CompTIA Security+ (SY0-501) Exam Questions and Answers

The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.

Question 261: Which of the following solutions should an administrator use to reduce the risk from an unknown vulnerability in a third-party software application?

A. Sandboxing
B. Encryption
C. Code signing
D. Fuzzing

Question 262: A network administrator needs to allocate a new network for the R&D group. The network must not be accessible from the Internet regardless of the network firewall or other external misconfigurations. Which of the following settings should the network administrator implement to accomplish this?

A. Configure the OS default TTL to 1
B. Use NAT on the R&D network
C. Implement a router ACL
D. Enable protected ports on the switch

Question 263: To help prevent one job role from having sufficient access to create, modify, and approve payroll data, which of the following practices should be employed?

A. Least privilege
B. Job rotation
C. Background checks
D. Separation of duties

Question 264: When attackers use a compromised host as a platform for launching attacks deeper into a company’s network, it is said that they are:

A. escalating privilege
B. becoming persistent
C. fingerprinting
D. pivoting

Question 265: A home invasion occurred recently in which an intruder compromised a home network and accessed a WiFI- enabled baby monitor while the baby’s parents were sleeping.
Which of the following BEST describes how the intruder accessed the monitor?

A. Outdated antivirus
B. WiFi signal strength
C. Social engineering
D. Default configuration

Question 266: Which of the following refers to the term used to restore a system to its operational state?

A. MTBF
B. MTTR
C. RTO
D. RPO

Question 267: A Chief Information Officer (CIO) recently saw on the news that a significant security flaws exists with a specific version of a technology the company uses to support many critical application. The CIO wants to know if this reported vulnerability exists in the organization and, if so, to what extent the company could be harmed.
Which of the following would BEST provide the needed information?

A. Penetration test
B. Vulnerability scan
C. Active reconnaissance
D. Patching assessment report

Question 268: An active/passive configuration has an impact on:

A. confidentiality
B. integrity
C. availability
D. non-repudiation

Question 269: Which of the following uses precomputed hashes to guess passwords?

A. Iptables
B. NAT tables
C. Rainbow tables
D. ARP tables

Question 270: A Chief Information Security Officer (CISO) has tasked a security analyst with assessing the security posture of an organization and which internal factors would contribute to a security compromise. The analyst performs a walk-through of the organization and discovers there are multiple instances of unlabeled optical media on office desks. Employees in the vicinity either do not claim ownership or disavow any knowledge concerning who owns the media. Which of the following is the MOST immediate action to be taken?

A. Confiscate the media and dispose of it in a secure manner as per company policy.
B. Confiscate the media, insert it into a computer, find out what is on the disc, and then label it and return it to where it was found.
C. Confiscate the media and wait for the owner to claim it. If it is not claimed within one month, shred it.
D. Confiscate the media, insert it into a computer, make a copy of the disc, and then return the original to where it was found.

Keyword: SY0-501 Free Exam Dumps, SY0-501 Exam Questions, SY0-501 Exam Dumps, SY0-501 Braindumps, SY0-501 Real Questions, SY0-501 Practice Test, SY0-501 Practice Exam, SY0-501 Free Test, SY0-501 Free Questions, SY0-501 Real Exam Questions and Answers, SY0-501 VCE Dumps, SY0-501 ETE Dumps, SY0-501 PDF Dumps, and SY0-501 Study Guide.

Published by Emma Watson

, an Information Technology Engineer By qualification who loves to write about Windows, macOS and technical solutions for various error and problems. Coming from a solid background in PC building and software development, with complete expertise in touch-based devices, I am constantly keeping an eye out for the latest and greatest!