration baselines for all platforms and technologies that are used. If any system cannot conform to the secure baseline, the organization must process a risk acceptance and receive approval before the system is placed into production. It may have non-conforming systems in its lower environments (development and staging) without risk acceptance, but must receive risk approval before the system is placed in production. Weekly scan reports identify systems that do not conform to any secure baseline.

The application team receives a report with the following results:

The application team receives a report with the following results.
The application team receives a report with the following results.

There are currently no risk acceptances for baseline deviations. This is a mission-critical application, and the organization cannot operate if the application is not running. The application fully functions in the development and staging environments. Which of the following actions should the application team take?

A. Remediate 2633 and 3124 immediately.
B. Process a risk acceptance for 2633 and 3124.
C. Process a risk acceptance for 2633 and remediate 3124.
D. Shut down NYAccountingProd and investigate the reason for the different scan results.

Correct Answer:
C. Process a risk acceptance for 2633 and remediate 3124.

Exam Question 879

A company is having issues with intellectual property being sent to a competitor from its system. The information being sent is not random but has an identifiable pattern. Which of the following should be implemented in the system to stop the content from being sent?

A. Encryption
B. Hashing
C. IPS
D. DLP

Correct Answer:
D. DLP

Exam Question 880

A company wants to configure its wireless network to require username and password authentication.
Which of the following should the systems administrator implement?

A. WPS
B. PEAP
C. TKIP
D. PKI

Correct Answer:
A. WPS