CompTIACompTIA
SY0-501 · Question #331
SY0-501 Question #331: Real Exam Question with Answer & Explanation
Sign in or unlock SY0-501 to reveal the answer and full explanation for question #331. The question stem and answer options stay visible for context.
Submitted by certguy· Mar 4, 2026
Question
A security analyst reviews the following output: The analyst loads the hash into the SIEM to discover if this hash is seen in other parts of the network. After inspecting a large number of files, the security analyst reports the following: Which of the following is the MOST likely cause of the hash being found in other areas?
Options
- AJan Smith is an insider threat
- BThere are MD5 hash collisions
- CThe file is encrypted
- DShadow copies are present
Unlock SY0-501 to see the answer
You've previewed enough free SY0-501 questions. Unlock SY0-501 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.