CompTIA Security+ (SY0-501) Exam Questions and Answers

The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.

Question 511: While testing a new vulnerability scanner, a technician becomes concerned about reports that list security concerns that are not present on the systems being tested. Which of the following BEST describes this flaw?

A. False positives
B. Crossover error rate
C. Uncredentialed scan
D. Passive security controls

Question 512: To further secure a company’s email system, an administrator is adding public keys to DNS records in the company’s domain. Which of the following is being used?

A. PFS
B. SPF
C. DMARC
D. DNSSEC

Question 513: A security team has downloaded a public database of the largest collection of password dumps on the Internet. This collection contains the cleartext credentials of every major breach for the last four years. The security team pulls and compares users’ credentials to the database and discovers that more than 30% of the users were still using passwords discovered in this list. Which of the following would be the BEST combination to reduce the risks discovered?

A. Password length, password encryption, password complexity
B. Password complexity, least privilege, password reuse
C. Password reuse, password complexity, password expiration
D. Group policy, password history, password encryption

Question 514: A systems administrator is installing and configuring an application service that requires access to read and write to log and configuration files on a local hard disk partition. The service must run as an account with authorization to interact with the file system. Which of the following would reduce the attack surface added by the service and account? (Choose two.)

A. Use a unique managed service account.
B. Utilize a generic password for authenticating.
C. Enable and review account audit logs.
D. Enforce least possible privileges for the account.
E. Add the account to the local administrators group.
F. Use a guest account placed in a non-privileged users group.

Question 515: Which of the following is a benefit of credentialed vulnerability scans?

A. Credentials provide access to scan documents to identify possible data theft.
B. The vulnerability scanner is able to inventory software on the target.
C. A scan will reveal data loss in real time.
D. Black-box testing can be performed.

Question 516: A company is implementing MFA for all applications that store sensitive data. The IT manager wants MFA to be non-disruptive and user friendly. Which of the following technologies should the IT manager use when implementing MFA?

A. Onetime passwords
B. Email tokens
C. Push notifications
D. Hardware authentication

Question 517: Which of the following would provide a safe environment for an application to access only the resources needed to function while not having access to run at the system level?

A. Sandbox
B. Honeypot
C. GPO
D. DMZ

Question 518: Which of the following attacks is used to capture the WPA2 handshake?

A. Replay
B. IV
C. Evil twin
D. Disassociation

Question 519: A user loses a COPE device. Which of the following should the user do NEXT to protect the data on the device?

A. Call the company help desk to remotely wipe the device.
B. Report the loss to authorities.
C. Check with corporate physical security for the device.
D. Identify files that are potentially missing on the device.

Question 520: A government agency with sensitive information wants to virtualize its infrastructure. Which of the following cloud deployment models BEST fits the agency’s needs?

A. Public
B. Community
C. Private
D. Hybrid

Keyword: SY0-501 Free Exam Dumps, SY0-501 Exam Questions, SY0-501 Exam Dumps, SY0-501 Braindumps, SY0-501 Real Questions, SY0-501 Practice Test, SY0-501 Practice Exam, SY0-501 Free Test, SY0-501 Free Questions, SY0-501 Real Exam Questions and Answers, SY0-501 VCE Dumps, SY0-501 ETE Dumps, SY0-501 PDF Dumps, and SY0-501 Study Guide.

Published by Emma Watson

, an Information Technology Engineer By qualification who loves to write about Windows, macOS and technical solutions for various error and problems. Coming from a solid background in PC building and software development, with complete expertise in touch-based devices, I am constantly keeping an eye out for the latest and greatest!