The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.
Question 461: The president of a company that specializes in military contracts receives a request for an interview. During the interview, the reporter seems more interested in discussing the president’s family life and personal history than the details of a recent company success. Which of the following security concerns is this MOST likely an example of?
A. Insider threat
B. Social engineering
C. Passive reconnaissance
Question 462: A Chief Information Security Officer (CISO) for a school district wants to enable SSL to protect all of the public-facing servers in the domain. Which of the following is a secure solution that is the MOST cost effective?
A. Create and install a self-signed certificate on each of the servers in the domain.
B. Purchase a load balancer and install a single certificate on the load balancer.
C. Purchase a wildcard certificate and implement it on every server.
D. Purchase individual certificates and apply them to the individual servers.
Question 463: A company is experiencing an increasing number of systems that are locking up on Windows startup. The security analyst clones a machine, enters into safe mode, and discovers a file in the startup process that runs Wstart.bat.
Given the file contents and the system’s issues, which of the following types of malware is present?
B. Logic bomb
Question 464: A government organization recently contacted three different vendors to obtain cost quotes for a desktop PC refresh. The quote from one of the vendors was significantly lower than the other two and was selected for the purchase. When the PCs arrived, a technician determined some NICs had been tampered with.
Which of the following MOST accurately describes the security risk presented in this situation?
A. Hardware root of trust
C. Supply chain
F. ARP poisoning
Question 465: A company is examining possible locations for a hot site. Which of the following considerations is of MOST concern if the replication technology being used is highly sensitive to network latency?
A. Connection to multiple power substations
B. Location proximity to the production site
C. Ability to create separate caged space
D. Positioning of the site across international borders
Question 466: An attacker has gathered information about a company employee by obtaining publicly available information from the Internet and social networks. Which of the following types of activity is the attacker performing?
B. Exfiltration of data
C. Social engineering
D. Passive reconnaissance
Question 467: Which of the following is a security consideration for IoT devices?
A. IoT devices have built-in accounts that users rarely access.
B. IoT devices have less processing capabilities.
C. IoT devices are physically segmented from each other.
D. IoT devices have purpose-built applications.
Question 468: The Chief Information Officer (CIO) has determined the company’s new PKI will not use OCSP. The purpose of OCSP still needs to be addressed. Which of the following should be implemented?
A. Build an online intermediate CA.
B. Implement a key escrow.
C. Implement stapling.
D. Install a CRL.
Question 469: An organization’s policy requires users to create passwords with an uppercase letter, lowercase letter, number, and symbol. This policy is enforced with technical controls, which also prevents users from using any of their previous 12 passwords. The quantization does not use single sign-on, nor does it centralize storage of passwords.
The incident response team recently discovered that passwords for one system were compromised.
Passwords for a completely separate system have NOT been compromised, but unusual login activity has been detected for that separate system. Account login has been detected for users who are on vacation.
Which of the following BEST describes what is happening?
A. Some users are meeting password complexity requirements but not password length requirements.
B. The password history enforcement is insufficient, and old passwords are still valid across many different systems.
C. Some users are reusing passwords, and some of the compromised passwords are valid on multiple systems.
D. The compromised password file has been brute-force hacked, and the complexity requirements are not adequate to mitigate this risk.
Question 470: During a security audit of a company’s network, unsecure protocols were found to be in use. A network administrator wants to ensure browser-based access to company switches is using the most secure protocol. Which of the following protocols should be implemented?
Keyword: SY0-501 Free Exam Dumps, SY0-501 Exam Questions, SY0-501 Exam Dumps, SY0-501 Braindumps, SY0-501 Real Questions, SY0-501 Practice Test, SY0-501 Practice Exam, SY0-501 Free Test, SY0-501 Free Questions, SY0-501 Real Exam Questions and Answers, SY0-501 VCE Dumps, SY0-501 ETE Dumps, SY0-501 PDF Dumps, and SY0-501 Study Guide.