CompTIA Security+ (SY0-501) Exam Questions and Answers

The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.

Question 471: A technician is required to configure updates on a guest operating system while maintaining the ability to quickly revert the changes that were made while testing the updates. Which of the following should the technician implement?

A. Snapshots
B. Revert to known state
C. Rollback to known configuration
D. Shadow copy

Question 472: A technician is investigating a report of unusual behavior and slow performance on a company-owned laptop. The technician runs a command and reviews the following information:

The technician runs a command and reviews the following information
The technician runs a command and reviews the following information

Based on the above information, which of the following types of malware should the technician report?

A. Spyware
B. Rootkit
C. RAT
D. Logic bomb

Question 473: An organization is building a new customer services team, and the manager needs to keep the team focused on customer issues and minimize distractions. The users have a specific set of tools installed, which they must use to perform their duties. Other tools are not permitted for compliance and tracking purposes. Team members have access to the Internet for product lookups and to research customer issues. Which of the following should a security engineer employ to fulfill the requirements for the manager?

A. Install a web application firewall.
B. Install HIPS on the team’s workstations.
C. Implement containerization on the workstations.
D. Configure whitelisting for the team.

Question 474: Which of the following is the MOST likely motivation for a script kiddie threat actor?

A. Financial gain
B. Notoriety
C. Political expression
D. Corporate espionage

Question 475: After discovering a security incident and removing the affected files, an administrator disabled an unneeded service that led to the breach. Which of the following steps in the incident response process has the administrator just completed?

A. Containment
B. Eradication
C. Recovery
D. Identification

Question 476: A company employee recently retired, and there was a schedule delay because no one was capable of filling the employee’s position. Which of the following practices would BEST help to prevent this situation in the future?

A. Mandatory vacation
B. Separation of duties
C. Job rotation
D. Exit interviews

Question 477: A security analyst is interested in setting up an IDS to monitor the company network. The analyst has been told there can be no network downtime to implement the solution, but the IDS must capture all of the network traffic. Which of the following should be used for the IDS implementation?

A. Network tap
B. Honeypot
C. Aggregation
D. Port mirror

Question 478: A contracting company recently completed its period of performance on a government contract and would like to destroy all information associated with contract performance. Which of the following is the best NEXT step for the company to take?

A. Consult data disposition policies in the contract.
B. Use a pulper or pulverizer for data destruction.
C. Retain the data for a period no more than one year.
D. Burn hard copies containing PII or PHI

Question 479: A systems administrator is receiving multiple alerts from the company NIPS. A review of the NIPS logs shows the following:
reset both: 70.32.200.2:3194 –> 10.4.100.4:80 buffer overflow attempt
reset both: 70.32.200.2:3230 –> 10.4.100.4:80 directory traversal attack
reset client: 70.32.200.2:4019 –> 10.4.100.4:80 Blind SQL injection attack

Which of the following should the systems administrator report back to management?

A. The company web server was attacked by an external source, and the NIPS blocked the attack.
B. The company web and SQL servers suffered a DoS caused by a misconfiguration of the NIPS.
C. An external attacker was able to compromise the SQL server using a vulnerable web application.
D. The NIPS should move from an inline mode to an out-of-band mode to reduce network latency.

Question 480: Which of the following BEST distinguishes Agile development from other methodologies in terms of vulnerability management?

A. Cross-functional teams
B. Rapid deployments
C. Daily standups
D. Peer review
E. Creating user stories

Keyword: SY0-501 Free Exam Dumps, SY0-501 Exam Questions, SY0-501 Exam Dumps, SY0-501 Braindumps, SY0-501 Real Questions, SY0-501 Practice Test, SY0-501 Practice Exam, SY0-501 Free Test, SY0-501 Free Questions, SY0-501 Real Exam Questions and Answers, SY0-501 VCE Dumps, SY0-501 ETE Dumps, SY0-501 PDF Dumps, and SY0-501 Study Guide.

Published by Emma Watson

, an Information Technology Engineer By qualification who loves to write about Windows, macOS and technical solutions for various error and problems. Coming from a solid background in PC building and software development, with complete expertise in touch-based devices, I am constantly keeping an eye out for the latest and greatest!