CompTIA SY0-501 CompTIA Security+ Online Training
CompTIA SY0-501 Online Training
The questions for SY0-501 were last updated at Nov 23,2024.
- Exam Code: SY0-501
- Exam Name: CompTIA Security+
- Certification Provider: CompTIA
- Latest update: Nov 23,2024
A company has three divisions, each with its own networks and services. The company decides to make its secure web portal accessible to all employees utilizing their existing usernames and passwords. The security administrator has elected to use SAML to support authentication.
In this scenario, which of the following will occur when users try to authenticate to the portal? (Choose two.)
- A . The portal will function as a service provider and request an authentication assertion.
- B . The portal will function as an identity provider and issue an authentication assertion.
- C . The portal will request an authentication ticket from each network that is transitively trusted.
- D . The back-end networks will function as an identity provider and issue an authentication assertion.
- E . The back-end networks will request authentication tickets from the portal, which will act as the third-party service provider authentication store.
- F . The back-end networks will verify the assertion token issued by the portal functioning as the identity provider.
Which of the following is the BEST explanation of why control diversity is important in a defense-in-depth architecture?
- A . Social engineering is used to bypass technical controls, so having diversity in controls minimizes the risk of demographic exploitation
- B . Hackers often impact the effectiveness of more than one control, so having multiple copies of individual controls provides redundancy
- C . Technical exploits to defeat controls are released almost every day; control diversity provides overlapping protection.
- D . Defense-in-depth relies on control diversity to provide multiple levels of network hierarchy that allow user domain segmentation
A system administrator wants to provide balance between the security of a wireless network and usability. The administrator is concerned with wireless encryption compatibility of older devices used by some employees.
Which of the following would provide strong security and backward compatibility when accessing the wireless network?
- A . Open wireless network and SSL VPN
- B . WPA using a preshared key
- C . WPA2 using a RADIUS back-end for 802.1x authentication
- D . WEP with a 40-bit key
An information security specialist is reviewing the following output from a Linux server.
Based on the above information, which of the following types of malware was installed on the server?
- A . Logic bomb
- B . Trojan
- C . Backdoor
- D . Ransomware
- E . Rootkit
In terms of encrypting data, which of the following is BEST described as a way to safeguard password data by adding random data to it in storage?
- A . Using salt
- B . Using hash algorithms
- C . Implementing elliptical curve
- D . Implementing PKI
A system administrator wants to provide for and enforce wireless access accountability during events where external speakers are invited to make presentations to a mixed audience of employees and non-employees.
Which of the following should the administrator implement?
- A . Shared accounts
- B . Preshared passwords
- C . Least privilege
- D . Sponsored guest
Which of the following would MOST likely appear in an uncredentialed vulnerability scan?
- A . Self-signed certificates
- B . Missing patches
- C . Auditing parameters
- D . Inactive local accounts
A security analyst observes the following events in the logs of an employee workstation:
Given the information provided, which of the following MOST likely occurred on the workstation?
- A . Application whitelisting controls blocked an exploit payload from executing.
- B . Antivirus software found and quarantined three malware files.
- C . Automatic updates were initiated but failed because they had not been approved.
- D . The SIEM log agent was not tuned properly and reported a false positive.
When identifying a company’s most valuable assets as part of a BIA, which of the following should be the FIRST priority?
- A . Life
- B . Intellectual property
- C . Sensitive data
- D . Public reputation
An organization needs to implement a large PKI. Network engineers are concerned that repeated
transmission of the OCSP will impact network performance.
Which of the following should the security analyst recommend is lieu of an OCSP?
- A . CSR
- B . CRL
- C . CA
- D . OID