CompTIA Security+ (SY0-501) Exam Questions and Answers

The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.

Question 391: An office recently completed digitizing all its paper records. Joe, the data custodian, has been tasked with the disposal of the paper files, which include:

  • Intellectual property
  • Payroll records
  • Financial information
  • Drug screening results

Which of the following is the BEST way to dispose of these items?

A. Schredding
B. Pulping
C. Deidentifying
D. Recycling

Question 392: In a lessons learned report, it is suspected that a well-organized, well-funded, and extremely sophisticated group of attackers may have been responsible for a breach at a nuclear facility.
Which of the following describes the type of actors that may have been implicated?

A. Nation state
B. Hacktivist
C. Insider
D. Competitor

Question 393: A security administrator wants to implement least privilege access for a network share that stores sensitive company data. The organization is particularly concerned with the integrity of data and implementing discretionary access control. The following controls are available:

  • Read = A user can read the content of an existing file.
  • Write = A user can modify the content of an existing file and delete an existing file.
  • Create = A user can create a new file and place data within the file.

A missing control means the user does not have that access. Which of the following configurations provides the appropriate control to support the organization/s requirements?

A. Owners: Read, Write, Create
Group Members: Read, Write
Others: Read, Create
B. Owners: Write, Create
Group Members: Read, Write, Create
Others: Read
C. Owners: Read, Write
Group Members: Read, Create
Others: Read, Create
D. Owners: Write, Create
Group Members: Read, Create
Others: Read, Write, Create

Question 394: After reports of slow internet connectivity, a technician reviews the following logs from a server’s host-based firewall:

After reports of slow internet connectivity, a technician reviews the following logs from a server’s host-based firewall
After reports of slow internet connectivity, a technician reviews the following logs from a server’s host-based firewall

Which of the following can the technician conclude after reviewing the above logs?

A. The server is under a DDoS attack from multiple geographic locations.
B. The server is compromised, and is attacking multiple hosts on the Internet.
C. The server is under an IP spoofing resource exhaustion attack.
D. The server is unable to complete the TCP three-way handshake and send the last ACK.

Question 395: A company is executing a strategy to encrypt and sign all proprietary data in transit. The company recently deployed PKI services to support this strategy.
Which of the following protocols supports the strategy and employs certificates generated by the PKI? (Choose three.)

A. S/MIME
B. TLS
C. HTTP-Digest
D. SAML
E. SIP
F. IPSec
G. Kerberos

Question 396: Joe, an employee, asks a coworker how long ago Ann started working at the help desk. The coworker expresses surprise since nobody named Ann works at the help desk. Joe mentions that Ann called several people in the customer service department to help reset their passwords over the phone due to unspecified “server issues”.
Which of the following has occurred?

A. Social engineering
B. Whaling
C. Watering hole attack
D. Password cracking

Question 397: Hacktivists are most commonly motivated by:

A. curiosity
B. notoriety
C. financial gain
D. political cause

Question 398: A systems administrator is configuring a new network switch for TACACS+ management and authentication.
Which of the following must be configured to provide authentication between the switch and the TACACS+ server?

A. 802.1X
B. SSH
C. Shared secret
D. SNMPv3
E. CHAP

Question 399: A security, who is analyzing the security of the company’s web server, receives the following output:

A security, who is analyzing the security of the company’s web server, receives the following output
A security, who is analyzing the security of the company’s web server, receives the following output

Which of the following is the issue?

A. Code signing
B. Stored procedures
C. Access violations
D. Unencrypted credentials

Question 400: Datacenter employees have been battling alarms in a datacenter that has been experiencing hotter than normal temperatures. The server racks are designed so all 48 rack units are in use, and servers are installed in any manner in which the technician can get them installed.
Which of the following practices would BEST alleviate the heat issues and keep costs low?

A. Utilize exhaust fans.
B. Use hot and cold aisles.
C. Airgap the racks.
D. Use a secondary AC unit.

Keyword: SY0-501 Free Exam Dumps, SY0-501 Exam Questions, SY0-501 Exam Dumps, SY0-501 Braindumps, SY0-501 Real Questions, SY0-501 Practice Test, SY0-501 Practice Exam, SY0-501 Free Test, SY0-501 Free Questions, SY0-501 Real Exam Questions and Answers, SY0-501 VCE Dumps, SY0-501 ETE Dumps, SY0-501 PDF Dumps, and SY0-501 Study Guide.

Published by Emma Watson

, an Information Technology Engineer By qualification who loves to write about Windows, macOS and technical solutions for various error and problems. Coming from a solid background in PC building and software development, with complete expertise in touch-based devices, I am constantly keeping an eye out for the latest and greatest!