CompTIA SY0-501 CompTIA Security+ Online Training
CompTIA SY0-501 Online Training
The questions for SY0-501 were last updated at Nov 23,2024.
- Exam Code: SY0-501
- Exam Name: CompTIA Security+
- Certification Provider: CompTIA
- Latest update: Nov 23,2024
Two users need to send each other emails over unsecured channels. The system should support the principle of non-repudiation.
Which of the following should be used to sign the user’s certificates?
- A . RA
- B . CA
- C . CRL
- D . CSR
Which of the following attack types BEST describes a client-side attack that is used to manipulate an HTML iframe with JavaScript code via a web browser?
- A . Buffer overflow
- B . MITM
- C . XSS
- D . SQLi
An incident responder receives a call from a user who reports a computer is exhibiting symptoms consistent with a malware infection.
Which of the following steps should the responder perform NEXT?
- A . Capture and document necessary information to assist in the response.
- B . Request the user capture and provide a screenshot or recording of the symptoms.
- C . Use a remote desktop client to collect and analyze the malware in real time.
- D . Ask the user to back up files for later recovery.
A senior incident response manager receives a call about some external IPs communicating with internal computers during off hours.
Which of the following types of malware is MOST likely causing this issue?
- A . Botnet
- B . Ransomware
- C . Polymorphic malware
- D . Armored virus
Which of the following technologies employ the use of SAML? (Choose two.)
- A . Single sign-on
- B . Federation
- C . LDAP
- D . Secure token
- E . RADIUS
Which of the following specifically describes the exploitation of an interactive process to access otherwise restricted areas of the OS?
- A . Privilege escalation
- B . Pivoting
- C . Process affinity
- D . Buffer overflow
After a user reports stow computer performance, a systems administrator detects a suspicious file, which was installed as part of a freeware software package.
The systems administrator reviews the output below:
Based on the above information, which of the following types of malware was installed on the user’s computer?
- A . RAT
- B . Keylogger
- C . Spyware
- D . Worm
- E . Bot
Which of the following network vulnerability scan indicators BEST validates a successful, active scan?
- A . The scan job is scheduled to run during off-peak hours.
- B . The scan output lists SQL injection attack vectors.
- C . The scan data identifies the use of privileged-user credentials.
- D . The scan results identify the hostname and IP address.
An analyst wants to implement a more secure wireless authentication for office access points.
Which of the following technologies allows for encrypted authentication of wireless clients over TLS?
- A . PEAP
- B . EAP
- C . WPA2
- D . RADIUS
A
Explanation:
EAP by itself is only an authentication framework.
PEAP (Protected Extensible Authentication Protocol) fully encapsulates EAP and is designed to work within a TLS (Transport Layer Security) tunnel that may be encrypted but is authenticated. The primary motivation behind the creation of PEAP was to help correct the deficiencies discovered within EAP since that protocol assumes that the communications channel is protected. As a result, when EAP messages are able to be discovered in the “clear” they do not provide the protection that was assumed when the protocol was originally authored.
PEAP, EAP-TTLS, and EAP-TLS “protect” inner EAP authentication within SSL/TLS sessions.
When systems, hardware, or software are not supported by the original vendor, it is a vulnerability known as:
- A . system sprawl
- B . end-of-life systems
- C . resource exhaustion
- D . a default configuration
Latest SY0-501 Dumps Valid Version with 1130 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
