The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.
Question 771: Joe, a contractor, is hired by a firm to perform a penetration test against the firm’s infrastructure. When conducting the scan, he receives only the network diagram and the network list to scan against the network.
Which of the following scan types is Joe performing?
B. White box
D. Gray box
Question 772: Which of the following needs to be performed during a forensics investigation to ensure the data contained in a drive image has not been compromised?
A. Follow the proper chain of custody procedures.
B. Compare the image hash to the original hash.
C. Ensure a legal hold has been placed on the image.
D. Verify the time offset on the image file.
Question 773: A security administrator is analyzing a user report in which the computer exhibits odd network-related outages. The administrator, however, does not see any suspicious process running. A prior technician’s notes indicate the machine has been remediated twice, but the system still exhibits odd behavior. Files were deleted from the system recently.
Which of the following is the MOST likely cause of this behavior?
C. Logic bomb
D. Session hijacking
Question 774: A security administrator is creating a risk assessment with regard to how to harden internal communications in transit between servers.
Which of the following should the administrator recommend in the report?
A. Configure IPSec in transport mode.
B. Configure server-based PKI certificates.
C. Configure the GRE tunnel.
D. Configure a site-to-site tunnel.
Question 775: A security specialist is notified about a certificate warning that users receive when using a new internal website. After being given the URL from one of the users and seeing the warning, the security specialist inspects the certificate and realizes it has been issued to the IP address, which is how the developers reach the site.
Which of the following would BEST resolve the issue?
Question 776: A technician has installed a new AAA server, which will be used by the network team to control access to a company’s routers and switches. The technician completes the configuration by adding the network team members to the NETWORK_TEAM group, and then adding the NETWORK_TEAM group to the appropriate ALLOW_ACCESS access list. Only members of the network team should have access to the company’s routers and switches.
Members of the network team successfully test their ability to log on to various network devices configured to use the AAA server. Weeks later, an auditor asks to review the following access log sample:
5/26/2017 10:20 PERMIT: LEE
5/27/2017 13:45 PERMIT: ANDREA
5/25/2017 09:12 PERMIT: LEE
5/28/2017 16:37 PERMIT: JOHN
5/29/2017 08:53 PERMIT: LEE
Which of the following should the auditor recommend based on the above information?
A. Configure the ALLOW_ACCESS group logic to use AND rather than OR.
B. Move the NETWORK_TEAM group to the top of the ALLOW_ACCESS access list.
C. Disable groups nesting for the ALLOW_ACCESS group in the AAA server.
D. Remove the DOMAIN_USERS group from ALLOW_ACCESS group.
Question 777: Which of the following is a random value appended to a credential that makes the credential less susceptible to compromise when hashed?
D. Block cipher