SY0-501 Exam Questions
551 real SY0-501 exam questions with expert-verified answers and explanations. Page 1 of 12.
- Question #1
A high-security defense installation recently began utilizing large guard dogs that bark very loudly and excitedly at the slightest provocation. Which of the following types of con...
- Question #2
An incident responder receives a call from a user who reports a computer is exhibiting symptoms consistent with a malware infection. Which of the following steps should the respond...
- Question #3
Multiple organizations operating in the same vertical want to provide seamless wireless access for their employees as they visit the other organizations. Which of the following sho...
- Question #4
An analyst wants to implement a more secure wifeless authentication for office access points. Which of the following technologies allows for encrypted authentication of wireless cl...
- Question #5Security architecture
A security analyst is hardening an authentication server. One of the primary requirements is to ensure there is mutual authentication and delegation. Given these requirements, whic...
KerberosAuthentication protocolsMutual authenticationDelegation - Question #6
An organization wishes to provide better security for its name resolution services. Which of the following technologies BEST supports the deployment DNSSEC at the organization?
- Question #7
Ann, an employee in the payroll department, has contacted the help desk citing multiple issues with her device, including: Slow performance Word documents, PDFs, and images no long...
- Question #8
A department head at a university resigned on the first day of the spring semester. It was subsequently determined that the department head deleted numerous files and directories f...
- Question #9
A company is using a mobile device deployment model in which employees use their personal devices for work at their own discretion. Some of the problems the company is encountering...
- Question #10
A security administrator is developing controls for creating audit trails and tracking if a PHI data breach is to occur. The administrator has been given the following requirements...
- Question #11
Which of the following can be provided to an AAA system for the identification phase?
- Question #12
Hotspot Question Select the appropriate attack from each drop down list to label the corresponding illustrated attack Instructions: Attacks may only be used once, and will disappea...
- Question #13Threats, vulnerabilities, and mitigations
Despite having implemented password policies, users continue to set the same weak passwords and reuse old passwords. Which of the following technical controls would help prevent th...
Password securityTechnical controlsAuthentication policies - Question #14
A security analyst is reviewing the following output from an IPS: Given this output, which of the following can be concluded? (Select TWO).
- Question #15
An organization finds that most help desk calls ate regarding account lockout due to a variety of applications running on different systems. Manager is looking for a solution to re...
- Question #16
Which of the following threat actors is MOST likely to steal a company's proprietary information to gain a market edge and reduce time to market?
- Question #17
When trying to log onto a company's new ticketing system, some employees receive the following message: Access denied: too many concurrent sessions. The ticketing system was recent...
- Question #18
A network administrator at a small office wants to simplify the configuration of mobile clients connecting to an encrypted wireless network. Which of the following should be implem...
- Question #19
A company is developing a new secure technology and requires computers being used for development to be isolated. Which of the following should be implemented to provide the MOST s...
- Question #20
Which of the following explains why vendors publish MD5 values when they provide software patches for their customers to download over the Internet?
- Question #21Security architecture
Drag and Drop Question A security administrator is given the security and availability profiles for servers that are being deployed. 1) Match each RAID type with the correct config...
RAIDData storageAvailabilityData integrity - Question #22
Refer to the following code: Which of the following vulnerabilities would occur if this is executed?
- Question #23
A database backup schedule consists of weekly full backups performed on Saturday at 12:00 A.m. and daily differential backups also performed at 12:00 A.m. If the database is restor...
- Question #24
Which of the following technologies employ the use of SAML? (Select TWO).
- Question #25
An organization is using a tool to perform a source code review. Which of the following describes the case in which the tool incorrectly identifies the vulnerability?
- Question #26Security architecture
In a corporation where compute utilization spikes several times a year, the Chief Information Officer (CIO) has requested a cost-effective architecture to handle the variable capac...
ElasticityCloud architectureCapacity managementCost optimization - Question #27
A Security analyst is diagnosing an incident in which a system was compromised from an external IP address. The socket identified on the firewall was traced to 207.46.130.6666. Whi...
- Question #28
Which of the following BEST describes an important security advantage yielded by implementing vendor diversity?
- Question #29CompTIA Security+ Domain 2: Architecture and Design - Summarize the importance of physical security controls and implementing security controls to meet organizational requirements
Drag and Drop Question You have been tasked with designing a security plan for your company. Drag and drop the appropriate security controls on the floor plan. Instructions: All ob...
Physical Security ControlsAccess ControlSecurity PlanningAsset Protection - Question #30
Which of the following encryption methods does PKI typically use to securely protect keys?
- Question #31
Which of the following characteristics differentiate a rainbow table attack from a brute force attack? (Select TWO).
- Question #32
Which of the following BEST describes a routine in which semicolons, dashes, quotes, and commas are removed from a string?
- Question #33
Which of the following is an important step to take BEFORE moving any installation packages from a test environment to production?
- Question #34
Which of the following cryptographic attacks would salting of passwords render ineffective?
- Question #35
A network administrator wants to implement a method of securing internal routing. Which of the following should the administrator implement?
- Question #36
Which of the following types of keys is found in a key escrow?
- Question #37
A senior incident response manager receives a call about some external IPs communicating with internal computers during off hours. Which of the following types of malware is MOST l...
- Question #38
A company is currently using the following configuration: * IAS server with certificate-based EAP-PEAP and MSCHAP * Unencrypted authentication via PAP A security administrator need...
- Question #39
A security administrator is trying to encrypt communication. For which of the following reasons should administrator take advantage of the Subject Alternative Name (SAM) attribute...
- Question #40
After a merger between two companies a security analyst has been asked to ensure that the organization's systems are secured against infiltration by any former employees that were...
- Question #41
A new mobile application is being developed in-house. Security reviews did not pick up any major flaws, however vulnerability scanning results show fundamental issues at the very e...
- Question #42
A security administrator is creating a subnet on one of the corporate firewall interfaces to use as a DMZ which is expected to accommodate at most 14 physical hosts. Which of the f...
- Question #43
A company has a security policy that specifies all endpoint computing devices should be assigned a unique identifier that can be tracked via an inventory management system. Recent...
- Question #44
The security administrator receives an email on a non-company account from a coworker stating that some reports are not exporting correctly. Attached to the email was an example re...
- Question #45Security operations
A technician is configuring a wireless guest network. After applying the most recent changes the technician finds the new devices can no longer find the wireless network by name bu...
Wireless securitySSID broadcastNetwork configurationGuest network - Question #46
A security administrator has been assigned to review the security posture of the standard corporate system image for virtual machines. The security administrator conducts a thoroug...
- Question #47
Although a web enabled application appears to only allow letters in the comment field of a web form, malicious user was able to carry a SQL injection attack by sending special char...
- Question #48
An attacker discovers a new vulnerability in an enterprise application. The attacker takes advantage of the vulnerability by developing new malware. After installing the malware th...
- Question #49
A security administrator returning from a short vacation receives an account lock-out message when attempting to log into the computer. After getting the account unlocked the secur...
- Question #50
A bank requires tellers to get manager approval when a customer wants to open a new account. A recent audit shows that there have been four cases in the previous year where tellers...