Scribd
Upload
132 views6 pages

Sy0 501 PDF

The document is a practice exam for the CompTIA Security+ SY0-501 certification. It contains 10 multiple choice questions covering various security topics like secure file transfer protocols, brute force attacks, data backup schedules, prioritizing assets for a business impact analysis, volatile memory acquisition, access control, and printer security risks. The questions test knowledge of technical security controls and best practices.

Uploaded by

JOHN DEERE
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
132 views6 pages

Sy0 501 PDF

The document is a practice exam for the CompTIA Security+ SY0-501 certification. It contains 10 multiple choice questions covering various security topics like secure file transfer protocols, brute force attacks, data backup schedules, prioritizing assets for a business impact analysis, volatile memory acquisition, access control, and printer security risks. The questions test knowledge of technical security controls and best practices.

Uploaded by

JOHN DEERE
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

Comptia

SY0-501
CompTIA Security+ Certification Exam

https://www.dumpsforsure.com/comptia/sy0-501-dumps.html
Question: 1
A manager wants to distribute a report to several other managers within the company.
Some of them reside in remote locations that are not connected to the domain but have a
local server. Because there is sensitive data within the report and the size of the report is
beyond the limit of the email attachment size, emailing the report is not an option. Which of
the following protocols should be implemented to distribute the report securely? (Select
three.)

A. S/MIME
B. SSH
C. SNMPv3
D. FTPS
E. SRTP
F. HTTPS
G. LDAPS

Answer: B,D,F

Question: 2
A company’s user lockout policy is enabled after five unsuccessful login attempts. The help
desk notices a user is repeatedly locked out over the course of a workweek. Upon
contacting the user, the help desk discovers the user is on vacation and does not have
network access. Which of the following types of attacks are MOST likely occurring? (Select
two.)

A. Replay
B. Rainbow tables
C. Brute force
D. Pass the hash
E. Dictionary

Answer: C,E

Question: 3
DRAGDROP
A security administrator wants to implement strong security on the company smart phones
and terminal servers located in the data center. Drag and drop the applicable controls to
each asset types?
Instructions: Controls can be used multiple times and not all placeholders need to be filled.
When you have completed the simulation, please select the Done button to submit.

Answer:

Explanation:
Company Manages Smart Phone
Screen Lock
Strong Password
Device Encryption
Remote Wipe
GPS Tracking
Pop-up blocker
Data Center Terminal Server
Cable Locks
Antivirus
Host Based Firewall
Proximity Reader
Sniffer
Mantrap

Question: 4
A security engineer is configuring a system that requires the X.509 certificate information to
be pasted into a form field in Base64 encoded format to import it into the system. Which of
the following certificate formats should the engineer use to obtain the information in the
required format?

A. PFX
B. PEM
C. DER
D. CER

Answer: B

Question: 5
A security analyst is diagnosing an incident in which a system was compromised from an
external IP address.
The socket identified on the firewall was traced to 207.46.130.0:6666. Which of the
following should the security analyst do to determine if the compromised system still has an
active connection?

A. tracert
B. netstat
C. ping
D. nslookup

Answer: B
Question: 6
A database backup schedule consists of weekly full backups performed on Saturday at
12:00 a.m. and daily differential backups also performed at 12:00 a.m. If the database is
restored on Tuesday afternoon, which of the following is the number of individual backups
that would need to be applied to complete the database recovery?

A. 1
B. 2
C. 3
D. 4

Answer: B

Question: 7
When identifying a company’s most valuable assets as part of a BIA, which of the following
should be the FIRST priority?

A. Life
B. Intellectual property
C. Sensitive data
D. Public reputation

Answer: A

Question: 8
When performing data acquisition on a workstation, which of the following should be
captured based on memory volatility? (Select two.)

A. USB-attached hard disk


B. Swap/pagefile
C. Mounted network storage
D. ROM
E. RAM

Answer: B,E

Question: 9
An application team is performing a load-balancing test for a critical application during off-
hours and has requested access to the load balancer to review which servers are up
without having the administrator on call.
The security analyst is hesitant to give the application team full access due to other critical
applications running on the load balancer. Which of the following is the BEST solution for
security analyst to process the request?

A. Give the application team administrator access during off-hours.


B. Disable other critical applications before granting the team access.
C. Give the application team read-only access.
D. Share the account with the application team.

Answer: C

Question: 10
A security consultant discovers that an organization is using the PCL protocol to print
documents, utilizing the default driver and print settings. Which of the following is the
MOST likely risk in this situation?

A. An attacker can access and change the printer configuration.


B. SNMP data leaving the printer will not be properly encrypted.
C. An MITM attack can reveal sensitive information.
D. An attacker can easily inject malicious code into the printer firmware.
E. Attackers can use the PCL protocol to bypass the firewall of client computers.

Answer: B

https://www.dumpsforsure.com/comptia/sy0-501-dumps.html

You might also like