The latest CompTIA Security+ (SY0-501) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.
Exam Question 81
A security analyst wants to harden the company’s VoIP PBX. The analyst is worried that credentials may be intercepted and compromised when IP phones authenticate with the BPX. Which of the following would best prevent this from occurring?
A. Implement SRTP between the phones and the PBX.
B. Place the phones and PBX in their own VLAN.
C. Restrict the phone connections to the PBX.
D. Require SIPS on connections to the PBX.
Correct Answer:
A. Implement SRTP between the phones and the PBX.
Exam Question 82
An organization is comparing and contrasting migration from its standard desktop configuration to the newest version of the platform. Before this can happen, the Chief Information Security Officer (CISO) voices the need to evaluate the functionality of the newer desktop platform to ensure interoperability with existing software in use by the organization. In which of the following principles of architecture and design is the CISO engaging?
A. Dynamic analysis
B. Change management
C. Baselining
D. Waterfalling
Correct Answer:
B. Change management
Exam Question 83
A security administrator suspects a MITM attack aimed at impersonating the default gateway is underway.
Which of the following tools should the administrator use to detect this attack? (Choose two.)
A. Ping
B. Ipconfig
C. Tracert
D. Netstat
E. Dig
F. Nslookup
Correct Answer:
B. Ipconfig
C. Tracert
Exam Question 84
An organization requires users to provide their fingerprints to access an application. To improve security, the application developers intend to implement multifactor authentication. Which of the following should be implemented?
A. Use a camera for facial recognition
B. Have users sign their name naturally
C. Require a palm geometry scan
D. Implement iris recognition
Correct Answer:
B. Have users sign their name naturally
Exam Question 85
A network technician is setting up a segmented network that will utilize a separate ISP to provide wireless access to the public area for a company. Which of the following wireless security methods should the technician implement to provide basic accountability for access to the public network?
A. Pre-shared key
B. Enterprise
C. Wi-Fi Protected setup
D. Captive portal
Correct Answer:
D. Captive portal
Exam Question 86
After a routine audit, a company discovers that engineering documents have been leaving the network on a particular port. The company must allow outbound traffic on this port, as it has a legitimate business use.
Blocking the port would cause an outage. Which of the following technology controls should the company implement?
A. NAC
B. Web proxy
C. DLP
D. ACL
Correct Answer:
C. DLP
Exam Question 87
A security analyst reviews the following output:
File name: somefile.pdf
File MD5: E289F21CD33E4F57890DDEA5CF267ED2
File size: 1.9 Mb
Created by: Jan Smith
Deleted by: Jan Smith
Date deleted: October 01, 2015 8:43:21 EST
The analyst loads the hash into the SIEM to discover if this hash is seen in other parts of the network. After inspecting a large number of files, the security analyst reports the following:
File hash: E289F21CD33E4F57890DDEA5CF267ED2
File found: somestuff.xls, somefile.pdf, nofile.doc
Which of the following is the MOST likely cause of the hash being found in other areas?
A. Jan Smith is an insider threat
B. There are MD5 hash collisions
C. The file is encrypted
D. Shadow copies are present
Correct Answer:
B. There are MD5 hash collisions
Exam Question 88
An organization’s primary datacenter is experiencing a two-day outage due to an HVAC malfunction. The node located in the datacenter has lost power and is no longer operational, impacting the ability of all users to connect to the alternate datacenter. Which of the following BIA concepts BEST represents the risk described in this scenario?
A. SPoF
B. RTO
C. MTBF
D. MTTR
Correct Answer:
A. SPoF
Exam Question 89
A security analyst notices anomalous activity coming from several workstations in the organizations. Upon identifying and containing the issue, which of the following should the security analyst do NEXT?
A. Document and lock the workstations in a secure area to establish chain of custody
B. Notify the IT department that the workstations are to be reimaged and the data restored for reuse
C. Notify the IT department that the workstations may be reconnected to the network for the users to continue working
D. Document findings and processes in the after-action and lessons learned report
Correct Answer:
D. Document findings and processes in the after-action and lessons learned report
Exam Question 90
An information security analyst needs to work with an employee who can answer questions about how data for a specific system is used in the business. The analyst should seek out an employee who has the role of:
A. steward
B. owner
C. privacy officer
D. systems administrator
Correct Answer:
B. owner