Winter 50% Special Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: c4s50disc

SY0-501 PDF

$47.5

$94.99

3 Months Free Update

  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions

SY0-501 PDF + Testing Engine

$70

$139.99

3 Months Free Update

  • Exam Name: CompTIA Security+ Certification Exam
  • Last Update: Mar 8, 2021
  • Questions and Answers: 593
  • Free Real Questions Demo
  • Recommended by Industry Experts
  • Best Economical Package
  • Immediate Access

SY0-501 Engine

$55

$109.99

3 Months Free Update

  • Best Testing Engine
  • One Click installation
  • Recommended by Teachers
  • Easy to use
  • 3 Modes of Learning
  • State of Art Technology
  • 100% Real Questions included

SY0-501 CompTIA Security+ Certification Exam Questions and Answers

Question # 4

A user receives a security alert pop-up from the host-based IDS, and a few minutes later notices a document on the desktop has disappeared and in its place is an odd filename with no icon image. When clicking on this icon, the user receives a system notification that it cannot find the correct program to use to open this file. Which of the following types of malware has MOST likely targeted this workstation?

A.

Rootkit

B.

Spyware

C.

Ransomware

D.

Remote-access Trojan

Full Access
Question # 5

Two companies are enabling TLS on their respective email gateways to secure communications over the Internet. Which of the following cryptography concepts is being implemented?

A.

Perfect forward secrecy

B.

Ephemeral keys

C.

Domain validation

D.

Data in transit

Full Access
Question # 6

A security analyst is emailing PII in a spreadsheet file to an audit validator for after-actions related to a security assessment. The analyst must make sure the PII data is protected with the following minimum requirements:

*Ensure confidentiality at rest.

* Ensure the integrity of the original email message.

Which of the following controls would ensure these data security requirements are carried out?

A.

Encrypt and sign the email using S/MIME.

B.

Encrypt the email and send it using TLS.

C.

Hash the email using SHA-1.

D.

Sign the email using MD5

Full Access
Question # 7

A company is implementing a tool to mask all PII when moving data from a production server to a testing server. Which of the following security techniques is the company applying?

A.

Data wiping

B.

Steganograpgy

C.

Data obfuscation

D.

Data sanitization

Full Access
Question # 8

A security analyst is performing a manual audit of captured data from a packet analyzer. The analyst looks forbase64 encoded strings and applies the filter http.authbasic. Which of the following describes what the analysts looking for?

A.

Unauthorized software

B.

Unencrypted credentials

C.

SSL certificate issues

D.

Authentication tokens

Full Access
Question # 9

Which of the following may indicate a configuration item has reached end-of-life?

A.

The device will no longer turn on and indicates an error

B.

The vendor has not published security patches recently.

C.

The object has been removed from the Active Directory.

D.

Logs show a performance degradation of the component.

Full Access
Question # 10

A security administrator is adding a NAC requirement for all VPN users to ensure the co requirement?

A.

Implement a permanent agent.

B.

Install antivirus software.

C.

Use an agentless implementation.

D.

Implement PKI.

Full Access
Question # 11

An application developer has neglected to include input validation checks in the design of the company’s new web application. An employee discovers that repeatedly submitting large amounts of data, including custom code, to an application will allow the execution of the custom code at the administrator level. Which of the following BEST identifies this application attack?

A.

Cross-site scripting

B.

Clickjacking

C.

Buffer overflow

D.

Replay

Full Access
Question # 12

A cybersecurity administrator needs to add disk redundancy for a critical server. The solution must have a two-drive failure for better fault tolerance. Which of the following RAID levels should the administrator select?

A.

0

B.

1

C.

5

D.

6

Full Access
Question # 13

A technician is investigating a report of unusual behavior and slow performance on a company-owned laptop. The technician runs a command and reviews the following information:

Based on the above information, which of the following types of malware should the technician report?

A.

Spyware

B.

Rootkit

C.

RAT

D.

Logic bomb

Full Access
Question # 14

A user received an SMS on a mobile phone that asked for bank details. Which of the following social-engineering techniques was used in this case?

A.

SPIM

B.

Vishing

C.

Spear phishing

D.

Smishing

Full Access
Question # 15

Which of the following are considered among the BEST indicators that a received message is a hoax? (Choose two.)

A.

Minimal use of uppercase letters in the message

B.

Warnings of monetary loss to the receiver

C.

No valid digital signature from a known security organization

D.

Claims of possible damage to computer hardware

E.

Embedded URLs

Full Access
Question # 16

A company is having Issues with intellectual property being sent to a competitor from its system. The information being sent Is not random but has an identifiable pattern. Which of the following should be implemented in the system to stop the content from being sent?

A.

Encryption

B.

Hashing

C.

IPS

D.

DLP

Full Access
Question # 17

Which of the following explains why a vulnerability scan might return a false positive?

A.

The scan is performed at a time of day when the vulnerability does not exist.

B.

The test Is performed against the wrong host.

C.

The signature matches the product but not the version information.

D.

The hosts are evaluated based on an OS-specific profile.

Full Access
Question # 18

A company recently experienced a security breach. The security start determined that the intrusion was due to an out-of-date proprietary software program running on a non-compliant server The server was imaged and copied onto a hardened VM. with the previous connections re-established. Which of the Mowing Is the NEXT step in the incident response process?

A.

Recovery

B.

Eradication

C.

Lessons learned

D.

Containment

E.

Identification

Full Access
Question # 19

Using a one-time code that has been texted to a smartphone is an example of:

A.

something you have.

B.

something you know.

C.

something you do.

D.

something you are.

Full Access
Question # 20

A security analyst needs to be proactive in understanding the types of attacks that could potentially target the company's executives. Which of the following intelligence sources should the security analyst review?

A.

Vulnerability feeds

B.

Trusted automated exchange of indicator Information

C.

Structured threat information expression

D.

Industry Information-sharing and collaboration groups

Full Access
Question # 21

A government organization recently contacted three different vendors to obtain cost quotes for a desktop PC refresh. The quote from one of the vendors was significantly lower than the other two and was selected for the purchase. When the PCs arrived, a technician determined some NICs had been tampered with. Which of the following MOST accurately describes the security risk presented in this situation?

A.

Hardware root of trust

B.

UEFI

C.

Supply chain

D.

TPM

E.

Crypto-malware

F.

ARP poisoning

Full Access
Question # 22

A security administrator suspects there may be unnecessary services running on a server. Which of the following tools will the administrator MOST likely use to confirm the suspicions?

A.

Nmap

B.

Wireshark

C.

Autopsy

D.

DNSEnum

Full Access
Question # 23

Which of the following is an algorithm family that was developed for use cases in which power consumption and lower computing power are constraints?

A.

Elliptic curve

B.

RSA

C.

Diffie-Hellman

D.

SHA

Full Access
Question # 24

Which of the following BEST explains ‘likelihood of occurrence'?

A.

The chance that an event will happen regardless of how much damage it may cause

B.

The overall impact to the organization once all factors have been considered

C.

The potential for a system to have a weakness or ?aw that might be exploited

D.

The probability that a threat actor will target and attempt to exploit an organization's systems

Full Access
Question # 25

A newly purchased corporate WAP needs to be configured in the MOST secure manner possible.

INSTRUCTIONS

Please click on the below items on the network diagram and configure them accordingly:

  • WAP
  • DHCP Server
  • AAA Server
  • Wireless Controller
  • LDAP Server

If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Full Access
Question # 26

A security administrator is given the security and availability profiles for servers that are being deployed.

  • Match each RAID type with the correct configuration and MINIMUM number of drives.
  • Review the server profiles and match them with the appropriate RAID type based on integrity, availability, I/O, storage requirements. Instructions:
  • All drive definitions can be dragged as many times as necessary
  • Not all placeholders may be filled in the RAID configuration boxes
  • If parity is required, please select the appropriate number of parity checkboxes
  • Server profiles may be dragged only once

If at any time you would like to bring back the initial state of the simulation, please select the Reset button. When you have completed the simulation, please select the Done button to submit. Once the simulation is submitted, please select the Next button to continue.

Full Access
Question # 27

For each of the given items, select the appropriate authentication category from the drop down choices.

Select the appropriate authentication type for the following items:

Full Access
Question # 28

A security administrator wants to implement strong security on the company smart phones and terminal servers located in the data center.

Drag and drop the applicable controls to each asset types?

Instructions: Controls can be used multiple times and not all placeholders need to be filled. When you have completed the simulation, please select the Done button to submit.

Full Access
Question # 29

An attack has occurred against a company.

INSTRUCTIONS

You have been tasked to do the following:

Identify the type of attack that is occurring on the network by clicking on the attacker’s tablet and reviewing the output. (Answer Area 1)

Identify which compensating controls should be implemented on the assets, in order to reduce the effectiveness of future attacks by dragging them to the correct server. (Answer area 2)

All objects will be used, but not all placeholders may be filled. Objects may only be used once.

If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Full Access
Question # 30

A security auditor is reviewing the following output from file integrity monitoring software installed on a very busy server at a large service provider. The server has not been updates since it was installed. Drag and drop the log entry that identifies the first instance of server compromise.

Full Access
Question # 31

Task: Configure the firewall (fill out the table) to allow these four rules:

  • Only allow the Accounting computer to have HTTPS access to the Administrative server.
  • Only allow the HR computer to be able to communicate with the Server 2 System over SCP.
  • Allow the IT computer to have access to both the Administrative Server 1 and Administrative Server 2

Full Access
Question # 32

A forensic analyst is asked to respond to an ongoing network attack on a server. Place the items in the list below in the correct order in which the forensic analyst should preserve them.

Full Access
Question # 33

For each of the given items, select the appropriate authentication category from the dropdown choices.

Instructions: When you have completed the simulation, please select the Done button to submit.

Full Access
Question # 34

You have been tasked with designing a security plan for your company. Drag and drop the appropriate security controls on the floor plan.

Instructions: All objects must be used and all place holders must be filled. Order does not matter. When you have completed the simulation, please select the Done button to submit.

Full Access
Question # 35

Drag and drop the correct protocol to its default port.

Full Access
Question # 36

A security engineer is setting up passwordless authentication for the first time.

INSTRUCTIONS

Use the minimum set of commands to set this up and verify that it works. Commands cannot be reused.

If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Full Access
Question # 37

Task: Determine the types of attacks below by selecting an option from the dropdown list.

Full Access
Question # 38

Leveraging the information supplied below, complete the CSR for the server to set up TLS (HTTPS)

• Hostname: ws01

• Domain: comptia.org

• IPv4: 10.1.9.50

• IPV4: 10.2.10.50

• Root: home.aspx

• DNS CNAME:homesite.

Instructions:

Drag the various data points to the correct locations within the CSR. Extension criteria belong in the let hand column and values belong in the corresponding row in the right hand column.

Full Access
Question # 39

The security administrator has installed a new firewall which implements an implicit DENY policy by default.

INSTRUCTIONS:

Click on the firewall and configure it to allow ONLY the following communication.

1. The Accounting workstation can ONLY access the web server on the public network over the default HTTPS port. The accounting workstation should not access other networks.

2. The HR workstation should be restricted to communicate with the Financial server ONLY, over the default SCP port

3. The Admin workstation should ONLY be able to access the servers on the secure network over the default TFTP port.

Instructions: The firewall will process the rules in a top-down manner in order as a first match The port number must be typed in and only one port number can be entered per rule Type ANY for all ports. The original firewall configuration can be reset at any time by pressing the reset button. Once you have met the simulation requirements, click save and then Done to submit.

Hot Area:

Full Access
Question # 40

A security administrator has been tasked with implementing controls that meet management goals. Drag and drop the appropriate control used to accomplish the account management goal. Options may be used once or not at all.

Full Access
Question # 41

A company recently added a DR site and is redesigning the network. Users at the DR site are having issues browsing websites.

INSTRUCTIONS

Click on each firewall to do the following:

1. Deny cleartext web traffic

2. Ensure secure management protocols are used.

3. Resolve issues at the DR site.

The ruleset order cannot be modified due to outside constraints.

Hat any time you would like to bring back the initial state of the simulation, please dick the Reset All button.

Full Access
Question # 42

A security administrator discovers that an attack has been completed against a node on the corporate network. All available logs were collected and stored.

You must review all network logs to discover the scope of the attack, check the box of the node(s) that have been compromised and drag and drop the appropriate actions to complete the incident response on the network. The environment is a critical production environment; perform the LEAST disruptive actions on the network, while still performing the appropriate incid3nt responses.

Instructions: The web server, database server, IDS, and User PC are clickable. Check the box of the node(s) that have been compromised and drag and drop the appropriate actions to complete the incident response on the network. Not all actions may be used, and order is not important. If at any time you would like to bring back the initial state of the simulation, please select the Reset button. When you have completed the simulation, please select the Done button to submit. Once the simulation is submitted, please select the Next button to continue.

Full Access
Question # 43

Select the appropriate attack from each drop down list to label the corresponding illustrated attack.

Instructions: Attacks may only be used once, and will disappear from drop down list if selected. When you have completed the simulation, please select the Done button to submit.

Full Access
Question # 44

Select the appropriate attack and remediation from each drop-down list to label the corresponding attack with its remediation.

INSTRUCTIONS

Not all attacks and remediation actions will be used. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Full Access
Question # 45

You have just received some room and WiFi access control recommendations from a security consulting company. Click on each building to bring up available security controls. Please implement the following requirements:

The Chief Executive Officer's (CEO) office had multiple redundant security measures installed on the door to the office. Remove unnecessary redundancies to deploy three-factor authentication, while retaining the expensive iris render.

The Public Cafe has wireless available to customers. You need to secure the WAP with WPA and place a passphrase on the customer receipts.

In the Data Center you need to include authentication from the "something you know" category and take advantage of the existing smartcard reader on the door.

In the Help Desk Office, you need to require single factor authentication through the use of physical tokens given to guests by the receptionist.

The PII Office has redundant security measures in place. You need to eliminate the redundancy while maintaining three-factor authentication and retaining the more expensive controls.

Instructions: The original security controls for each office can be reset at any time by selecting the Reset button. Once you have met the above requirements for each office, select the Save button. When you have completed the entire simulation, please select the Done button to submit. Once the simulation is submitted, please select the Next button to continue.

Full Access
Question # 46

A company has purchased a new SaaS application and is in the process of configuring it to meet the company’s needs. The director of security has requested that the SaaS application be integrated into the company’s IAM processes. Which of the following configurations should the security administrator set up in order to complete this request?

A.

LDAP

B.

RADIUS

C.

SAML

D.

NTLM

Full Access
Question # 47

A systems administrator wants to configure an enterprise wireless solution that supports authentication over HTTPS and wireless encryption using AES. Which of the following should the administrator configure to support these requirements? (Select TWO).

A.

802.1X

B.

RADIUS federation

C.

WPS

D.

Captive portal

E.

WPA2

F.

WDS

Full Access
Question # 48

A manager makes an unannounced visit to the marketing department and performs a walk-through of the office. The manager observes unclaimed documents on printers. A closer look at these documents reveals employee names, addresses, ages, birth dates, marital/dependent statuses, and favorite ice cream flavors. The manager brings this to the attention of the marketing department head. The manager believes this information to be PII, but the marketing head does not agree. Having reached a stalemate, which of the following is the MOST appropriate action to take NEXT?

A.

Elevate to the Chief Executive Officer (CEO) for redress; change from the top down usually succeeds.

B.

Find the privacy officer in the organization and let the officer act as the arbiter.

C.

Notify employees whose names are on these files that their personal information is being compromised.

D.

To maintain a working relationship with marketing, quietly record the incident in the risk register.

Full Access
Question # 49

The president of a company that specializes in military contracts receives a request for an interview. During the interview, the reporter seems more interested in discussing the president's family life and personal history than the details of a recent company success. Which of the following security concerns is this MOST likely an example of?

A.

Insider threat

B.

Social engineering

C.

Passive reconnaissance

D.

Phishing

Full Access
Question # 50

On which of the following is the live acquisition of data for forensic analysis MOST dependent? (Select TWO).

A.

Data accessibility

B.

Legal hold

C.

Cryptographic or hash algorithm

D.

Data retention legislation

E.

Value and volatility of data

F.

Right-to-audit clauses

Full Access
Question # 51

A Chief Information Security Officer (CISO) asks the security architect to design a method for contractors to access the company’s internal network securely without allowing access to systems beyond the scope of their project. Which of the following methods would BEST fit the needs of the CISO?

A.

VPN

B.

PaaS

C.

IaaS

D.

VDI

Full Access
Question # 52

A systems analyst is responsible for generating a new digital forensics chain-of-custody form. Which of the following should the analyst include in this documentation? (Select TWO)

A.

The order of volatility

B.

A checksum

C.

The location of the artifacts

D.

The vendor's name

E.

The date and time

F.

A warning banner

Full Access