The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.
Question 381: A user needs to transmit confidential information to a third party.
Which of the following should be used to encrypt the message?
Question 382: A security analyst believes an employee’s workstation has been compromised. The analyst reviews the system logs, but does not find any attempted logins. The analyst then runs the diff command, comparing the C:\Windows\System32 directory and the installed cache directory. The analyst finds a series of files that look suspicious.
One of the files contains the following commands:
Which of the following types of malware was used?
C. Logic bomb
Question 383: Which of the following differentiates ARP poisoning from a MAC spoofing attack?
A. ARP poisoning uses unsolicited ARP replies.
B. ARP poisoning overflows a switch’s CAM table.
C. MAC spoofing uses DHCPOFFER/DHCPACK packets.
D. MAC spoofing can be performed across multiple routers.
Question 384: A company has just completed a vulnerability scan of its servers. A legacy application that monitors the HVAC system in the datacenter presents several challenges, as the application vendor is no longer in business.
Which of the following secure network architecture concepts would BEST protect the other company servers if the legacy server were to be exploited?
B. Air gap
Question 385: Which of the following methods is used by internal security teams to assess the security of internally developed applications?
A. Active reconnaissance
C. White box testing
Question 386: A technician has discovered a crypto-virus infection on a workstation that has access to sensitive remote resources.
Which of the following is the immediate NEXT step the technician should take?
A. Determine the source of the virus that has infected the workstation.
B. Sanitize the workstation’s internal drive.
C. Reimage the workstation for normal operation.
D. Disable the network connections on the workstation.
Question 387: A security engineer implements multiple technical measures to secure an enterprise network. The engineer also works with the Chief Information Officer (CIO) to implement policies to govern user behavior.
Which of the following strategies is the security engineer executing?
B. Mandatory access control
C. Control diversity
D. System hardening
Question 388: A security analyst identified an SQL injection attack.
Which of the following is the FIRST step in remediating the vulnerability?
A. Implement stored procedures.
B. Implement proper error handling.
C. Implement input validations.
D. Implement a WAF.
Question 389: A company is performing an analysis of the corporate enterprise network with the intent of identifying any one system, person, function, or service that, when neutralized, will cause or cascade disproportionate damage to the company’s revenue, referrals, and reputation.
Which of the following an element of the BIA that this action is addressing?
A. Identification of critical systems
B. Single point of failure
C. Value assessment
D. Risk register
Question 390: An analyst generates the following color-coded table shown in the exhibit to help explain the risk of potential incidents in the company. The vertical axis indicates the likelihood of an incident, while the horizontal axis indicates the impact.
Which of the following is this table an example of?
A. Internal threat assessment
B. Privacy impact assessment
C. Qualitative risk assessment
D. Supply chain assessment
Keyword: SY0-501 Free Exam Dumps, SY0-501 Exam Questions, SY0-501 Exam Dumps, SY0-501 Braindumps, SY0-501 Real Questions, SY0-501 Practice Test, SY0-501 Practice Exam, SY0-501 Free Test, SY0-501 Free Questions, SY0-501 Real Exam Questions and Answers, SY0-501 VCE Dumps, SY0-501 ETE Dumps, SY0-501 PDF Dumps, and SY0-501 Study Guide.