CompTIA Security+ (SY0-501) Exam Questions and Answers

The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.

Question 341: A network administrator is creating a new network for an office. For security purposes, each department should have its resources isolated from every other department but be able to communicate back to central servers. Which of the following architecture concepts would BEST accomplish this?

A. Air gapped network
B. Load balanced network
C. Network address translation
D. Network segmentation

Question 342: A customer calls a technician and needs to remotely connect to a web server to change some code manually. The technician needs to configure the user’s machine with protocols to connect to the Unix web server, which is behind a firewall. Which of the following protocols does the technician MOST likely need to configure?

A. SSH
B. SFTP
C. HTTPS
D. SNMP

Question 343: Joe recently assumed the role of data custodian for this organization. While cleaning out an unused storage safe, he discovers several hard drives that are labeled “unclassified” and awaiting destruction. The hard drives are obsolete and cannot be installed in any of his current computing equipment. Which of the following is the BEST method for disposing of the hard drives?

A. Burning
B. Wiping
C. Purging
D. Pulverizing

Question 344: A security administrator is reviewing the following firewall configuration after receiving reports that users are unable to connect to remote websites:
10 PERMIT FROM:ANY TO:ANY PORT:80
20 PERMIT FROM:ANY TO:ANY PORT:443
30 DENY FROM:ANY TO:ANY PORT:ANY

Which of the following is the MOST secure solution the security administrator can implement to fix this issue?

A. Add the following rule to the firewall: 5 PERMIT FROM:ANY TO:ANY PORT:53
B. Replace rule number 10 with the following rule: 10 PERMIT FROM:ANY TO:ANY PORT:22
C. Insert the following rule in the firewall: 25 PERMIT FROM:ANY TO:ANY PORTS:ANY
D. Remove the following rule from the firewall: 30 DENY FROM:ANY TO:ANY PORT:ANY

Question 345: A security administrator is performing a risk assessment on a legacy WAP with a WEP-enabled wireless infrastructure. Which of the following should be implemented to harden the infrastructure without upgrading the WAP?

A. Implement WPA and TKIP
B. Implement WPS and an eight-digit pin
C. Implement WEP and RC4
D. Implement WPA2 Enterprise

Question 346: A systems administrator is installing a new server in a large datacenter. Which of the following BEST describes the importance of properly positioning servers in the rack to maintain availability?

A. To allow for visibility of the servers’ status indicators
B. To adhere to cable management standards
C. To maximize the fire suppression system’s efficiency
D. To provide consistent air flow

Question 347: To get the most accurate results on the security posture of a system, which of the following actions should the security analyst do prior to scanning?

A. Log all users out of the system
B. Patch the scanner
C. Reboot the target host
D. Update the web plugins

Question 348: While investigating a virus infection, a security analyst discovered the following on an employee laptop:

  • Multiple folders containing a large number of newly released movies and music files
  • Proprietary company data
  • A large amount of PHI data
  • Unapproved FTP software
  • Documents that appear to belong to a competitor

Which of the following should the analyst do FIRST?

A. Contact the legal and compliance department for guidance
B. Delete the files, remove the FTP software, and notify management
C. Back up the files and return the device to the user
D. Wipe and reimage the device

Question 349: Which of the following penetration testing concepts is an attacker MOST interested in when placing the path of a malicious file in the Windows/CurrentVersion/Run registry key?

A. Persistence
B. Pivoting
C. Active reconnaissance
D. Escalation of privilege

Question 350: A security analyst is implementing PKI-based functionality to a web application that has the following requirements:

  • File contains certificate information
  • Certificate chains
  • Root authority certificates
  • Private key

All of these components will be part of one file and cryptographically protected with a password. Given this scenario, which of the following certificate types should the analyst implement to BEST meet these requirements?

A. .pfx certificate
B. .cer certificate
C. .der certificate
D. .crt certificate

Keyword: SY0-501 Free Exam Dumps, SY0-501 Exam Questions, SY0-501 Exam Dumps, SY0-501 Braindumps, SY0-501 Real Questions, SY0-501 Practice Test, SY0-501 Practice Exam, SY0-501 Free Test, SY0-501 Free Questions, SY0-501 Real Exam Questions and Answers, SY0-501 VCE Dumps, SY0-501 ETE Dumps, SY0-501 PDF Dumps, and SY0-501 Study Guide.

Published by Emma Watson

, an Information Technology Engineer By qualification who loves to write about Windows, macOS and technical solutions for various error and problems. Coming from a solid background in PC building and software development, with complete expertise in touch-based devices, I am constantly keeping an eye out for the latest and greatest!