The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.
Exam Question 881
An organization is struggling to differentiate threats from normal traffic and access to systems. A security engineer has been asked to recommend a system that will aggregate data and provide metrics that will assist in identifying malicious actors or other anomalous activity throughout the environment. Which of the following solutions should the engineer recommend?
A. Web application firewall
B. SIEM
C. IPS
D. UTM
E. File integrity monitor
Correct Answer:
B. SIEM
Exam Question 882
The concept of connecting a user account across the systems of multiple enterprises is BEST known as:
A. federation.
B. a remote access policy.
C. multifactor authentication.
D. single sign-on.
Correct Answer:
A. federation.
Exam Question 883
A junior systems administrator noticed that one of two hard drives in a server room had a red error notification. The administrator removed the hard drive to replace it but was unaware that the server was configured in an array. Which of the following configurations would ensure no data is lost?
A. RAID 0
B. RAID 1
C. RAID 2
D. RAID 3
Correct Answer:
B. RAID 1
Exam Question 884
Joe, a user at a company, clicked an email link that led to a website that infected his workstation. Joe was connected to the network, and the virus spread to the network shares. The protective measures failed to stop this virus, and it has continued to evade detection. Which of the following should a security administrator implement to protect the environment from this malware?
A. Install a definition-based antivirus.
B. Implement an IDS/IPS.
C. Implement a heuristic behavior-detection solution.
D. Implement CASB to protect the network shares.
Correct Answer:
B. Implement an IDS/IPS.
Exam Question 885
A security analyst discovers that a company’s username and password database was posted on an Internet forum. The username and passwords are stored in plain text. Which of the following would mitigate the damage done by this type of data exfiltration in the future?
A. Create DLP controls that prevent documents from leaving the network
B. Implement salting and hashing.
C. Configure the web content filter to block access to the forum.
D. Increase password complexity requirements.
Correct Answer:
B. Implement salting and hashing.
Exam Question 886
In a lessons-learned report, it is suspected that a well-organized, well-funded, and extremely sophisticated group of attackers may have been responsible for a breach at a nuclear facility. Which of the following describes the type of actors that may have been implicated?
A. Nation-state
B. Hacktivist
C. Insider
D. Competitor
Correct Answer:
A. Nation-state
Exam Question 887
Which of the following control types are alerts sent from a SIEM fulfilling based on vulnerability signatures?
A. Preventive
B. Corrective
C. Compensating
D. Detective
Correct Answer:
D. Detective
Exam Question 888
An attacker is attempting to harvest user credentials on a client’s website. A security analyst notices multiple attempts of random usernames and passwords. When the analyst types in a random username and password, the logon screen displays the following message:
The username you entered does not exist.
Which of the following should the analyst recommend be enabled?
A. Input validation
B. Obfuscation
C. Error handling
D. Username lockout
Correct Answer:
C. Error handling
Exam Question 889
During an audit, the auditor requests to see a copy of the identified mission-critical applications as well as their disaster recovery plans. The company being audited has an SLA around the applications it hosts. With which of the following is the auditor MOST likely concerned?
A. ARO/ALE
B. MTTR/MTBF
C. RTO/RPO
D. Risk assessment
Correct Answer:
C. RTO/RPO
Exam Question 890
When a malicious user is able to retrieve sensitive information from RAM, the programmer has failed to implement:
A. session keys.
B. encryption of data at rest.
C. encryption of data in use.
D. ephemeral keys.
Correct Answer:
C. encryption of data in use.