• Home
  • Articles
  • [Oct-2021] Practice CompTIA SY0-501 exam. Online Exam Practice Tests with detailed explanations! Pass SY0-501 with confidence! [Q120-Q142]

[Oct-2021] Practice CompTIA SY0-501 exam. Online Exam Practice Tests with detailed explanations! Pass SY0-501 with confidence! [Q120-Q142]

Share

Practice Security+ SY0-501 exam. Online Exam Practice Tests with detailed explanations! Pass SY0-501 with confidence!

SY0-501 - CompTIA Security+ Certification Exam Practice Tests 2021 | ActualCollection

NEW QUESTION 120
Which of the following are MOST susceptible to birthday attacks?

  • A. Encryption passwords
  • B. Digital certificates
  • C. Hashed passwords
  • D. One time passwords

Answer: C

 

NEW QUESTION 121
An attacker uses a network sniffer to capture the packets of a transaction that adds $20 to a gift card. The
attacker then user a function of the sniffer to push those packets back onto the network again, adding
another $20 to the gift card. This can be done many times.
Which of the following describes this type of attack?

  • A. Cross-site scripting attack
  • B. Smurf attack
  • C. Replay attack
  • D. Integer overflow attack
  • E. Buffer overflow attack

Answer: C

 

NEW QUESTION 122
An organization uses simulated phishing attacks on its users to better prepare them to recognize actual phishing attacks and get them accustomed to reporting the attacks to the security team. This is an example of:

  • A. baselining
  • B. continuous monitoring
  • C. user training
  • D. stress testing

Answer: C

 

NEW QUESTION 123
A security auditor is reviewing the following output from file integrity monitoring software installed on a very busy server at a large service provider. The server has not been updates since it was installed. Drag and drop the log entry that identifies the first instance of server compromise.

Answer:

Explanation:

 

NEW QUESTION 124
Which of the following BEST describes a defense-in-depth strategy?

  • A. A security administrator places a web server behind two firewalls from two different vendors with only ports 80 and 443 open
  • B. Outbound traffic travels through a proxy and a stateful firewall with ports 80 and 443 open
  • C. The security team configures an application-whitelisting program on endpoints and installs NIDS.
  • D. The security architect scans servers daily with a vulnerability scanner and conducts weekly penetration-testing exercises

Answer: C

 

NEW QUESTION 125
When generating a request for a new x.509 certificate for securing a website, which of the following is the
MOST appropriate hashing algorithm?

  • A. HMAC
  • B. SHA
  • C. MD5
  • D. RC4

Answer: B

 

NEW QUESTION 126
A systems administrator is reviewing the following information from a compromised server:

Given the above information, which of the following processes was MOST likely exploited via a remote buffer overflow attack?

  • A. TFTP
  • B. LSASS
  • C. Apache
  • D. MySQL

Answer: C

 

NEW QUESTION 127
An information security specialist is reviewing the following output from a Linux server.

Based on the above information, which of the following types of malware was installed on the server?

  • A. Trojan
  • B. Ransomware
  • C. Backdoor
  • D. Rootkit
  • E. Logic bomb

Answer: C

 

NEW QUESTION 128
Which of the following cryptographic attacks would salting of passwords render ineffective?

  • A. Dictionary
  • B. Brute force
  • C. Birthday
  • D. Rainbow tables

Answer: D

 

NEW QUESTION 129
A government agency with sensitive information wants to virtualize its infrastructure. Which of the following cloud deployment models BEST fits the agency's needs?

  • A. Private
  • B. Community
  • C. Hybrid
  • D. Public

Answer: A

 

NEW QUESTION 130
A security analyst wishes to increase the security of an FTP server. Currently, all traffic to the FTP server is unencrypted. Users connecting to the FTP server use a variety of modern FTP client software.
The security analyst wants to keep the same port and protocol, while also still allowing unencrypted connections. Which of the following would BEST accomplish these goals?

  • A. Require the SFTP protocol to connect to the file server.
  • B. Use SSH tunneling to encrypt the FTP traffic.
  • C. Use explicit FTPS for connections.
  • D. Use implicit TLS on the FTP server.

Answer: C

 

NEW QUESTION 131
A newly purchased corporate WAP needs to be configured in the MOST secure manner possible.
INSTRUCTIONS
Please click on the below items on the network diagram and configure them accordingly:
* WAP
* DHCP Server
* AAA Server
* Wireless Controller
* LDAP Server
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Answer:

Explanation:

 

NEW QUESTION 132
An in-house penetration tester has been asked to evade a new DLP system. The tester plans to exfiltrate data through steganography. Discovery of which of the following would help catch the tester in the act?

  • A. Unusual SFTP connections to a consumer IP address
  • B. Outgoing emails containing unusually large image files
  • C. Abnormally high numbers of outgoing instant messages that contain obfuscated text
  • D. Large-capacity USB drives on the tester's desk with encrypted zip files

Answer: B

 

NEW QUESTION 133
A company wants to ensure confidential data from storage media is sanitized in such a way that the drive cannot be reused. Which of the following method should the technician use?

  • A. Wiping
  • B. Repartitioning
  • C. Low-level formatting
  • D. Overwriting
  • E. Shredding

Answer: E

 

NEW QUESTION 134
A network administrator is attempting to troubleshoot an issue regarding certificates on a secure website.
During the troubleshooting process, the network administrator notices that the web gateway proxy on the local network has signed all of the certificates on the local machine. Which of the following describes the type of attack the proxy has been legitimately programmed to perform?

  • A. Transitive access
  • B. Spoofing
  • C. Man-in-the-middle
  • D. Replay

Answer: C

 

NEW QUESTION 135
A security administrator is tasked with conducting an assessment made to establish the baseline security posture of the corporate IT infrastructure. The assessment must report actual flaws and weaknesses in the infrastructure. Due to the expense of hiring outside consultants, the testing must be performed using in-house or cheaply available resource. There cannot be a possibility of any requirement being damaged in the test. Which of the following has the administrator been tasked to perform?

  • A. Penetration test
  • B. Vulnerability assessment
  • C. Risk transference
  • D. Threat assessment

Answer: B

 

NEW QUESTION 136
A security administrator has found a hash in the environment known to belong to malware. The
administrator then finds this file to be in in the preupdate area of the OS, which indicates it was pushed
from the central patch system.
File: winx86_adobe_flash_upgrade.exe
Hash: 99ac28bede43ab869b853ba62c4ea243
The administrator pulls a report from the patch management system with the following output:

Given the above outputs, which of the following MOST likely happened?

  • A. The file was embedded with a logic bomb to evade detection.
  • B. The file was infected when the patch manager downloaded it.
  • C. The file was corrupted after it left the patch system.
  • D. The file was not approved in the application whitelist system.

Answer: B

 

NEW QUESTION 137
A Chief Information Officer (CIO) has decided it is not cost effective to implement safeguards against a known vulnerability. Which of the following risk responses does this BEST describe?

  • A. Mitigation
  • B. Avoidance
  • C. Transference
  • D. Acceptance

Answer: D

 

NEW QUESTION 138
A technician has been asked to document which services are running on each of a collection of 200 servers. Which of the following tools BEST meets this need while minimizing the work required?

  • A. Nslookup
  • B. Netstat
  • C. Netcat
  • D. Nmap

Answer: D

 

NEW QUESTION 139
A department head at a university resigned on the first day of the spring semester. It was subsequently determined that the department head deleted numerous files and directories from the server-based home directory while the campus was closed.
Which of the following policies or procedures co have prevented this from occurring?

  • A. Time-of-day restrictions
  • B. Permission auditing and review
  • C. Offboarding
  • D. Account expiration

Answer: C

 

NEW QUESTION 140
Refer to the following code:

Which of the following vulnerabilities would occur if this is executed?

  • A. Pointer deference
  • B. NullPointerException
  • C. Missing null check
  • D. Page exception

Answer: C

 

NEW QUESTION 141
HOTSPOT
Select the appropriate attack from each drop down list to label the corresponding illustrated attack
Instructions: Attacks may only be used once, and will disappear from drop down list if selected.
When you have completed the simulation, please select the Done button to submit.

Answer:

Explanation:

Explanation:

1: Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. As with the e-mail messages used in regular phishing expeditions, spear phishing messages appear to come from a trusted source. Phishing messages usually appear to come from a large and well-known company or Web site with a broad membership base, such as eBay or PayPal. In the case of spear phishing, however, the apparent source of the e-mail is likely to be an individual within the recipient's own company and generally someone in a position of authority.
2: The Hoax in this question is designed to make people believe that the fake AV (anti- virus) software is genuine.
3: Vishing is the act of using the telephone in an attempt to scam the user into surrendering private information that will be used for identity theft. The scammer usually pretends to be a legitimate business, and fools the victim into thinking he or she will profit.
4: Phishing is the act of sending an email to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft.
Phishing email will direct the user to visit a website where they are asked to update personal information, such as a password, credit card, social security, or bank account numbers, that the legitimate organization already has. The website, however, is bogus and set up only to steal the information the user enters on the page.
5: Similar in nature to e-mail phishing, pharming seeks to obtain personal or private
(usually financial related) information through domain spoofing. Rather than being spammed with malicious and mischievous e-mail requests for you to visit spoof Web sites which appear legitimate, pharming 'poisons' a DNS server by infusing false information into the DNS server, resulting in a user's request being redirected elsewhere. Your browser, however will show you are at the correct Web site, which makes pharming a bit more serious and more difficult to detect. Phishing attempts to scam people one at a time with an e-mail while pharming allows the scammers to target large groups of people at one time through domain spoofing.
References:
http://searchsecurity.techtarget.com/definition/spear-phishing
http://www.webopedia.com/TERM/V/vishing.html
http://www.webopedia.com/TERM/P/phishing.html
http://www.webopedia.com/TERM/P/pharming.html

 

NEW QUESTION 142
......

The best SY0-501 exam study material and preparation tool is here: https://www.actualcollection.com/SY0-501-exam-questions.html

 

Related Articles

more
CompTIA SY0-501 Certification Practice Exam

Copyright © 2026 ActualCollection NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy