CompTIA SY0-501 CompTIA Security+ Online Training
CompTIA SY0-501 Online Training
The questions for SY0-501 were last updated at Nov 23,2024.
- Exam Code: SY0-501
- Exam Name: CompTIA Security+
- Certification Provider: CompTIA
- Latest update: Nov 23,2024
When considering a third-party cloud service provider, which of the following criteria would be the BEST to include in the security assessment process? (Choose two.)
- A . Use of performance analytics
- B . Adherence to regulatory compliance
- C . Data retention policies
- D . Size of the corporation
- E . Breadth of applications support
Which of the following occurs when the security of a web application relies on JavaScript for input validation?
- A . The integrity of the data is at risk.
- B . The security of the application relies on antivirus.
- C . A host-based firewall is required.
- D . The application is vulnerable to race conditions.
An analyst is reviewing a simple program for potential security vulnerabilities before being deployed to a Windows server.
Given the following code:
Which of the following vulnerabilities is present?
- A . Bad memory pointer
- B . Buffer overflow
- C . Integer overflow
- D . Backdoor
An organization’s file server has been virtualized to reduce costs.
Which of the following types of backups would be MOST appropriate for the particular file server?
- A . Snapshot
- B . Full
- C . Incremental
- D . Differential
A wireless network uses a RADIUS server that is connected to an authenticator, which in turn connects to a supplicant.
Which of the following represents the authentication architecture in use?
- A . Open systems authentication
- B . Captive portal
- C . RADIUS federation
- D . 802.1x
An employer requires that employees use a key-generating app on their smartphones to log into corporate applications.
In terms of authentication of an individual, this type of access policy is BEST defined as:
- A . Something you have.
- B . Something you know.
- C . Something you do.
- D . Something you are.
Adhering to a layered security approach, a controlled access facility employs security guards who verify the authorization of all personnel entering the facility.
Which of the following terms BEST describes the security control being employed?
- A . Administrative
- B . Corrective
- C . Deterrent
- D . Compensating
A security analyst is hardening a web server, which should allow a secure certificate-based session using the organization’s PKI infrastructure. The web server should also utilize the latest security techniques and standards.
Given this set of requirements, which of the following techniques should the analyst implement to BEST meet these requirements? (Choose two.)
- A . Install an X- 509-compliant certificate.
- B . Implement a CRL using an authorized CA.
- C . Enable and configure TLS on the server.
- D . Install a certificate signed by a public CA.
- E . Configure the web server to use a host header.
A manager wants to distribute a report to several other managers within the company. Some of them reside in remote locations that are not connected to the domain but have a local server. Because there is sensitive data within the report and the size of the report is beyond the limit of the email attachment size, emailing the report is not an option.
Which of the following protocols should be implemented to distribute the report securely? (Choose three.)
- A . S/MIME
- B . SSH
- C . SNMPv3
- D . FTPS
- E . SRTP
- F . HTTPS
- G . LDAPS
An auditor is reviewing the following output from a password-cracking tool:
Which of the following methods did the auditor MOST likely use?
- A . Hybrid
- B . Dictionary
- C . Brute force
- D . Rainbow table
Latest SY0-501 Dumps Valid Version with 1130 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
