Father's Day Flat 55% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 63r59951

SY0-501 CompTIA Security+ Certification Exam Questions and Answers

Questions 4

A security administrator is given the security and availability profiles for servers that are being deployed.

  • Match each RAID type with the correct configuration and MINIMUM number of drives.
  • Review the server profiles and match them with the appropriate RAID type based on integrity, availability, I/O, storage requirements. Instructions:
  • All drive definitions can be dragged as many times as necessary
  • Not all placeholders may be filled in the RAID configuration boxes
  • If parity is required, please select the appropriate number of parity checkboxes
  • Server profiles may be dragged only once

If at any time you would like to bring back the initial state of the simulation, please select the Reset button. When you have completed the simulation, please select the Done button to submit. Once the simulation is submitted, please select the Next button to continue.

Options:

Buy Now
Questions 5

A company recently added a DR site and is redesigning the network. Users at the DR site are having issues browsing websites.

INSTRUCTIONS

Click on each firewall to do the following:

1. Deny cleartext web traffic

2. Ensure secure management protocols are used.

3. Resolve issues at the DR site.

The ruleset order cannot be modified due to outside constraints.

Hat any time you would like to bring back the initial state of the simulation, please dick the Reset All button.

Options:

Buy Now
Questions 6

A forensic analyst is asked to respond to an ongoing network attack on a server. Place the items in the list below in the correct order in which the forensic analyst should preserve them.

Options:

Buy Now
Questions 7

For each of the given items, select the appropriate authentication category from the dropdown choices.

Instructions: When you have completed the simulation, please select the Done button to submit.

Options:

Buy Now
Questions 8

A developer is creating a new web application on a public cloud platform and wants to ensure the application can respond to increase in load while minimizing costs during periods of low usage. Which of the following strategies is MOST relevant to the use-case?

Options:

A.

Elasticity

B.

Redundancy

C.

High availability

D.

Non-persistence

Buy Now
Questions 9

An attack has occurred against a company.

INSTRUCTIONS

You have been tasked to do the following:

Identify the type of attack that is occurring on the network by clicking on the attacker’s tablet and reviewing the output. (Answer Area 1)

Identify which compensating controls should be implemented on the assets, in order to reduce the effectiveness of future attacks by dragging them to the correct server. (Answer area 2)

All objects will be used, but not all placeholders may be filled. Objects may only be used once.

If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Options:

Buy Now
Questions 10

You have just received some room and WiFi access control recommendations from a security consulting company. Click on each building to bring up available security controls. Please implement the following requirements:

The Chief Executive Officer's (CEO) office had multiple redundant security measures installed on the door to the office. Remove unnecessary redundancies to deploy three-factor authentication, while retaining the expensive iris render.

The Public Cafe has wireless available to customers. You need to secure the WAP with WPA and place a passphrase on the customer receipts.

In the Data Center you need to include authentication from the "something you know" category and take advantage of the existing smartcard reader on the door.

In the Help Desk Office, you need to require single factor authentication through the use of physical tokens given to guests by the receptionist.

The PII Office has redundant security measures in place. You need to eliminate the redundancy while maintaining three-factor authentication and retaining the more expensive controls.

Instructions: The original security controls for each office can be reset at any time by selecting the Reset button. Once you have met the above requirements for each office, select the Save button. When you have completed the entire simulation, please select the Done button to submit. Once the simulation is submitted, please select the Next button to continue.

Options:

Buy Now
Questions 11

Moving laterally within a network once an initial exploit is used to gain persistent access for the purpose of establishing further control of a system is known as:

Options:

A.

pivoting.

B.

persistence.

C.

active reconnaissance.

D.

a backdoor.

Buy Now
Questions 12

A Chief Security Officer (CSO) has implemented a policy to prevent the reuse of hard drives due to the risk of information spillage to unauthorized users. Which of the following would be the MOST practical process to decommission the workstations?

Options:

A.

Remove all the hard drives and dispose of them in the trash.

B.

Remove all the hard drives and shred the disks.

C.

Remove all the hard drives and degauss them.

D.

Remove all the hard drives and purge them.

Buy Now
Questions 13

A security administrator is investigating a possible account compromise. The administrator logs onto a desktop computer, executes the command notepad.exe c:\Temp\qkakforlkgfkja.1og, and reviews the following:

Lee,\rI have completed the task that was assigned to me\rrespectfully\rJohn\r

https://www.portal.com\rjohnuser\rilovemycat2

Given the above output, which of the following is the MOST likely cause of this compromise?

Options:

A.

Virus

B.

Worm

C.

Rootkit

D.

Keylogger

Buy Now
Questions 14

An administrator needs to protect rive websites with SSL certificates Three of the websites have different domain names, and two of the websites share the domain name but have different subdomain prefixes. Which of the following SSL certificates should the administrator purchase to protect all the websites and be able to administer them easily at a later time?

Options:

A.

One SAN certificate

B.

One Unified Communications Certificate and one wildcard certificate

C.

One wildcard certificate and two standard certificates

D.

Five standard certificates

Buy Now
Questions 15

Task: Determine the types of attacks below by selecting an option from the dropdown list.

Options:

Buy Now
Questions 16

A network administrator is configuring a honeypot in a company's DMZ To provide a method for hackers to access the system easily, the company needs to configure a plaintext authentication method that will send only the username and password to a service in the honeypot. Which of the following protocols should the company use?

Options:

A.

OAuth

B.

PAP

C.

RADIUS

D.

Shibboleth

Buy Now
Questions 17

Which of the following models is considered an iterative approach with frequent testing?

Options:

A.

Agile

B.

Waterfall

C.

DevOps

D.

Sandboxing

Buy Now
Questions 18

An organization is setting up a satellite office and wishes to extend the corporate network to the new site. Which of the following is the BEST solution to allow the users to access corporate resources while focusing on usability and security?

Options:

A.

Federated services

B.

Single sign-on

C.

Site-to-site VPN

D.

SSL accelerators

Buy Now
Questions 19

An internal intranet site is required to authenticate users and restrict access to content to only those who are authorized to view it The site administrator previously encountered issues with credential spoofing when using the default NTLM setting and wants to move to a system that will be more resilient to replay attacks Which of the following should the administrator implement?

Options:

A.

NTLMv2

B.

TACACS+

C.

Kerberos

D.

Shibboleth

Buy Now
Questions 20

A system uses an application server and database server Employing the principle of least privilege, only database administrators are given administrative privileges on the database server, and only application team members are given administrative privileges on the application server. Audit and log file reviews are performed by the business unit (a separate group from the database and application teams).

The organization wants to optimize operational efficiency when application or database changes are needed, but it also wants to enforce least privilege, prevent modification of log files, and facilitate the audit and log review performed by the business unit. Which of the following approaches would BEST meet the organization's goals?

Options:

A.

Restrict privileges on the log file directory to "read only" and use a service account to send a copy of these files to the business unit.

B.

Switch administrative privileges for the database and application servers. Give the application team administrative privileges on the database servers and the database team administrative privileges on the application

servers.

C.

Remove administrative privileges from both the database and application servers, and give the business unit "read only" privileges on the directories where the log files are kept.

D.

Give the business unit administrative privileges on both the database and application servers so they can Independently monitor server activity.

Buy Now
Questions 21

An organization wants to control user accounts and privileged access to database servers. The organization wants to create an audit trail of account requests and approval. but also wants to facilitate operational efficiency when account and access changes are needed. The organization has the following account management practices:

Which of the following should the security consultant configure in the MDM policies for the tables? (Select TWO.)

Options:

A.

Remote wipe

B.

Cable locks

C.

Screen locks

D.

Geofencing

E.

GPS tagging

F.

Carrier unlocking

Buy Now
Questions 22

A technician is installing a new SIEM and is configuring the system to count the number of times an event occurs at a specific logical location before the system takes action. Which of the following BEST describes the feature being configured by the technician?

Options:

A.

Correlation

B.

Aggregation

C.

Event deduplication

D.

Flood guard

Buy Now
Questions 23

A corporation with 35,000 employees replaces its staff laptops every three years. The social responsibility director would like to reduce the organization's carbon footprint and e-waste by donating the old equipment to a charity. Which of the following would be the MOST cost- and time-effective way for the corporation to prevent accidental disclosure of data and minimize additional cost to the charity?

Options:

A.

Wiping

B.

Formatting

C.

SSD shredding

D.

Degaussing

Buy Now
Questions 24

A company moved into a new building next to a sugar mil. Cracks have been discovered in the walls of the server room, which is located on the same side as the sugar mill loading docks. The cracks are believed to have been caused by heavy trucks. Moisture has begun to seep into the server room, causing extreme humidification problems and equipment failure. Which of the following BEST describes the type of threat the organization faces?

Options:

A.

Foundational

B.

Man-made

C.

Environmental

D.

Natural

Buy Now
Questions 25

A company's IT staff is given the task of securely disposing of 100 server HDDs. The security team informs the IT staff that the data must not be accessible by a third party after disposal. Which of the following is the MOST time-efficient method to achieve this goal?

Options:

A.

Use a degausser to sanitize the drives.

B.

Remove the platters from the HDDs and shred them.

C.

Perform a quick format of the HDD drives.

D.

Use software to zero fill all of the hard drives.

Buy Now
Questions 26

A company needs to implement an on-premises system that allows partner organizations to exchange order and inventory data electronically with the company over the Internet. The security architect must ensure the data is protected while minimizing the overhead associated with managing individual partner connections. Which of the following should the security architect recommend?

Options:

A.

Deploy an encrypted SaaS file-sharing service

B.

Set up site-to-site VPNs using ACLs

C.

Develop and publish a RESTful API

D.

Implement an authenticated SFTP server

Buy Now
Questions 27

A user from the financial aid office is having trouble interacting with the finaid directory on the university’s ERP system. The systems administrator who took the call ran a command and received the following output:

Subsequently, the systems administrator has also confirmed the user is a member of the finaid group on the ERP system.

Which of the following is the MOST likely reason for the issue?

Options:

A.

The permissions on the finaid directory should be drwxrwxrwx.

B.

The problem is local to the user, and the user should reboot the machine.

C.

The files on the finaid directory has an improper group assignment.

D.

The finaid directory should be d---rwx---

Buy Now
Questions 28

A systems developer needs to provide machine-to-machine interface between an application and a database server in the production environment. This interface will exchange data once per day. Which of the following access control account practices would BEST be used in this situation?

Options:

A.

Establish a privileged interface group and apply read-write permission to the members of that group.

B.

Submit a request for account privilege escalation when the data needs to be transferred.

C.

Install the application and database on the same server and add the interface to the local administrator group.

D.

Use a service account and prohibit users from accessing this account for development work.

Buy Now
Questions 29

An administrator is setting up automated remote file transfers to another organization. The other organization has the following requirements for the connection protocol:

• Encryption in transit is required.

• Mutual authentication must be used.

• Certificate authentication must be used (no passwords).

Which of the following should the administrator choose?

Options:

A.

SNMPv3

B.

SFTP

C.

TLS

D.

LDAPS

E.

SRTP

Buy Now
Questions 30

Joe. a network administrator, ran a utility to perform banner grabbing to look for an older version of FTP service running on the servers. Which of the following BEST describes the underlying purpose of this approach?

Options:

A.

Identify lack of security controls

B.

Identify misconfigurations

C.

Identify vulnerabilities

D.

Identify poor firewall rules

Buy Now
Questions 31

A state-sponsored threat actor has launched several successful attacks against a corporate network. Although the target has a robust patch management program in place, the attacks continue in depth and scope, and the security department has no idea how the attacks are able to gain access. Given that patch management and vulnerability scanners are being used, which of the following would be used to analyze the attack methodology?

Options:

A.

Rogue system detection

B.

Honeypots

C.

Next-generation firewall

D.

Penetration test

Buy Now
Questions 32

An attacker has gained control of several systems on the Internet and is using them to attach a website, causing it to stop responding to legitimate traffic Which of the following BEST describes the attack?

Options:

A.

MITM

B.

DNS poisoning

C.

Buffer overflow

D.

DDoS

Buy Now
Questions 33

When choosing a hashing algorithm for storing passwords in a web server database, which of the following is the BEST explanation for choosing HMAC-MD5 over simple MD5?

Options:

A.

HMAC provides hardware acceleration thus speeding up authentication

B.

HMAC adds a transport layer handshake which improves authentication

C.

HMAC-MD5 can be decrypted taster speeding up performance

D.

HMAC-M05 is more resistant to brute forcing

Buy Now
Questions 34

The Chief Information Officer (CIO) has heard concerns from the business and the help desk about frequent user account lockouts Which of the following account management practices should be modified to ease the burden?

Options:

A.

Password complexity

B.

Account disablement

C.

False-rejection rate

D.

Time-of-day restrictions

Buy Now
Questions 35

An organization requires three separate factors for authentication to sensitive systems. Which of the following would BEST satisfy the requirement?

Options:

A.

Fingerprint. PIN. and mother's maiden name

B.

One-time password sent to a smartphone thumbprint. and home street address

C.

Fingerprint. voice recognition, and password

D.

Password, one-time password sent to a smartphone. and text message sent to a smartphone

Buy Now
Questions 36

Which of the following BEST explains the reason why a server administrator would place a document named password.txt on the desktop of an administrator account on a server?

Options:

A.

The document is a honeyfile and is meant to attract the attention of a cyberintruder.

B.

The document is a backup file if the system needs to be recovered

C.

The document is a standard file that the OS needs to verify the login credentials.

D.

The document is a keylogger that stores all keystrokes should the account be compromised.

Buy Now
Questions 37

The phones at a business are being replaced with VoIP phones that get plugged in-line between the switch and PC The voice and data networks still need to be kept separate. Which of the following would allow for this?

Options:

A.

NAT

B.

Intranet

C.

Subnetting

D.

VLAN

Buy Now
Questions 38

In which of the following risk management strategies would cybersecurity insurance be used?

Options:

A.

Transference

B.

Avoidance

C.

Acceptance

D.

Mitigation

Buy Now
Questions 39

A member of the human resources department is searching for candidate resumes and encounters the following error message when attempting to access popular job search websites:

Which of the following would resolve this issue without compromising the company's security policies?

Options:

A.

Renew the DNS settings and IP address on the employee's computer.

B.

Add the employee to a less restrictive group on the content filter.

C.

Remove the proxy settings from the employee's web browser.

D.

Create an exception for the job search sites in the host-based firewall on the employee's computer.

Buy Now
Questions 40

A security analyst needs a solution that can execute potential malware in a restricted and isolated environment for analysis. In which of the following technologies is the analyst interested?

Options:

A.

Sandboxing

B.

Staging

C.

DMZ

D.

Honeypot

Buy Now
Questions 41

A company uses WPA2-PSK. and it appears there are multiple unauthorized devices connected to the wireless network A technician suspects this is because the wireless password has been shared with unauthorized individuals. Which of the following should the technician implement to BEST reduce the risk of this happening in the future?

Options:

A.

Wireless guest isolation

B.

802.1X

C.

WPS

D.

MAC address blacklist

Buy Now
Questions 42

The exploitation of a buffer-overrun vulnerability in an application will MOST likely lead to:

Options:

A.

arbitrary code execution.

B.

resource exhaustion.

C.

exposure of authentication credentials.

D.

dereferencing of memory pointers.

Buy Now
Questions 43

During a routine check, a security analyst discovered the script responsible for the backup of the corporate file server had been changed to the following.

Which of the following BEST describes the type of malware the analyst discovered?

Options:

A.

Key logger

B.

Rootkit

C.

RAT

D.

Logic bomb

Buy Now
Questions 44

A technician needs to prevent data loss in a laboratory. The laboratory is not connected to any external networks. Which of the following methods would BEST prevent the exfiltration of data? (Select TWO).

Options:

A.

VPN

B.

Drive encryption

C.

Network firewall

D.

File-level encryption

E.

USB blocker

F.

MFA

Buy Now
Questions 45

Which of the following agreement types is a non-contractual agreement between two or more parties and outlines each party’s requirements and responsibilities?

Options:

A.

BPA

B.

SLA

C.

MOU

D.

ISA

Buy Now
Questions 46

An organization needs to integrate with a third-party cloud application. The organization has 15000 users and does not want to allow the cloud provider to query its LDAP authentication server directly. Which of the following is the BEST way for the organization to integrate with the cloud application?

Options:

A.

Upload a separate list of users and passwords with a batch import.

B.

Distribute hardware tokens to the users for authentication to the cloud.

C.

Implement SAML with the organization’s server acting as the identity provider.

D.

Configure a RADIUS federation between the organization and the cloud provider.

Buy Now
Questions 47

After a security assessment was performed on the enterprise network, it was discovered that:

  • Configuration changes have been made by users without the consent of IT.
  • Network congestion has increased due to the use of social media.
  • Users are accessing file folders and network shares that are beyond the scope of their need to know.

Which of the following BEST describe the vulnerabilities that exist in this environment? (Choose two.)

Options:

A.

Poorly trained users

B.

Misconfigured WAP settings

C.

Undocumented assets

D.

Improperly configured accounts

E.

Vulnerable business processes

Buy Now
Questions 48

Which of the following BEST explains ‘likelihood of occurrence'?

Options:

A.

The chance that an event will happen regardless of how much damage it may cause

B.

The overall impact to the organization once all factors have been considered

C.

The potential for a system to have a weakness or flaw that might be exploited

D.

The probability that a threat actor will target and attempt to exploit an organization's systems

Buy Now
Questions 49

Which of the following is the MOST likely motivation for a script kiddie threat actor?

Options:

A.

Financial gain

B.

Notoriety

C.

Political expression

D.

Corporate espionage

Buy Now
Questions 50

An organization uses an antivirus scanner from Company A on its firewall, an email system antivirus scanner from Company B. and an endpoint antivirus scanner from Company C. This is an example of:

Options:

A.

unified threat management.

B.

an OVAL system.

C.

vendor diversity.

D.

alternate processing sites.

Buy Now
Questions 51

An auditor requiring an organization to perform real-time validation of SSL certificates. Which of the following should the organization implement?

Options:

A.

OCSP

B.

CRL

C.

CSR

D.

KDC

Buy Now
Questions 52

A company has a team of penetration testers. This team has located a file on the company file server that they believe contains cleartext usernames followed by a hash. Which of the following tools should the penetration testers use to learn more about the content of this file?

Options:

A.

Exploitation framework

B.

Vulnerability scanner

C.

Netcat

D.

Password cracker

Buy Now
Questions 53

A company utilizes 802.11 for all client connectivity within a facility. Users in one part of the building are reporting they are unable to access company resources when connected to the company SSID. Which of the following should the security administrator use to assess connectivity?

Options:

A.

Sniffer

B.

Honeypot

C.

Routing tables

D.

Wireless scanner

Buy Now
Questions 54

A member of the human resources department received the following email message after sending an email containing benefit and tax information to a candidate:

“Your message has been quarantined for the following policy violation: external potential_PII. Please contact the IT security administrator for further details”.

Which of the following BEST describes why this message was received?

Options:

A.

The DLP system flagged the message.

B.

The mail gateway prevented the message from being sent to personal email addresses.

C.

The company firewall blocked the recipient’s IP address.

D.

The file integrity check failed for the attached files.

Buy Now
Questions 55

The president of a company that specializes in military contracts receives a request for an interview. During the interview, the reporter seems more interested in discussing the president's family life and personal history than the details of a recent company success. Which of the following security concerns is this MOST likely an example of?

Options:

A.

Insider threat

B.

Social engineering

C.

Passive reconnaissance

D.

Phishing

Buy Now
Questions 56

Which of the following is a type of attack in which a hacker leverages previously obtained packets to gam access to a wireless network?

Options:

A.

Replay attack

B.

ARP poisoning

C.

Bluesnarfing

D.

IP spoofing

Buy Now
Questions 57

Which of !he following Impacts are associated with vulnerabilities in embedded systems? (Select TWO).

Options:

A.

Repeated exploitation due to unpatchtable firmware

B.

Denial of service due to an integrated legacy operating system

C.

Loss of inventory accountability due to device deployment

D.

Key reuse and collision Issues due to decentralized management

E.

Exhaustion of network resources resulting from poor NIC management

Buy Now
Questions 58

A security analyst is using a recently released security advisory to review historical logs, looking for the specific activity that was outlined in the advisory. Which of the following is the analyst doing?

Options:

A.

A packet capture

B.

A user behavior analysis

C.

Threat hunting

D.

Credentialed vulnerability scanning

Buy Now
Questions 59

A company would like to transition its directory service from an OpenLDAP solution to Active Directory. The main goal for this project is security. All authentications to the domain controllers must be as secure as possible. Which of the following should the company use to achieve this goal?

Options:

A.

LDAP

B.

RADIUS

C.

Kerberos

D.

Shibboleth

Buy Now
Questions 60

In which of the following ways does phishing and smishing differ?

Options:

A.

One is primarily based on social engineering, and the other is based on evading spam filters

B.

One uses SMS as a delivery mechanism, and the other uses email

C.

Smishing relies on hard-wired connections and mobile code updates

D.

Phishing leverages poor email tagging to exploit SPIM settings

Buy Now
Questions 61

A security analyst just discovered that developers have access to production systems that are used for deployment and troubleshooting One developer, who recently left the company abused this access to obtain sensitive information Which of the following is the BEST account management strategy to prevent this from reoccurring?

Options:

A.

Perform an account review and ensure least privilege is being followed for production access

B.

Implement multifactor authentication for accessing production systems

C.

Configure jump boxes and prevent access to production from any other system

D.

Set up time-of-day restrictions that prevent access to production systems during business hours

E.

Modify the AUP to prohibit developers from accessing production systems

Buy Now
Questions 62

A security analyst has been asked to implement secure protocols to prevent cleartext credentials from being transmitted over the internal network. Which of the following protocols is the security analyst MOST likely to implement? (Choose two.)

Options:

A.

SNMPv3

B.

S/MIME

C.

DNSSEC

D.

SSH

E.

SFTP

Buy Now
Questions 63

A security administrator in a bank is required to enforce an access control policy so no single individual is allowed to both initiate and approve financial transactions. Which of the following BEST represents the impact the administrator is deterring?

Options:

A.

Principle of least privilege

B.

External intruder

C.

Conflict of Interest

D.

Fraud

Buy Now
Questions 64

A network technician needs to monitor and view the websites that are visited by an employee. The employee Is connected to a network switch. Which of the following would allow the technician to monitor the employee's web traffic?

Options:

A.

Implement promiscuous mode on the NIC of the employee's computer.

B.

Install and configure a transparent proxy server.

C.

Run a vulnerability scanner to capture DNS packets on the router.

D.

Configure a VPN to forward packets to the technician's computer.

Buy Now
Questions 65

A tester was able to leverage a pass-the-hash attack during a recent penetration test. The tester gained a foothold and moved laterally through the network. Which of the following would prevent this type of attack from reoccurring?

Options:

A.

Renaming all active service accounts and disabling all inactive service accounts

B.

Creating separate accounts for privileged access that are not used to log on to local machines

C.

Enabling full-disk encryption on all workstations that are used by administrators and disabling RDP

D.

Increasing the password complexity requirements and setting account expiration dates

Buy Now
Questions 66

Which of the following controls does a mantrap BEST represent?

Options:

A.

Deterrent

B.

Detective

C.

Physical

D.

Corrective

Buy Now
Questions 67

An organization with a low tolerance tor user inconvenience wants to protect laptop hard drives against loss of data theft Which of the following would be the MOST acceptable?

Options:

A.

SED

B.

HSU

C.

DLP

D.

TPM

Buy Now
Questions 68

A systems administrator is configuring a new network switch for TACACS+ management and authentication.

Which of the following must be configured to provide authentication between the switch and the TACACS+ server?

Options:

A.

802.1X

B.

SSH

C.

Shared secret

D.

SNMPv3

E.

CHAP

Buy Now
Questions 69

A penetration tester is testing passively for vulnerabilities on a company's network. Which of the following tools should the penetration tester use? (Choose two.)

Options:

A.

Zenmap

B.

Wireshark

C.

Nmap

D.

tcpdump

E.

Nikto

F.

Snort

Buy Now
Questions 70

Which of the following cloud models is used to share resources and information with business partners and like businesses without allowing everyone else access?

Options:

A.

Public

B.

Hybrid

C.

Community

D.

Private

Buy Now
Questions 71

A company is performing an analysis of which corporate units are most likely to cause revenue loss in the event the unit is unable to operate. Which of the following is an element of the BIA that this action is addressing?

Options:

A.

Critical system inventory

B.

Single point of failure

C.

Continuity of operations

D.

Mission-essential functions

Buy Now
Questions 72

A company recently implemented a new security system. In the course of configuration, the security administrator adds the following entry:

#Whitelist USB\VID_13FE&PID_4127&REV_0100

Which of the following security technologies is MOST likely being configured?

Options:

A.

Application whitelisting

B.

HIDS

C.

Data execution prevention

D.

Removable media control

Buy Now
Questions 73

A security analyst has identified malware that is propagating automatically to multiple systems on the network. Which of the following types of malware is MOST likely impacting the network?

Options:

A.

Virus

B.

Worm

C.

Logic bomb

D.

Backdoor

Buy Now
Questions 74

Which of the following policies would help an organization identify and mitigate potential single points of failure in the company's IT/security operations?

Options:

A.

Least privilege

B.

Awareness training

C.

Separation of duties

D.

Mandatory vacation

Buy Now
Questions 75

A security analyst discovers one of the business processes which generates 75% of the annual revenue, uses a legacy system This creates a tolerable risk that can contribute to a 2% drop in revenue generation every quarter. Which of the following would be the BEST response to this risk?

Options:

A.

Mitigation

B.

Avoidance

C.

Insurance

D.

Acceptance

Buy Now
Questions 76

A technician is implementing 802.1X with dynamic VLAN assignment based on a user Active Directory group membership. Which of the following configurations supports the VLAN definitions?

Options:

A.

RADIUS attribute

B.

SAML tag

C.

LDAP path

D.

Shibboleth IdP

Buy Now
Questions 77

A systems administrator wants to enforce the use of HTTPS on a new website. Which of the following should the systems administrator do NEXT after generating the CSR?

Options:

A.

Install the certificate on the server.

B.

Provide the public key to the CA.

C.

Password protect the public key.

D.

Ensure the new key is not on the CRL.

Buy Now
Questions 78

A systems analyst is responsible for generating a new digital forensics chain-of-custody form. Which of the following should the analyst include in this documentation? (Select TWO)

Options:

A.

The order of volatility

B.

A checksum

C.

The location of the artifacts

D.

The vendor's name

E.

The date and time

F.

A warning banner

Buy Now
Questions 79

You have been tasked with designing a security plan for your company. Drag and drop the appropriate security controls on the floor plan.

Instructions: All objects must be used and all place holders must be filled. Order does not matter. When you have completed the simulation, please select the Done button to submit.

Options:

Buy Now
Questions 80

A company recently experienced a security breach. The security staff determined that the intrusion was due to an out-of-date proprietary software program running on a non-compliant server. The server was imaged and copied onto a hardened VM, with the previous connections re-established. Which of the following is the NEXT step in the incident response process?

Options:

A.

Recovery

B.

Eradication

C.

Lessons learned

D.

Containment

E.

Identification

Buy Now
Questions 81

Before providing digital evidence for a case, a security analyst performed a full disk image of the compromised server using a forensic tool and asked a law enforcement officer to provide an in-person written confirmation of receipt The security analyst was MOST interested in

Options:

A.

avoiding the volatility of the data

B.

maintaining the chain of custody

C.

confirming the legal hold

D.

having a recovery point

Buy Now
Questions 82

A security administrator is reviewing the following information from a file that was found on a compromised host:

cat suspiciousfile.txt

www.CompTIA.org\njohn\miloveyou\n$200\nWorking Late\nJohn\nI%20will%20be%20in% 20the%20office%20till%206pm%20to%20finish%20the%20report\n

Which of the following types of malware is MOST likely installed on the compromised host?

Options:

A.

Keylogger

B.

Spyware

C.

Trojan

D.

Backdoor

E.

Rootkit

Buy Now
Questions 83

An analyst generates the following color-coded table shown in the exhibit to help explain the risk of potential incidents in the company. The vertical axis indicates the likelihood or an incident, while the horizontal axis indicates the impact.

Which of the following is this table an example of?

Options:

A.

Internal threat assessment

B.

Privacy impact assessment

C.

Qualitative risk assessment

D.

Supply chain assessment

Buy Now
Questions 84

A highly complex password policy has made it nearly impossible to crack account passwords. Which of the following might a hacker still be able to perform?

Options:

A.

Pass-the-hash attack

B.

ARP poisoning attack

C.

Birthday attack

D.

Brute-force attack

Buy Now
Questions 85

Which of the following control types are alerts sent from a SIEM fulfilling based on vulnerably signatures?

Options:

A.

Preventive

B.

Corrective

C.

Compensating

D.

Detective

Buy Now
Questions 86

A government contracting company Issues smartphones lo employees lo enable access lo corporate resources. Several employees will need to travel to a foreign country (or business purposes and will require access lo their phones. However, the company recently received intelligence that its intellectual property is highly desired by the same country's government. Which of the following MDM configurations would BEST reduce the risk of compromise while on foreign soil?

Options:

A.

Disable firmware OTA updates.

B.

Disable location services.

C.

Disable push notification services.

D.

Disable wipe.

Buy Now
Questions 87

A security team has completed the installation of a new server. The OS and applications have been patched and tested, and the server is ready to be deployed. Which of the following actions should be taken before deploying the new server?

Options:

A.

Disable the default accounts.

B.

Run a penetration test on the network.

C.

Create a DMZ in which to place the server.

D.

Validate the integrity of the patches.

Buy Now
Questions 88

During a recent security audit, an organization discovered that server configurations were changed without documented approval The investigators have confirmed that configuration changes require elevated permissions, and the investigation has failed to identify specific user accounts that are making the configuration changes Which of the following is MOST likely occurring''

Options:

A.

Users have been sharing superuser account passwords

B.

Privileged accounts are being used by systems administrators

C.

Intruders have compromised the servers and enabled guest accounts

D.

Administrators are logging in to the servers using service accounts

Buy Now
Questions 89

A security analyst is hardening a large-scale wireless network. The primary requirements are the following

* Must use authentication through EAP-TLS certificates

* Must use an AAA server

* Must use the most secure encryption protocol

Given these requirements, which of the following should the analyst implement and recommend? (Select TWO).

Options:

A.

802.1X

B.

802.3

C.

LDAP

D.

TKIP

E.

CCMP

F.

WPA2-PSK

Buy Now
Questions 90

A newly purchased corporate WAP needs to be configured in the MOST secure manner possible.

INSTRUCTIONS

Please click on the below items on the network diagram and configure them accordingly:

  • WAP
  • DHCP Server
  • AAA Server
  • Wireless Controller
  • LDAP Server

If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Options:

Buy Now
Questions 91

Select the appropriate attack from each drop down list to label the corresponding illustrated attack.

Instructions: Attacks may only be used once, and will disappear from drop down list if selected. When you have completed the simulation, please select the Done button to submit.

Options:

Buy Now
Questions 92

Leveraging the information supplied below, complete the CSR for the server to set up TLS (HTTPS)

• Hostname: ws01

• Domain: comptia.org

• IPv4: 10.1.9.50

• IPV4: 10.2.10.50

• Root: home.aspx

• DNS CNAME:homesite.

Instructions:

Drag the various data points to the correct locations within the CSR. Extension criteria belong in the let hand column and values belong in the corresponding row in the right hand column.

Options:

Buy Now
Questions 93

A data owner has been tasked with assigning proper data classifications and destruction methods for various types of data contained within the environment.

Options:

Buy Now
Questions 94

Task: Configure the firewall (fill out the table) to allow these four rules:

  • Only allow the Accounting computer to have HTTPS access to the Administrative server.
  • Only allow the HR computer to be able to communicate with the Server 2 System over SCP.
  • Allow the IT computer to have access to both the Administrative Server 1 and Administrative Server 2

Options:

Buy Now
Questions 95

A security administrator has been tasked with implementing controls that meet management goals. Drag and drop the appropriate control used to accomplish the account management goal. Options may be used once or not at all.

Options:

Buy Now
Questions 96

Drag and drop the correct protocol to its default port.

Options:

Buy Now
Questions 97

The security administrator has installed a new firewall which implements an implicit DENY policy by default.

INSTRUCTIONS:

Click on the firewall and configure it to allow ONLY the following communication.

1. The Accounting workstation can ONLY access the web server on the public network over the default HTTPS port. The accounting workstation should not access other networks.

2. The HR workstation should be restricted to communicate with the Financial server ONLY, over the default SCP port

3. The Admin workstation should ONLY be able to access the servers on the secure network over the default TFTP port.

Instructions: The firewall will process the rules in a top-down manner in order as a first match The port number must be typed in and only one port number can be entered per rule Type ANY for all ports. The original firewall configuration can be reset at any time by pressing the reset button. Once you have met the simulation requirements, click save and then Done to submit.

Hot Area:

Options:

Buy Now
Questions 98

For each of the given items, select the appropriate authentication category from the drop down choices.

Select the appropriate authentication type for the following items:

Options:

Buy Now
Questions 99

A security auditor is reviewing the following output from file integrity monitoring software installed on a very busy server at a large service provider. The server has not been updates since it was installed. Drag and drop the log entry that identifies the first instance of server compromise.

Options:

Buy Now
Questions 100

A security engineer is setting up passwordless authentication for the first time.

INSTRUCTIONS

Use the minimum set of commands to set this up and verify that it works. Commands cannot be reused.

If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Options:

Buy Now
Exam Code: SY0-501
Exam Name: CompTIA Security+ Certification Exam
Last Update: Jun 17, 2021
Questions: 773

PDF + Testing Engine

$72  $159.99

Testing Engine

$51.75  $114.99

PDF (Q&A)

$45  $99.99