CompTIA Security+ (SY0-501) Exam Questions and Answers

The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.

Question 441: An organization’s research department uses workstations in an air-gapped network. A competitor released products based on files that originated in the research department. Which of the following should management do to improve the security and confidentiality of the research files?

A. Implement multifactor authentication on the workstations.
B. Configure removable media controls on the workstations.
C. Install a web application firewall in the research department.
D. Install HIDS on each of the research workstations.

Question 442: A company network is currently under attack. Although security controls are in place to stop the attack, the security administrator needs more information about the types of attacks being used. Which of the following network types would BEST help the administrator gather this information?

A. DMZ
B. Guest network
C. Ad hoc
D. Honeynet

Question 443: Moving laterally within a network once an initial exploit is used to gain persistent access for the purpose of establishing further control of a system is known as:

A. pivoting.
B. persistence.
C. active reconnaissance.
D. a backdoor.

Question 444: A systems administrator is increasing the security settings on a virtual host to ensure users on one VM cannot access information from another VM. Which of the following is the administrator protecting against?

A. VM sprawl
B. VM escape
C. VM migration
D. VM sandboxing

Question 445: Which of the following encryption algorithms require one encryption key? (Choose two.)

A. MD5
B. 3DES
C. BCRYPT
D. RC4
E. DSA

Question 446: A systems administrator has installed a new UTM that is capable of inspecting SSL/TLS traffic for malicious payloads. All inbound network traffic coming from the Internet and terminating on the company’s secure web servers must be inspected. Which of the following configurations would BEST support this requirement?

A. The web servers’ CA full certificate chain must be installed on the UTM.
B. The UTM certificate pair must be installed on the web servers.
C. The web servers’ private certificate must be installed on the UTM.
D. The UTM and web servers must use the same certificate authority.

Question 447: A security administrator receives alerts from the perimeter UTM. Upon checking the logs, the administrator finds the following output:
Time: 12/25 0300
From Zone: Untrust
To Zone: DMZ
Attacker: externalip.com
Victim: 172.16.0.20
To Port: 80
Action: Alert
Severity: Critical

When examining the PCAP associated with the event, the security administrator finds the following information:
<script> alert (“Click here for important information regarding your account!
http://externalip.com/account.php”); </script>
Which of the following actions should the security administrator take?

A. Upload the PCAP to the IDS in order to generate a blocking signature to block the traffic.
B. Manually copy the <script> data from the PCAP file and generate a blocking signature in the HIDS to block the traffic for future events.
C. Implement a host-based firewall rule to block future events of this type from occurring.
D. Submit a change request to modify the XSS vulnerability signature to TCP reset on future attempts.

Question 448: Given the information below:
MD5HASH document.doc 049eab40fd36caadlfab10b3cdf4a883
MD5HASH image.jpg 049eab40fd36caadlfab10b3cdf4a883

Which of the following concepts are described above? (Choose two.)

A. Salting
B. Collision
C. Steganography
D. Hashing
E. Key stretching

Question 449: An organization wishes to allow its users to select devices for business use but does not want to overwhelm the service desk with requests for too many different device types and models. Which of the following deployment models should the organization use to BEST meet these requirements?

A. VDI environment
B. CYOD model
C. DAC mode
D. BYOD model

Question 450: A state-sponsored threat actor has launched several successful attacks against a corporate network.
Although the target has a robust patch management program in place, the attacks continue in depth and scope, and the security department has no idea how the attacks are able to gain access. Given that patch management and vulnerability scanners are being used, which of the following would be used to analyze the attack methodology?

A. Rogue system detection
B. Honeypots
C. Next-generation firewall
D. Penetration test

Keyword: SY0-501 Free Exam Dumps, SY0-501 Exam Questions, SY0-501 Exam Dumps, SY0-501 Braindumps, SY0-501 Real Questions, SY0-501 Practice Test, SY0-501 Practice Exam, SY0-501 Free Test, SY0-501 Free Questions, SY0-501 Real Exam Questions and Answers, SY0-501 VCE Dumps, SY0-501 ETE Dumps, SY0-501 PDF Dumps, and SY0-501 Study Guide.

Published by Emma Watson

, an Information Technology Engineer By qualification who loves to write about Windows, macOS and technical solutions for various error and problems. Coming from a solid background in PC building and software development, with complete expertise in touch-based devices, I am constantly keeping an eye out for the latest and greatest!