Enjoy 15% Discount With Coupon 15off

CompTIA SY0-501 CompTIA Security+ Online Training

CompTIA SY0-501 CompTIA Security+ Online Training

CompTIA SY0-501 Online Training

The questions for SY0-501 were last updated at Nov 23,2024.
  • Exam Code: SY0-501
  • Exam Name: CompTIA Security+
  • Certification Provider: CompTIA
  • Latest update: Nov 23,2024
Question #61

A company is terminating an employee for misbehavior.

Which of the following steps is MOST important in the process of disengagement from this employee?

  • A . Obtain a list of passwords used by the employee.
  • B . Generate a report on outstanding projects the employee handled.
  • C . Have the employee surrender company identification.
  • D . Have the employee sign an NDA before departing.

Reveal Solution Hide Solution

Correct Answer: C
Question #62

A company is developing a new secure technology and requires computers being used for development to be isolated.

Which of the following should be implemented to provide the MOST secure environment?

  • A . A perimeter firewall and IDS
  • B . An air gapped computer network
  • C . A honeypot residing in a DMZ
  • D . An ad hoc network with NAT
  • E . A bastion host

Reveal Solution Hide Solution

Correct Answer: B
Question #63

Which of the following is an important step to take BEFORE moving any installation packages from a test environment to production?

  • A . Roll back changes in the test environment
  • B . Verify the hashes of files
  • C . Archive and compress the files
  • D . Update the secure baseline

Reveal Solution Hide Solution

Correct Answer: B
Question #64

A user clicked an email link that led to a website than infected the workstation with a virus. The virus encrypted all the network shares to which the user had access. The virus was not deleted or blocked by the company’s email filter, website filter, or antivirus.

Which of the following describes what occurred?

  • A . The user’s account was over-privileged.
  • B . Improper error handling triggered a false negative in all three controls.
  • C . The email originated from a private email server with no malware protection.
  • D . The virus was a zero-day attack.

Reveal Solution Hide Solution

Correct Answer: D
Question #65

An organization wishes to provide better security for its name resolution services.

Which of the following technologies BEST supports the deployment of DNSSEC at the organization?

  • A . LDAP
  • B . TPM
  • C . TLS
  • D . SSL
  • E . PKI

Reveal Solution Hide Solution

Correct Answer: C
Question #66

A company hires a consulting firm to crawl its Active Directory network with a non-domain account looking for unpatched systems. Actively taking control of systems is out of scope, as is the creation of new administrator accounts.

For which of the following is the company hiring the consulting firm?

  • A . Vulnerability scanning
  • B . Penetration testing
  • C . Application fuzzing
  • D . User permission auditing

Reveal Solution Hide Solution

Correct Answer: A
Question #67

An administrator is replacing a wireless router. The configuration of the old wireless router was not documented before it stopped functioning. The equipment connecting to the wireless network uses older legacy equipment that was manufactured prior to the release of the 802.11i standard.

Which of the following configuration options should the administrator select for the new wireless router?

  • A . WPA+CCMP
  • B . WPA2+CCMP
  • C . WPA+TKIP
  • D . WPA2+TKIP

Reveal Solution Hide Solution

Correct Answer: C
Question #68

An application team is performing a load-balancing test for a critical application during off-hours and has requested access to the load balancer to review which servers are up without having the administrator on call. The security analyst is hesitant to give the application team full access due to other critical applications running on the load balancer.

Which of the following is the BEST solution for security analyst to process the request?

  • A . Give the application team administrator access during off-hours.
  • B . Disable other critical applications before granting the team access.
  • C . Give the application team read-only access.
  • D . Share the account with the application team.

Reveal Solution Hide Solution

Correct Answer: C
Question #69

Which of the following cryptographic attacks would salting of passwords render ineffective?

  • A . Brute force
  • B . Dictionary
  • C . Rainbow tables
  • D . Birthday

Reveal Solution Hide Solution

Correct Answer: C
Question #70

A security analyst is hardening an authentication server. One of the primary requirements is to ensure there is mutual authentication and delegation.

Given these requirements, which of the following technologies should the analyst recommend and configure?

  • A . LDAP services
  • B . Kerberos services
  • C . NTLM services
  • D . CHAP services

Reveal Solution Hide Solution

Correct Answer: B
B

Explanation:

Only Kerberos that can do Mutual Auth and Delegation.
Previous Questions Next Questions
Latest SY0-501 Dumps Valid Version with 1130 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download SY0-501 PDF
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments

Related Posts

18Oct

CompTIA CS0-002 CompTIA Cybersecurity Analyst (CySA+) Certification Exam Online Training

Question #1 A security analyst is reviewing the network security monitoring logs listed below: Which of the following is the analyst... read more

07Sep

CompTIA 220-1102 CompTIA A+ Certification Core 2 Exam Online Training

Question #1 A user contacts a technician about an issue with a laptop. The user states applications open without being launched... read more

04Sep

CompTIA N10-008 CompTIA Network+Exam Online Training

Question #1 A systems administrator needs to improve WiFi performance in a densely populated office tower and use the latest standard.... read more

30Aug

CompTIA CV0-004 CompTIA Cloud+ (2024) Online Training

Question #1 An engineer made a change to an application and needs to select a deployment strategy that meets the following... read more

25Feb

CompTIA CS0-003 CompTIA Cybersecurity Analyst (CySA+) Exam Online Training

Question #1 A recent zero-day vulnerability is being actively exploited, requires no user interaction or privilege escalation, and has a significant... read more

19Nov

CompTIA CV0-003 CompTIA Cloud+ Certification Exam Online Training

Question #1 A company has decided to scale its e-commerce application from its corporate datacenter to a commercial cloud provider to... read more

13Sep

CompTIA FC0-U61 CompTIA IT Fundamentals+ Certification Exam Online Training

Question #1 Which of the following is primarily a confidentiality concern? A . EavesdroppingB . ImpersonatingC . DestructingD . Altering read more

21Aug

CompTIA SY0-701 CompTIA Security+ Online Training

Question #1 Which of the following threat actors is the most likely to be hired by a foreign government to attack... read more

13Oct

CompTIA PK0-004 CompTIA Project + Online Training

Question #1 A project manager is attempting to establish the proper sequencing and duration of project activities. Which of the following... read more

13Oct

CompTIA PT0-001 CompTIA PenTest+ Certification Exam Online Training

Question #1 A penetration tester has successfully exploited a Windows host with low privileges and found directories with the following permissions:... read more