Complete CompTIA Security+ Certification With Updated SY0-501 Dumps V24.02 Now

1. Topic 1, Exam Pool A

A restaurant wants to deploy tablets to all waitstaff but does not want to use passwords or manage users to connect the tablets to the network.

Which of the following types of authentication would be BEST suited for this scenario?

2. An administrator is setting up automated remote file transfers to another organization.

The other organization has the following requirements for the connection protocol:

• Encryption in transit is required.

• Mutual authentication must be used.

• Certificate authentication must be used (no passwords).

Which of the following should the administrator choose?

3. Which of the following should a company require prior to performing a penetration test?

4. An analyst is reviewing the following web-server log after receiving an alert from the DLP system about multiple PII records being transmitted in cleartext:

Which of the following IP addresses in MOST likely involved in the data leakage attempt?

5. Which of the following physical security controls is MOST effective when trying to prevent tailgating?

6. During certain vulnerability scanning scenarios, It is possible for the target system to react in unexpected ways.

This type of scenario is MOST commonly known as:

7. Which of the following Is a resiliency strategy that allows a system to automatically adapt to workload changes?

8. Which of the following controls does a mantrap BEST represent?

9. A security team has completed the installation of a new server. The OS and applications have been patched and tested, and the server is ready to be deployed.

Which of the following actions should be taken before deploying the new server?

10. A technician is installing a new SIEM and is configuring the system to count the number of times an event occurs at a specific logical location before the system takes action.

Which of the following BEST describes the feature being configured by the technician?

11. After deploying an antivirus solution on some network-isolated industrial computers, the service desk team received a trouble ticket about the following message being displayed on then computer’s screen:

Which of the following would be the SAFEST next step to address the issue?

12. During a penetration test, Joe, an analyst, contacts the target's service desk Impersonating a user, he attempts to obtain assistance with resetting an email password. Joe claims this needs to be done as soon as possible, as he is the vice president of sales and does not want to contact the Chief Operations Officer (COO) for approval, since the COO is on vacation. When challenged. Joe reaffirms that he needs this done immediately, and threatens to contact the service desk supervisor over the issue.

Which of the following social engineering principles is Joe employing in this scenario'? (Select TWO).

13. Joe a new employee, discovered a thumb drive with the company's logo on it while walking in the parking lot Joe was curious as to the contents of the drive and placed it into his work computer. Shortly after accessing the contents, he noticed the machine was running slower, started to reboot, and displayed new icons on the screen.

Which of the following types of attacks occurred?

14. The director of information security at a company has recently directed the security engineering team to implement new security technologies aimed at reducing the impact of insider threats.

Which of the following tools has the team MOST likely deployed? (Select TWO).

15. A company is looking for an all-in-one solution to provide identification authentication, authorization, and accounting services.

Which of the following technologies should the company use?

16. During a routine check, a security analyst discovered the script responsible for the backup of the corporate file server had been changed to the following.

Which of the following BEST describes the type of malware the analyst discovered?

17. An organization is updating its access control standards for SSL VPN login to include multifactor authentication.

The security administrator assigned to this project has been given the following guidelines to use when selecting a solution

• High security

• Lowest false acceptance rate

• Quick provisioning time for remote users and offshore consultants

Which of the following solutions will BEST fit this organization's requirements?

18. After a breach, a company has decided to implement a solution to better understand the technique used by the attackers.

Which of the following is the BEST solution to be deployed?

19. A security administrator begins assessing a network with software that checks for available exploits against a known database using both credentials and external scripts A report will be compiled and used to confirm patching levels.

This is an example of

20. A security analyst has recently deployed an MDM solution that requires biometric authentication for company-issued smartphones. As the solution was implemented the help desk has seen a dramatic increase in calls by employees frustrated that company-issued phones take several attempts to unlock using the fingerprint scanner.

Which of the following should be reviewed to mitigate this problem?

21. Which of the following cloud models is used to share resources and information with business partners and like businesses without allowing everyone else access?

22. Which of the following types of vulnerability scans typically returns more detailed and thorough insights into actual system vulnerabilities?

23. Staff members of an organization received an email message from the Chief Executive Officer (CEO) asking them for an urgent meeting in the main conference room. When the staff assembled, they learned the message received was not actually from the CEO.

Which of the following BEST represents what happened?

24. Which of the following impacts MOST likely results from poor exception handling?

25. An organization has created a review process to determine how to best handle data with different sensitivity levels.

The process includes the following requirements:

• Soft copy Pll must be encrypted.

• Hard copy Pll must be placed In a locked container.

• Soft copy PHI must be encrypted and audited monthly.

• Hard copy PHI must be placed in a locked container and inventoried monthly.

Locked containers must be approved and designated for document storage. Any violations must be reported to the Chief Security Officer {CSO}.

While searching for coffee in the kitchen, an employee unlocks a cabinet and discovers a list of customer names and phone numbers.

Which of the following actions should the employee take?

26. A security analyst is asked to check the configuration of the company's DNS service on the server.

Which of the following command line tools should the analyst use to perform the Initial assessment?

27. An internal intranet site is required to authenticate users and restrict access to content to only those who are authorized to view it The site administrator previously encountered issues with credential spoofing when using the default NTLM setting and wants to move to a system that will be more resilient to replay attacks Which of the following should the administrator implement?

28. A NIPS administrator needs to install a new signature to observe the behavior of a worm that may be spreading over SMB.

Which of the following signatures should be installed on the NIPS'?

29. A Chief Information Officer (CIO) wants to eliminate the number of calls help desk is receiving for password resets when users log on to internal portals.

Which of the following is the BEST solution?

30. A security analyst receives the following output

Which of the following MOST likely occurred to produce this output?

31. A security engineer wants to further secure a sensitive VLAN on the network by introducing MFA.

Which of the following is the BEST example of this?

32. A company recently experienced a network security breach and wants to apply two-factor authentication to secure its network.

Which of the following should the company use? (Select TWO)

33. Which of the following security controls BEST mitigates social engineering attacks?

34. A critical enterprise component whose loss or destruction would significantly impede business operations or have an outsized impact on corporate revenue is known as:

35. In the event of a security incident, which of the following should be captured FIRST?

36. Given the following output:

Which of the following BEST describes the scanned environment?

37. A security analyst investigate a report from an employee in the human resources (HR) department who is issues with Internal access. When the security analyst pull the UTM logs for the IP addresses in the HR group, the following activity is shown:

Which of the following actions should the security analyst take?

38. A company uses WPA2-PSK, and it appears there are multiple unauthorized connected to the wireless network. A technician suspects this is because the wireless passwords has been shared with unauthorized individuals.

Which of the following should the technician implement to BEST reduce the risk of this happening in the future?

39. A security analyst received an after-hours alert indicating that a large number of accounts with the suffix “admin’’ were locked out. The accounts were all locked out after five unsuccessful login attempts, and no other accounts on the network triggered the same alert.

Which of the following is the BEST explanation for these alerts?

40. During the penetration testing of an organization, the tester was provided with the names of a few key servers, along with their IP address.

Which of the following is the organization conducting?

41. Given the following:

> md5.exe filel.txt

> ADIFAB103773DC6A1E6021B7E503A210

> md5.exe file2.txt

> ADIFAB103773DC6A1E602lB7E503A210

Which of the following concepts of cryptography is shown?

42. When building a hosted datacenter.

Which of the following is the MOST important consideration for physical security within the datacenter?

43. An organization handling highly confidential information needs to update its systems.

Which of the following is the BEST method to prevent data compromise?

44. The Chief Executive Officer (CEO) received an email from the Chief Financial Officer (CFO), asking the CEO to send financial details. The CEO thought it was strange that the CFO would ask for the financial details via email. The email address was correct in the "From “section of the email. The CEO clicked the form and sent the financial information as requested.

Which of the following caused the incident?

45. A technician wants to add wireless guest capabilities to an enterprise wireless network that is currently implementing 802.1X EAP-TLS.

The guest network must

• Support client Isolation.

• Issue a unique encryption key to each client.

• Allow guests to register using their personal email addresses

Which of the following should the technician implement? (Select TWO),

46. An Organization requires secure configuration baselines for all platforms and technologies that are used. If any system cannot conform to the secure baseline, the organization must process a risk acceptance and receive approval before the system is placed into production. It may have non-conforming systems in its lower environments (development and staging) without risk acceptance, but must receive risk approval before the system is placed in production. Weekly scan reports identify systems that do not conform to any secure baseline.

The application team receive a report with the following results:

There are currently no risk acceptances for baseline deviations. This is a mission-critical application, and the organization cannot operate If the application is not running. The application fully functions in the development and staging environments.

Which of the following actions should the application team take?

47. A technician is required to configure updates on a guest operating system while maintaining the ability to quickly revert the changes that were made while testing the updates.

Which of the following should the technician implement?

48. An organization was recently compromised by an attacker who used a server certificate with the company's domain issued by an irrefutable CA.

Which of the following should be used to mitigate this risk in the future?

49. Some call center representatives ‘workstations were recently updated by a contractor, who was able to collect customer information from the call center workstations.

Which of the following types of malware was installed on the call center users’ systems?

50. An analyst is currently looking at the following output:

Which of the following security issues has been discovered based on the output?

51. A company is performing an analysis of the corporate enterprise network with the intent of identifying any one system, person, function, or service that, when neutralized, will cause or cascade disproportionate damage to the company’s revenue, referrals, and reputation.

Which of the following is an element of the BIA that this action is addressing?

52. Which of the following could an attacker use to overwrite instruction pointers in order to execute malicious code?

53. A security administrator is creating a risk assessment on BYOD.

One of the requirements of the risk assessment is to address the following

• Centrally managing mobile devices

• Data loss prevention

Which of the following recommendations should the administrator include in the assessment? (Select TWO).

54. Confidential corporate data was recently stolen by an attacker who exploited data transport protections.

Which of the following vulnerabilities is the MOST likely cause of this data breach?

55. A user wants to send a confidential message to a customer to ensure unauthorized users cannot access the information.

Which of the following can be used to ensure the security of the document while in transit and at rest?

56. A dumpster diver was able 10 retrieve hard drives from a competitor's trash bin. After installing the and hard drives and running common date recovery software. Sensitive information was recovered.

In which of the following ways did the competitor apply media sanitation?

57. Management wants to ensure any sensitive data on company-provided cell phones is isolated in a single location that can be remotely wiped if the phone is lost.

Which of the following technologies BEST meets this need?

58. The Chief Information Security Officer (CISO) at a large company tasks a security administrator to provide additional validation for website customers.

Which of the following should the security administrator implement?

59. An authorized user is conducting a penetration scan of a system for an organization. The tester has a set of network diagrams. Source code, version numbers of applications. and other information about the system. Including hostnames and network addresses.

Which of the following BEST describes this type of penetration test?

60. A company recently experienced a security incident in which its domain controllers were the target of a DoS attack.

In which of the following steps should technicians connect domain controllers to the net-work and begin authenticating users again?

61. A security engineer implements multiple technical measures to secure an enterprise network. The engineer also works with the Chief information Officer (CID) to implement policies to govern user behavior.

Which of the following strategies is the security engineer executing?

62. An organization's Chief Executive Officer (CEO) directs a newly hired computer technician to install an OS on the CEO‘s: personal laptop. The technician performs the installation, and a software audit later in the month indicates a violation of the EULA occurred as a result.

Which of the following would address this violation going forward?

63. A security analyst is reviewing the password policy for a service account that is used for a critical network service.

The password policy for this account is as follows:

Enforce password history: Three passwords remembered

Maximum password age: 30 days

Minimum password age: Zero days

Complexity requirements: At least one special character, one uppercase

Minimum password length: Seven characters

Lockout duration: One day

Lockout threshold: Five failed attempts in 15 minutes

Which of the following adjustments would be the MOST appropriate for the service account?

64. A law office has been leasing dark fiber from a local telecommunications company to connect a remote office to company headquarters. The telecommunication company has decided to discontinue its dark fiber product and is offering an MPLS connection.

Which the law office feels is too expensive.

Which of the following is the BEST solution for the law office?

65. A technician suspects that a desktop was compromised with a rootkit.

After removing the hard drive from the desktop and running an offline file integrity check, the technician reviews the following output:

Based on the above output, which of the following is the malicious file?

66. A security administrator plans to conduct a vulnerability scan on the network to determine if system applications are up to date. The administrator wants to limit disruptions to operations but not consume too many resources.

Which of the following types of vulnerability scans should be conducted?

67. A computer forensics team is performing an integrity check on key systems files. The team is comparing the signatures of original baseline files with the latest signatures. The original baseline was taken on March 2, 2016. and was established to be clean of malware and uncorrupted. The latest tile signatures were generated yesterday. One file is known to be corrupted, but when the team compares the signatures of the original and latest flies, the team sees the

Following:

Original: 2d da b1 4a fc f1 98 06 b1 e5 26 b2 df e5 5b 3e cb 83 e1

Latest: 2d da b1 4a 98 fc f1 98 bl e5 26 b2 df e5 5b 3e cb 83 e1

Which of the following is MOST likely the situation?

68. A company is deploying MFDs in its office to improve employee productivity when dealing with paperwork.

Which of the following concerns is MOST likely to be raised as a possible security issue in relation Io these devices?

69. A developer is building a new web portal for internal use. The web portal will only the accessed by internal users and will store operational documents.

Which of the following certificate types should the developer install if the company is MOST interested in minimizing costs?

70. A network technician is setting up a new branch for a company. The users at the new branch will need to access resources securely as if they were at ‘the main location.

Which of the following networking concepts would BEST accomplish this‘?

71. An organization requires that all workstations he issued client computer certificates from the organization‘s PKI.

Which of the following configurations should be implemented?

72. Which of the following control types would a backup of server data provide in case of a system issue?

73. Joe, an employee, asks a coworker how long ago Ann started working at the help desk. The coworker expresses surprise since nobody named Ann works at the help desk. Joe mentions that Ann called several people in the customer service department 10 help reset their passwords over the phone due to unspecified “server issues.‘

Which of the following has occurred?

74. A security administrator is implementing a SIEM and needs to ensure events can be compared against each other based on when the events occurred and were collected.

Which of the following does the administrator need to implement to ensure this can be accomplished?

75. Which of the following identity access methods creates a cookie on the first logic to a central authority to allow logins to subsequent applications without referring credentials?

76. A systems administrator has created network file shares for each department with associated security groups for each role within the organization.

Which of the following security concepts is the systems administrator implementing?

77. As part of a corporate merger. two companies are combining resources. As a result, they must transfer files through the internet in a secure manner.

Which of the following protocols would BEST meet this objective? (Choose two.)

78. A security engineer needs to obtain a recurring log of changes to system files. The engineer is most concerned with detecting unauthorized changes to system data.

Which of the following tools can be used to fulfill the requirements that were established by the engineer?

79. A credentialed vulnerability scan is often preferred over a non-credentialed scan because credentialed scans:

80. A security analyst wants to limit the use of USB and external drives to protect against malware. as well as protect files leaving a user’s computer.

Which of the following is the BEST method to use?