Posted in CompTIA CompTIA Security+ CompTIA SY0-501 comptia sy0-501 dumps comptia sy0-501 exam actual questions comptia sy0-501 exam dumps comptia sy0-501 exam objectives comptia sy0-501 practice test comptia sy0-501 security+ sy0-501 CompTIA Security+ Certification Exam

[Jan 2021] CompTIA SY0-501 exam dumps and online practice questions are available from Lead4Pass

The latest updated CompTIA SY0-501 exam dumps and free SY0-501 exam practice questions and answers! Latest updates from Lead4Pass CompTIA SY0-501 Dumps PDF and SY0-501 Dumps VCE, Lead4Pass SY0-501 exam questions updated and answers corrected!
Get the full CompTIA SY0-501 dumps from https://www.lead4pass.com/sy0-501.html (VCE&PDF)

Latest SY0-501 PDF for free

Share the CompTIA SY0-501 Dumps PDF for free From Lead4pass SY0-501 Dumps part of the distraction collected on Google Drive shared by Lead4pass
https://drive.google.com/file/d/1Gh75vZaWis2rv3xUA9v0jWjkDo2AHKU7/

Latest Lead4pass SY0-501 Youtube

Share the latest CompTIA SY0-501 exam practice questions and answers for free from Led4Pass Dumps viewed online by Youtube Videos

The latest updated CompTIA SY0-501 Exam Practice Questions and Answers Online Practice Test is free to share from Lead4Pass (Q1-Q13)

QUESTION 1
A security administrator suspects that data on a server has been exhilarated as a result of un- authorized remote
access. Which of the following would assist the administrator in con-firming the suspicions? (Select TWO)
A. Networking access control
B. DLP alerts
C. Log analysis
D. File integrity monitoring
E. Host firewall rules
Correct Answer: BC

 

QUESTION 2
A company employee recently retired, and there was a schedule delay because no one was capable of filling the
employee\\’s position. Which of the following practices would BEST help to prevent this situation in the future?
A. Mandatory vacation
B. Separation of duties
C. Job rotation
D. Exit interviews
Correct Answer: C

 

QUESTION 3
In an effort to reduce data storage requirements, some company devices to hash every file and eliminate duplicates.
The data processing routines are time sensitive so the hashing algorithm is fast and supported on a wide range of
systems. Which of the following algorithms is BEST suited for this purpose?
A. MD5
B. SHA
C. RIPEMD
D. AES
Correct Answer: B

 

QUESTION 4
An organization\\’s employees currently use three different sets of credentials to access multiple internal resources.
Management wants to make this process less complex. Which of the following would be the BEST option to meet this
goal?
A. Transitive trust
B. Single sign-on
C. Federation
D. Secure token
Correct Answer: B

 

QUESTION 5
A security engineer at a manufacturing company is implementing a third-party cloud application. Rather than creating
users manually in the application, the engineer decides to use the SAML protocol. Which of the following is being used
for this implementation?
A. The manufacturing company is the service provider, and the cloud company is the identity provider.
B. The manufacturing company is the authorization provider, and the cloud company is the service provider.
C. The manufacturing company is the identity provider, and the cloud company is the OAuth provider.
D. The manufacturing company is the identity provider, and the cloud company is the service provider.
E. The manufacturing company is the service provider, and the cloud company is the authorization provider.
Correct Answer: A

 

QUESTION 6
A preventive control differs from a compensating control in that a preventive control is:
A. put in place to mitigate weakness in a user control.
B. deployed to supplement an existing control that is EOL.
C. relied on to address gaps in the existing control structure.
D. designed to specifically mitigate a risk.
Correct Answer: C

 

QUESTION 7
Which of the following is the BEST way for home users to mitigate vulnerabilities associated with IoT devices on their
home networks?
A. Power off the devices when they are not in use,
B. Prevent IoT devices from contacting the Internet directly.
C. Apply firmware and software updates upon availability.
D. Deploy a bastion host on the home network.
Correct Answer: C

 

QUESTION 8
A technician has installed a new AAA server, which will be used by the network team to control access to a company\\’s
routers and switches. The technician completes the configuration by adding the network team members to the
NETWORK_TEAM group, and then adding the NETWORK_TEAM group to the appropriate ALLOW_ACCESS access
list. Only members of the network team should have access to the company\\’s routers and switches.[2021.1] lead4pass sy0-501 practice test q8

Which of the following should the auditor recommend based on the above information?
A. Configure the ALLOW_ACCESS group logic to use AND rather than OR.
B. Move the NETWORK_TEAM group to the top of the ALLOW_ACCESS access list.
C. Disable groups nesting for the ALLOW_ACCESS group in the AAA server.
D. Remove the DOMAIN_USERS group from the ALLOW_ACCESS group.
Correct Answer: D


QUESTION 9
Malware that changes its binary pattern on specific dates at specific times to avoid detection is known as a (n):
A. armored virus
B. logic bomb
C. polymorphic virus
D. Trojan
Correct Answer: C

 

QUESTION 10
A Chief Information Officer (CIO) is concerned that encryption keys might be exfiltrated by a contractor. The CIO wants
to keep control over key visibility and management. Which of the following would be the BEST solution for the CIO to
implement?”
A. HSM
B. CA
C. SSH
D. SSL
Correct Answer: A

 

QUESTION 11
A security administrator suspects a MITM attack aimed at impersonating the default gateway is underway. Which of the
following tools should the administrator use to detect this attack? (Select two.)
A. Ping
B. Ipconfig
C. Tracert
D. Netstat
E. Dig
F. Nslookup
Correct Answer: BC


QUESTION 12
A security analyst conducts a manual scan on a known hardened host that identifies many non-compliant items. Which
of the following BEST describes why this has occurred? (Select TWO)
A. Privileged-user certificated were used to scan the host
B. Non-applicable plugins were selected in the scan policy
C. The incorrect audit file was used
D. The output of the report contains false positives
E. The target host has been compromised
Correct Answer: BD

 

QUESTION 13
In highly secure environments where the risk of malicious actors attempting to steal data is high, which of the following
is the BEST reason to deploy Faraday cages?
A. To provide emanation control to prevent credential harvesting
B. To minimize signal attenuation over distances to maximize signal strength
C. To minimize external RF interference with embedded processors
D. To protect the integrity of audit logs from malicious alteration
Correct Answer: C


Fulldumps shares the latest updated CompTIA SY0-501 exam exercise questions, SY0-501 dumps pdf, and Youtube video learning for free.
All exam questions and answers come from the Lead4pass exam dumps shared part! Lead4pass updates throughout the year and shares a portion of your exam questions for free to help you understand the exam content and enhance your exam experience!
Get the full CompTIA SY0-501 exam dumps questions at https://www.lead4pass.com/sy0-501.html (pdf&vce)

ps.
Get free CompTIA SY0-501 dumps PDF online: https://drive.google.com/file/d/1Gh75vZaWis2rv3xUA9v0jWjkDo2AHKU7/

Posted in CompTIA CompTIA Security+ CompTIA SY0-501 comptia sy0-501 dumps comptia sy0-501 exam actual questions comptia sy0-501 exam dumps comptia sy0-501 exam objectives comptia sy0-501 practice test comptia sy0-501 security+ sy0-501 CompTIA Security+ Certification Exam

[Nov 2020] The latest update CompTIA SY0-501 dumps and online practice tests from Lead4Pass

The latest CompTIA SY0-501 dumps by Lead4Pass helps you pass the SY0-501 exam for the first time! Lead4Pass Latest Update CompTIA SY0-501 VCE Dump and SY0-501 PDF Dumps, Lead4Pass SY0-501 Exam Questions Updated, Answers corrected! Get the latest LeadPass SY0-501 dumps with Vce and PDF: https://www.lead4pass.com/sy0-501.html (Q&As: 1173 dumps)

[Free SY0-501 PDF] CompTIA SY0-501 Dumps PDF can be collected on Google Drive shared by Lead4Pass:
https://drive.google.com/file/d/1IetDrGNOUlBHVSR2W2hnnUYtCgmoKNsT/

[Lead4pass SY0-501 Youtube] CompTIA SY0-501 Dumps can be viewed on Youtube shared by Lead4Pass

CompTIA SY0-501 Online Exam Practice Questions

QUESTION 1
Given the information below:
MD5HASH document.doc 049eab40fd36caadlfab10b3cdf4a883
MD5HASH image.jpg 049eab40fd36caadlfab10b3cdf4a883
Which of the following concepts are described above? (Choose two.)
A. Salting
B. Collision
C. Steganography
D. Hashing
E. Key stretching
Correct Answer: BD

 

QUESTION 2
A small enterprise decides to implement a warm site to be available for business continuity in case of a disaster. Which
of the following BEST meets its requirements?
A. A fully operational site that has all the equipment in place and full data backup tapes on-site
B. A site used for its data backup storage that houses a full-time network administrator
C. An operational site requiring some equipment to be relocated as well as data transfer to the site
D. A site staffed with personnel requiring both equipment and data to be relocated there in case of disaster
Correct Answer: C
Cold site Space and associated infrastructure (e.g., power, telecoms and environmental controls to support IT systems),
which will only be installed when disaster recovery (DR) services are activated. Warm site Site that\\’s partially equipped
with some of the equipment (e.g., computing hardware and software, and supporting personnel); organizations install
additional equipment, computing hardware, and software, and supporting personnel when DR services are activated. Hot
site Fully equipped site with the required equipment, computing hardware/software, and supporting personnel; it\\’s also
fully functional and manned on a 24×7 basis so that it\\’s ready for organizations to operate their IT systems when DR
services are activated.

 

QUESTION 3
Which of the following would provide a safe environment for an application to access only the resources needed to
function while not having access to run at the system level?
A. Sandbox
B. Honey pot
C. GPO
D. DMZ
Correct Answer: A

 

QUESTION 4
An analyst is concerned about data leaks and wants to restrict access to Internet services to authorized users only. The analyst also wants to control the actions each user can perform on each service Which of the following would be the
BEST technology for me analyst to consider implementing?
A. DLP
B. VPC
C. CASB
D. ACL
Correct Answer: A

 

QUESTION 5
Security operations learn recently detected a breach of credentials. The team mitigated the risk and followed proper
processes to reduce risk. Which of the following processes would BEST help prevent this issue from happening again?
A. Risk assessment
B. Chain of custody
C. Lessons learned
D. Penetration test
Correct Answer: B

 

QUESTION 6
Joe is exchanging encrypted email with another party. Joe encrypts the initial email with a key. When Joe receives a
response, he is unable to decrypt the response with the same key he used initially. Which of the following would explain
the situation?
A. An ephemeral key was used for one of the messages
B. A stream cipher was used for the initial email; a block cipher was used for the reply
C. Out-of-band key exchange has taken place
D. Asymmetric encryption is being used
Correct Answer: D
Asymmetric algorithms use two keys to encrypt and decrypt data. These asymmetric keys are referred to as the public
key and the private key. The sender uses the public key to encrypt a message, and the receiver uses the private key to
decrypt the message; what one key does, the other one undoes.

 

QUESTION 7
A security analyst is performing a BIA.
The analyst notes that In a disaster, failover systems must be up and running within 30 minutes.
The failover systems must use backup data that Is no older than one hour Which of the following should the analyst
include In the business continuity plan?
A. A maximum MTTR of 30 minutes
B. A maximum MTBF of 30 minutes
C. A maximum RTO of 60 minutes
D. A maximum RPO of 60 minutes
E. An SLA guarantee of 60 minutes
Correct Answer: E

 

QUESTION 8
Which of the following is commonly done as part of a vulnerability scan?
A. Exploiting misconfigured applications
B. Cracking employee passwords
C. Sending phishing emails to employees
D. Identifying unpatched workstations
Correct Answer: D

 

QUESTION 9
A technician needs to implement a system that will properly authenticate users by their username and password only
when the users are logging in from a computer in the office building. Any attempt to authenticate from a location other
than the office building should be rejected. Which of the following MUST the technician implement?
A. Dual factor authentication
B. Transitive authentication
C. Single-factor authentication
D. Biometric authentication
Correct Answer: B

 

QUESTION 10
A security administrator must implement a system to ensure that invalid certificates are not used by a custom developed
application. The system must be able to check the validity of certificates even when internet access is unavailable.
Which of the following MUST be implemented to support this requirement?
A. CSR
B. OCSP
C. CRL
D. SSH
Correct Answer: C

 

QUESTION 11
Malware that changes its binary pattern on specific dates at specific times to avoid detection is known as a (n):
A. armored virus
B. logic bomb
C. polymorphic virus
D. Trojan
Correct Answer: C

 

QUESTION 12
An organization has hired a new remote workforce. Many new employees are reporting that they are unable to access
the shared network resources while traveling. They need to be able to travel to and from different locations on a weekly
basis. Shared offices are retained at the headquarters location. The remote workforce will have the identical file and system
access requirements, and must also be able to log in to the headquarters location remotely.
Which of the following BEST represents how the remote employees should have been set up initially? (Choose two.)
A. User-based access control
B. Shared accounts
C. Group-based access control
D. Mapped drives
E. Individual accounts
F. Location-based policies
Correct Answer: CE

 

QUESTION 13
An organization has an account management policy that defines parameters around each type of account. The policy
specifies different security attributes, such as longevity, usage auditing, password complexity, and identity proofing. The
goal of the account management policy is to ensure the highest level of security while providing the greatest availability
without compromising data integrity for users. Which of the following account types should the policy specify for service
technicians from corporate partners?
A. Guest account
B. User account
C. Shared account
D. Privileged user account
E. Default account
F. Service account
Correct Answer: D


latest updated CompTIA SY0-501 exam questions from the Lead4Pass SY0-501 dumps! 100% pass the SY0-501 exam! Download Lead4Pass SY0-501 VCE and PDF dumps: https://www.lead4pass.com/sy0-501.html (Q&As: 1173 dumps)

Get free CompTIA SY0-501 dumps PDF online: https://drive.google.com/file/d/1IetDrGNOUlBHVSR2W2hnnUYtCgmoKNsT/

Posted in CompTIA CompTIA Security+ CompTIA SY0-501 comptia sy0-501 dumps comptia sy0-501 exam actual questions comptia sy0-501 exam dumps comptia sy0-501 exam objectives comptia sy0-501 practice test comptia sy0-501 security+ sy0-501 CompTIA Security+ Certification Exam

[Otc 2020] New CompTIA sy0-501 Brain dumps and online practice tests are shared from Lead4Pass (latest Updated)

The latest CompTIA sy0-501 dumps by Lead4Pass helps you pass the sy0-501 exam for the first time! Lead4Pass Latest Update CompTIA sy0-501 VCE Dump and sy0-501 PDF Dumps, Lead4Pass sy0-501 Exam Questions Updated, Answers corrected! Get the latest LeadPass sy0-501 dumps with Vce and PDF: https://www.lead4pass.com/sy0-501.html (Q&As: 1139 dumps)

[Free sy0-501 PDF] CompTIA sy0-501 Dumps PDF can be collected on Google Drive shared by Lead4Pass:
https://drive.google.com/file/d/1xQJKwWVvk_za8X5PTP1GorNuYmFyE039/

[Lead4pass sy0-501 Youtube] CompTIA sy0-501 Dumps can be viewed on Youtube shared by Lead4Pass

CompTIA sy0-501 Online Exam Practice Questions

QUESTION 1
A forensic analyst is asked to respond to an ongoing network attack on a server. Place the items in the list below in the
correct order in which the forensic analyst should preserve them.
Select and Place: lead4pass sy0-501 exam questions q1

Correct Answer:

lead4pass sy0-501 exam questions q1-1

When dealing with multiple issues, address them in order of volatility (OOV); always deal with the most volatile first.
Volatility can be thought of as the amount of time that you have to collect certain data before a window of opportunity is
gone.
Naturally, in an investigation, you want to collect everything, but some data will exist longer than others, and you cannot
possibly collect all of it once. As an example, the OOV in an investigation may be RAM, hard drive data, CDs/DVDs,
and
printouts.
Order of volatility: Capture system images as a snapshot of what exists, look at network traffic and logs, capture any
relevant video/screenshots/hashes, record time offset on the systems, talk to witnesses and track total man-hours and
expenses associated with the investigation.
References:
Dulaney, Emmett and Chuck Easton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, p. 453

 

QUESTION 2
A forensic analyst is asked to respond to an ongoing network attack on a server. Place the items in the list below in the
correct order in which the forensic analyst should preserve them.
Select and Place:lead4pass sy0-501 exam questions q2

Correct Answer

lead4pass sy0-501 exam questions q2-1

When dealing with multiple issues, address them in order of volatility (OOV); always deal with the most volatile first.
Volatility can be thought of as the amount of time that you have to collect certain data before a window of opportunity is
gone.
Naturally, in an investigation, you want to collect everything, but some data will exist longer than others, and you cannot
possibly collect all of it once. As an example, the OOV in an investigation may be RAM, hard drive data, CDs/DVDs,
and
printouts.
Order of volatility: Capture system images as a snapshot of what exists, look at network traffic and logs, capture any
relevant video/screenshots/hashes, record time offset on the systems, talk to witnesses and track total man-hours and
expenses associated with the investigation.

 

QUESTION 3
After reports of slow internet connectivity, a technician reviews the following logs from a server\\’s host-based firewall:
Which of the following can the technician conclude after reviewing the above logs?lead4pass sy0-501 exam questions q3

A. The server is under a DDoS attack from multiple geographic locations.
B. The server is compromised and is attacking multiple hosts on the Internet.
C. The server is under an IP spoofing resource exhaustion attack.
D. The server is unable to complete the TCP three-way handshake and send the last ACK.
Correct Answer: C

 

QUESTION 4
A security consultant discovers that an organization is using the PCL protocol to print documents, utilizing the default
driver and print settings. Which of the following is the MOST likely risk in this situation?
A. An attacker can access and change the printer configuration.
B. SNMP data leaving the printer will not be properly encrypted.
C. An MITM attack can reveal sensitive information.
D. An attacker can easily inject malicious code into the printer firmware.
E. Attackers can use the PCL protocol to bypass the firewall of client computers.
Correct Answer: B

 

QUESTION 5
A security administrator is tasked with conducting an assessment made to establish the baseline security posture of the
corporate IT infrastructure. The assessment must report actual flaws and weaknesses in the infrastructure. Due to the
expense of hiring outside consultants, the testing must be performed using in-house or cheaply available resources.
There cannot be a possibility of any requirement being damaged in the test.
Which of the following has the administrator been tasked to perform?
A. Risk transference
B. Penetration test
C. Threat assessment
D. Vulnerability assessment
Correct Answer: D

 

QUESTION 6
The availability of a system has been labeled as the highest priority. Which of the following should be focused on the
MOST to ensure the objective?
A. Authentication
B. HVAC
C. Full-disk encryption
D. File integrity checking
Correct Answer: B

 

QUESTION 7
The Chief Information Security Officer (CISO) in a company is working to maximize the protection efforts of sensitive
corporate data. The CISO implements a “100% shred” policy within the organization, with the intent to destroy any
documentation that is not actively in use in a way that it cannot be recovered or reassembled. Which of the following
attacks is this deterrent MOST likely to mitigate?
A. Dumpster diving
B. Whaling
C. Shoulder surfing
D. Vishing
Correct Answer: A

 

QUESTION 8
Joe, a security administrator, needs to extend the organization\\’s remote access functionality to be used by staff while
traveling. Joe needs to maintain separate access control functionalities for internal, external, and VOIP services. Which
of the following represents the BEST access technology for Joe to use?
A. RADIUS
B. TACACS+
C. Diameter
D. Kerberos
Correct Answer: B

 

QUESTION 9
After surfing the Internet, Joe, a user, woke up to find all his files were corrupted. His wallpaper was replaced by a message stating the files were encrypted and he needed to transfer money to a foreign country to recover them. Joe is
a victim of:
A. a keylogger
B. spyware
C. ransomware
D. a logic bomb
Correct Answer: C

 

QUESTION 10
A company is using a mobile device deployment model in which employees use their personal devices for work at their
own discretion. Some of the problems the company is encountering include the following:
1.
There is no standardization.
2.
Employees ask for reimbursement for their devices.
Employees do not replace their devices often enough to keep them running efficiently. The company does not have
enough control over the devices.
Which of the following is a deployment model that would help the company overcome these problems?
A. BYOD
B. VDI
C. COPE
D. CYOD
Correct Answer: D


QUESTION 11
A company was recently audited by a third party. The audit revealed the company\\’s network devices were transferring
files in the clear. Which of the following protocols should the company use to transfer files?
A. HTTPS
B. LDAPS
C. SCP
D. SNMPv3
Correct Answer: C

 

QUESTION 12
A company has three divisions, each with its own networks and services. The company decides to make its secure web
portal accessible to all employees utilizing their existing usernames and passwords. The security administrator has
elected to use SAML to support authentication. In this scenario, which of the following will occur when users try to
authenticate to the portal? (Select two.)
A. The portal will function as a service provider and request an authentication assertion.
B. The portal will function as an identity provider and issue an authentication assertion.
C. The portal will request an authentication ticket from each network that is transitively trusted.
D. The back-end networks will function as an identity provider and issue an authentication assertion.
E. The back-end networks will request authentication tickets from the portal, which will act as the third-party service
provider authentication store.
F. The back-end networks will verify the assertion token issued by the portal functioning as the identity provider.
Correct Answer: AB

 

QUESTION 13
In terms of encrypting data, which of the following is BEST described as a way to safeguard password data by adding
random data to it in storage?
A. Using salt
B. Using hash algorithms
C. Implementing the elliptical curve
D. Implementing PKI
Correct Answer: A


latest updated CompTIA sy0-501 exam questions from the Lead4Pass sy0-501 dumps! 100% pass the sy0-501 exam! Download Lead4Pass sy0-501 VCE and PDF dumps: https://www.lead4pass.com/sy0-501.html (Q&As: 1139 dumps)

Get free CompTIA sy0-501 dumps PDF online: https://drive.google.com/file/d/1xQJKwWVvk_za8X5PTP1GorNuYmFyE039/

Posted in CompTIA CompTIA Security+

Provides a valid CompTIA Security+ sy0-501 exam dumps | 100% Free

Fulldumps shares online exam exercise questions all year round! CompTIA Security+ sy0-501 exam “CompTIASecurity+ Certification Exam” https://www.lead4pass.com/sy0-501.html (600 Q&As). Continue to study and we provide an updated cisco sy0-501 exam practice questions and answers. You can practice the test online!

Watch the CompTIA Security+ sy0-501 video tutorial online

Table of Contents:

Latest CompTIA Security+ sy0-501 pdf

[PDF] Free CompTIA Security+ sy0-501 pdf dumps download from Google Drive: https://drive.google.com/open?id=1p48tIE7GSKFz_V895mWkWk7kaYHYEx0O

CompTIASecurity+ Certification – CompTIA IT Certifications: https://certification.comptia.org/certifications/security

Why is it different?

  • No other certification that assesses baseline cybersecurity skills has performance-based questions on the exam. Security+ emphasizes hands-on practical skills, ensuring the security professional is better prepared to problem solve a wider variety of issues.
  • More choose Security+ for DoD 8570 compliance than any other certification.
  • Security+ focuses on the latest trends and techniques in risk management, risk mitigation, threat management, and intrusion detection.
  • The new Security+ certification covers the Junior IT Auditor/Penetration Tester job role, in addition to the previous job roles for Systems Administrator, Network Administrator, and Security Administrator.

About the exam

CompTIA Security+ is the first security certification IT professionals should earn. It establishes the core knowledge required of any cybersecurity role and provides a springboard to intermediate-level cybersecurity jobs. Security+ incorporates best practices in hands-on trouble-shooting to ensure security professionals have practical security problem-solving skills. Cybersecurity professionals with Security+ know how to address security incidents – not just identify them.

The CompTIA Security+ exam will certify the successful candidate has the knowledge and skills required to install and configure systems to secure applications, networks, and devices; perform threat analysis and respond with appropriate mitigation techniques; participate in risk mitigation activities; and operate with an awareness of applicable policies, laws, and regulations. The successful candidate will perform these tasks to support the principles of confidentiality, integrity, and availability.

CompTIA Security+ sy0-501 Exam Practice Questions

QUESTION 1
A member of the admins group reports being unable to modify the “changes” file on a server. The permissions on the
file are as follows:
Permissions User Group File -rwxrw-r–+ Admins Admins changes
Based on the output above, which of the following BEST explains why the user is unable to modify the “changes” file?
A. The SELinux mode on the server is set to “enforcing.”
B. The SELinux mode on the server is set to “permissive.”
C. An FACL has been added to the permissions for the file.
D. The admins group does not have adequate permissions to access the file.
Correct Answer: C

 

QUESTION 2
A new firewall has been places into service at an organization. However, a configuration has not been entered on the
firewall. Employees on the network segment covered by the new firewall report they are unable to access the network.
Which of the following steps should be completed to BEST resolve the issue?
A. The firewall should be configured to prevent user traffic form matching the implicit deny rule.
B. The firewall should be configured with access lists to allow inbound and outbound traffic.
C. The firewall should be configured with port security to allow traffic.
D. The firewall should be configured to include an explicit deny rule.
Correct Answer: A

 

QUESTION 3
A company researched the root cause of a recent vulnerability in its software. It was determined that the vulnerability
was the result of two updates made in the last release. Each update alone would not have resulted in the vulnerability.
In order to prevent similar situations in the future, the company should improve which of the following?
A. Change management procedures
B. Job rotation policies
C. Incident response management
D. Least privilege access controls
Correct Answer: A


QUESTION 4
A user suspects someone has been accessing a home network without permission by spoofing the MAC address of an
authorized system. While attempting to determine if an authorized user is logged into the home network, the user
reviews the wireless router, which shows the following table for systems that are currently on the home network.lead4pass sy0-501 exam question q4

Which of the following should be the NEXT step to determine if there is an unauthorized user on the network?
A. Apply MAC filtering and see if the router drops any of the systems.
B. Physically check each of the authorized systems to determine if they are logged onto the network.
C. Deny the “unknown” host because the hostname is not known and MAC filtering is not applied to this host.
D. Conduct a ping sweep of each of the authorized systems and see if an echo response is received.
Correct Answer: C

 

QUESTION 5
A technician needs to implement a system which will properly authenticate users by their username and password only
when the users are logging in from a computer in the office building. Any attempt to authenticate from a location other
than the office building should be rejected.
Which of the following MUST the technician implement?
A. Dual factor authentication
B. Transitive authentication
C. Single factor authentication
D. Biometric authentication
Correct Answer: B

 

QUESTION 6
For each of the given items, select the appropriate authentication category from the drop down choices.lead4pass sy0-501 exam question q6

Select the appropriate authentication type for the following items:
Hot Area:

lead4pass sy0-501 exam question q6-1 lead4pass sy0-501 exam question q6-2

Correct Answer:

lead4pass sy0-501 exam question q6-3 lead4pass sy0-501 exam question q6-4

Biometrics refers to a collection of physical attributes of the human body that can be used as identification or an
authentication factor. Fingerprints and retinas are physical attributes of the human body.
Two types of tokens exist, Time-based one-time password (TOTP) tokens and HMACbased one-time password
(HOTP). TOTP tokens generate passwords at fixed time intervals, whereas HOTP tokens generate passwords not
based on fixed
time intervals but instead based on a non-repeating one-way function, such as a hash or HMAC operation.
Smart cards can have Multi-factor and proximity authentication embedded into it.
PAP allows for two entities to share a password in advance and use the password as the basis of authentication. The
same goes for PIN numbers.
References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 282, 285
http://en.wikipedia.org/wiki/Password_authentication_protocol#Working_cycle
http://en.wikipedia.org/wiki/Smart_card#Security

 

QUESTION 7
An organization requires users to provide their fingerprints to access an application. To improve security, the application
developers intend to implement multifactor authentication. Which of the following should be implemented?
A. Use a camera for facial recognition
B. Have users sign their name naturally
C. Require a palm geometry scan
D. Implement iris recognition
Correct Answer: B

 

QUESTION 8
An attacker uses a network sniffer to capture the packets of a transaction that adds $20 to a gift card. The attacker then
user a function of the sniffer to push those packets back onto the network again, adding another $20 to the gift card.
This can be done many times.
Which of the following describes this type of attack?
A. Integer overflow attack
B. Smurf attack
C. Replay attack
D. Buffer overflow attack
E. Cross-site scripting attack
Correct Answer: C

 

QUESTION 9
The help desk is receiving numerous password change alerts from users in the accounting department. These alerts
occur multiple times on the same day for each of the affected users\\’ accounts.
Which of the following controls should be implemented to curtail this activity?
A. Password Reuse
B. Password complexity
C. Password History
D. Password Minimum age
Correct Answer: D

 

QUESTION 10
Which of the following attacks allows access to contact lists on cellular phones?
A. War chalking
B. Blue jacking
C. Packet sniffing
D. Bluesnarfing
Correct Answer: D


QUESTION 11
An external auditor visits the human resources department and performs a physical security assessment. The auditor
observed documents on printers that are unclaimed. A closer look at these documents reveals employee names,
addresses, ages, and types of medical and dental coverage options each employee has selected.
Which of the following is the MOST appropriate actions to take?
A. Flip the documents face down so no one knows these documents are PII sensitive
B. Shred the documents and let the owner print the new set
C. Retrieve the documents, label them with a PII cover sheet, and return them to the printer
D. Report to the human resources manager that their personnel are violating a privacy policy
Correct Answer: D

 

QUESTION 12
A security analyst wishes to increase the security of an FTP server. Currently, all traffic to the FTP server is
unencrypted. Users connecting to the FTP server use a variety of modern FTP client software. The security analyst
wants to keep the same port and protocol, while also still allowing unencrypted connections. Which of the following
would BEST accomplish these goals?
A. Require the SFTP protocol to connect to the file server.
B. Use implicit TLS on the FTP server.
C. Use explicit FTPS for connections.
D. Use SSH tunneling to encrypt the FTP traffic.
Correct Answer: C

 

QUESTION 13
Which of the following allows an application to securely authenticate a user by receiving credentials from a web
domain?
A. TACACS+
B. RADIUS
C. Kerberos
D. SAML
Correct Answer: D

Related sy0-501 Popular Exam resources

titlepdf youtube CompTIA lead4pass Lead4Pass Total Questions
CompTIA Security+ lead4pass sy0-501 dumps pdf lead4pass sy0-501 youtube CompTIA Security+ Certification – CompTIA IT Certifications https://www.lead4pass.com/sy0-501.html 600 Q&A

Get Lead4Pass Coupons(12% OFF)

lead4pass coupon

What are the advantages of Lead4pass?

We have a number of CompTIA, CompTIA, IBM, CompTIA, and other exam experts. We update exam data throughout the year.
Top exam pass rate! We have a large user base. We are an industry leader! Choose Lead4Pass to pass the exam with ease!

about lead4pass

Summarize:

The free CompTIA Security+ sy0-501 exam dumps can help you improve your skills and exam experience! To pass the cisco sy0-501 exam at once: https://www.lead4pass.com/sy0-501.html We make CompTIA sy0-501 videos and sy0-501 pdf for you to learn! I hope you can pass the exam easily.