Skip to Content

CompTIA Security+ SY0-501 Exam Questions and Answers – Page 1

The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.

Exam Question 11

An organization has determined it can tolerate a maximum of three hours of downtime. Which of the following has been specified?

A. RTO
B. RPO
C. MTBF
D. MTTR

Correct Answer:
A. RTO

Exam Question 12

Which of the following types of keys is found in a key escrow?

A. Public
B. Private
C. Shared
D. Session

Correct Answer:
B. Private

Exam Question 13

Despite having implemented password policies, users continue to set the same weak passwords and reuse old passwords. Which of the following technical controls would help prevent these policy violations? (Choose two.)

A. Password expiration
B. Password length
C. Password complexity
D. Password history
E. Password lockout

Correct Answer:
C. Password complexity
D. Password history

Exam Question 14

Which of the following types of cloud infrastructures would allow several organizations with similar structures and interests to realize the benefits of shared storage and resources?

A. Private
B. Hybrid
C. Public
D. Community

Correct Answer:
D. Community

Exam Question 15

A company is currently using the following configuration:

  • IAS server with certificate-based EAP-PEAP and MSCHAP
  • Unencrypted authentication via PAP

A security administrator needs to configure a new wireless setup with the following configurations:

  • PAP authentication method
  • PEAP and EAP provide two-factor authentication

Which of the following forms of authentication are being used? (Choose two.)

A. PAP
B. PEAP
C. MSCHAP
D. PEAP- MSCHAP
E. EAP
F. EAP-PEAP

Correct Answer:
A. PAP
C. MSCHAP

Exam Question 16

A company determines that it is prohibitively expensive to become compliant with new credit card regulations. Instead, the company decides to purchase insurance to cover the cost of any potential loss.
Which of the following is the company doing?

A. Transferring the risk
B. Accepting the risk
C. Avoiding the risk
D. Migrating the risk

Correct Answer:
A. Transferring the risk

Exam Question 17

Users report the following message appears when browsing to the company’s secure site: This website cannot be trusted. Which of the following actions should a security analyst take to resolve these messages? (Choose two.)

A. Verify the certificate has not expired on the server.
B. Ensure the certificate has a .pfx extension on the server.
C. Update the root certificate into the client computer certificate store.
D. Install the updated private key on the web server.
E. Have users clear their browsing history and relaunch the session.

Correct Answer:
A. Verify the certificate has not expired on the server.
C. Update the root certificate into the client computer certificate store.

Exam Question 18

Malicious traffic from an internal network has been detected on an unauthorized port on an application server.
Which of the following network-based security controls should the engineer consider implementing?

A. ACLs
B. HIPS
C. NAT
D. MAC filtering

Correct Answer:
A. ACLs

Exam Question 19

A network administrator wants to implement a method of securing internal routing. Which of the following should the administrator implement?

A. DMZ
B. NAT
C. VPN
D. PAT

Correct Answer:
C. VPN

Exam Question 20

Which of the following encryption methods does PKI typically use to securely protect keys?

A. Elliptic curve
B. Digital signatures
C. Asymmetric
D. Obfuscation

Correct Answer:
C. Asymmetric

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker