CompTIA Security+ (SY0-501) Exam Questions and Answers

The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.

Question 621: Which of the following would enhance the security of accessing data stored in the cloud? (Select TWO)

A. Block level encryption
B. SAML authentication
C. Transport encryption
D. Multifactor authentication
E. Predefined challenge questions
F. Hashing

Question 622: An audit has revealed that database administrators are also responsible for auditing database changes and backup logs.
Which of the following access control methodologies would BEST mitigate this concern?

A. Time of day restrictions
B. Principle of least privilege
C. Role-based access control
D. Separation of duties

Question 623: An external contractor, who has not been given information about the software or network architecture, is conducting a penetration test. Which of the following BEST describes the test being performed?

A. Black box
B. White box
C. Passive reconnaissance
D. Vulnerability scan

Question 624: A security analyst has set up a network tap to monitor network traffic for vulnerabilities. Which of the following techniques would BEST describe the approach the analyst has taken?

A. Compliance scanning
B. Credentialed scanning
C. Passive vulnerability scanning
D. Port scanning

Question 625: A company’s loss control department identifies theft as a recurring loss type over the past year. Based on the department’s report, the Chief Information Officer (CIO) wants to detect theft of datacenter equipment.
Which of the following controls should be implemented?

A. Biometrics
B. Cameras
C. Motion detectors
D. Mantraps

Question 626: While performing a penetration test, the technicians want their efforts to go unnoticed for as long as possible while they gather useful data about the network they are assessing.
Which of the following would be the BEST choice for the technicians?

A. Vulnerability scanner
B. Offline password cracker
C. Packet sniffer
D. Banner grabbing

Question 627: A datacenter recently experienced a breach. When access was gained, an RF device was used to access an air-gapped and locked server rack. Which of the following would BEST prevent this type of attack?

A. Faraday cage
B. Smart cards
C. Infrared detection
D. Alarms

Question 628: A security analyst is working on a project that requires the implementation of a stream cipher. Which of the following should the analyst use?

A. Hash function
B. Elliptic curve
C. Symmetric algorithm
D. Public key cryptography

Question 629: A security auditor is putting together a report for the Chief Executive Officer (CEO) on personnel security and its impact on the security posture of the whole organization. Which of the following would be the MOST important factor to consider when it comes to personnel security?

A. Insider threats
B. Privilege escalation
C. Hacktivist
D. Phishing through social media
E. Corporate espionage

Question 630: Security administrators attempted corrective action after a phishing attack. Users are still experiencing trouble logging in, as well as an increase in account lockouts. Users’ email contacts are complaining of an increase in spam and social networking requests. Due to the large number of affected accounts, remediation must be accomplished quickly.
Which of the following actions should be taken FIRST? (Select TWO)

A. Disable the compromised accounts
B. Update WAF rules to block social networks
C. Remove the compromised accounts with all AD groups
D. Change the compromised accounts’ passwords
E. Disable the open relay on the email server
F. Enable sender policy framework

Keyword: SY0-501 Free Exam Dumps, SY0-501 Exam Questions, SY0-501 Exam Dumps, SY0-501 Braindumps, SY0-501 Real Questions, SY0-501 Practice Test, SY0-501 Practice Exam, SY0-501 Free Test, SY0-501 Free Questions, SY0-501 Real Exam Questions and Answers, SY0-501 VCE Dumps, SY0-501 ETE Dumps, SY0-501 PDF Dumps, and SY0-501 Study Guide.

Published by Emma Watson

, an Information Technology Engineer By qualification who loves to write about Windows, macOS and technical solutions for various error and problems. Coming from a solid background in PC building and software development, with complete expertise in touch-based devices, I am constantly keeping an eye out for the latest and greatest!