CompTIA Security+ (SY0-501) Exam Questions and Answers

The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.

Question 681: An organization is providing employees on the shop floor with computers that will log their time based on when they sign on and off the network.
Which of the following account types should the employees receive?

A. Shared account
B. Privileged account
C. User account
D. Service account

Question 682: An employee in the finance department receives an email, which appears to come from the Chief Financial Officer (CFO), instructing the employee to immediately wire a large sum of money to a vendor. Which of the following BEST describes the principles of social engineering used? (Choose two.)

A. Familiarity
B. Scarcity
C. Urgency
D. Authority
E. Consensus

Question 683: A company has purchased a new SaaS application and is in the process of configuring it to meet the company’s needs. The director of security has requested that the SaaS application be integrated into the company’s IAM processes. Which of the following configurations should the security administrator set up in order to complete this request?

A. LDAP
B. RADIUS
C. SAML
D. NTLM

Question 684: An organization hosts a public-facing website that contains a login page for users who are registered and authorized to access a secure, non-public section of the site. That non-public site hosts information that requires multifactor authentication for access. Which of the following access management approaches would be the BEST practice for the organization?

A. Username/password with TOTP
B. Username/password with pattern matching
C. Username/password with a PIN
D. Username/password with a CAPTCHA

Question 685: A security administrator needs to configure remote access to a file share so it can only be accessed between the hours of 9:00 a.m. and 5:00 p.m. Files in the share can only be accessed by members of the same department as the data owner. Users should only be able to create files with approved extensions, which may differ by department. Which of the following access controls would be the MOST appropriate for this situation?

A. RBAC
B. MAC
C. ABAC
D. DAC

Question 686: An organization employee resigns without giving adequate notice. The following day, it is determined that the employee is still in possession of several company-owned mobile devices.
Which of the following could have reduced the risk of this occurring? (Choose two.)

A. Proper offboarding procedures
B. Acceptable use policies
C. Non-disclosure agreements
D. Exit interviews
E. Background checks
F. Separation of duties

Question 687: A security administrator has completed a monthly review of DNS server query logs. The administrator notices continuous name resolution attempts from a large number of internal hosts to a single Internet addressable domain name. The security administrator then correlated those logs with the establishment of persistent TCP connections out to this domain. The connections seem to be carrying on the order of kilobytes of data per week.
Which of the following is the MOST likely explanation for this company?

A. An attacker is exfiltrating large amounts of proprietary company data.
B. Employees are playing multiplayer computer games.
C. A worm is attempting to spread to other hosts via SMB exploits.
D. Internal hosts have become members of a botnet.

Question 688: An audit found that an organization needs to implement job rotation to be compliant with regulatory requirements. To prevent unauthorized access to systems after an individual changes roles or departments, which of the following should the organization implement?

A. Permission auditing and review
B. Exit interviews
C. Offboarding
D. Multifactor authentication

Question 689: A company wants to implement a wireless network with the following requirements:

  • All wireless users will have a unique credential.
  • User certificates will not be required for authentication.
  • The company’s AAA infrastructure must be utilized.
  • Local hosts should not store authentication tokens.

Which of the following should be used in the design to meet the requirements?

A. EAP-TLS
B. WPS
C. PSK
D. PEAP

Question 690: A technician has discovered a crypto-virus infection on a workstation that has access to sensitive remote resources.
Which of the following is the immediate NEXT step the technician should take?

A. Determine the source of the virus that has infected the workstation.
B. Sanitize the workstation’s internal drive.
C. Reimage the workstation for normal operation.
D. Disable the network connections on the workstation.

Keyword: SY0-501 Free Exam Dumps, SY0-501 Exam Questions, SY0-501 Exam Dumps, SY0-501 Braindumps, SY0-501 Real Questions, SY0-501 Practice Test, SY0-501 Practice Exam, SY0-501 Free Test, SY0-501 Free Questions, SY0-501 Real Exam Questions and Answers, SY0-501 VCE Dumps, SY0-501 ETE Dumps, SY0-501 PDF Dumps, and SY0-501 Study Guide.

Published by Emma Watson

, an Information Technology Engineer By qualification who loves to write about Windows, macOS and technical solutions for various error and problems. Coming from a solid background in PC building and software development, with complete expertise in touch-based devices, I am constantly keeping an eye out for the latest and greatest!