CompTIA SY0-501 Actual Free Exam Questions & Community Discussion

Exam Code/Number: SY0-501
Exam Name/Title: CompTIA Security+ Certification Exam
Certification Provider: CompTIA
Corresponding Certification: Security+

Exam Questions: 715
Updated On: Jun 02, 2026

Question #57

A Chief Information Security Officer (CISO) asks the security architect to design a method for contractors to access the company's internal network securely without allowing access to systems beyond the scope of their project. Which of the following methods would BEST fit the needs of the CISO?

A. PaaS

B. VDI

C. VPN

D. IaaS

Discussion 0

Correct Answer: C Vote an answer

Question #58

A technician is designing a solution that will be required to process sensitive information, including classified government dat a. The system needs to be common criteria certified. Which of the following should the technician select?

A. Security baseline

B. Open-source software applications

C. Hybrid cloud solution

D. Trusted operating system

Discussion 0

Correct Answer: D Vote an answer

Question #59

A systems analyst is responsible for generating a new digital forensics chain-of-custody form. Which of the following should the analyst include in this documentation? (Select TWO)

A. The order of volatility

B. The location of the artifacts

C. A checksum

D. The date and time

E. The vendor's name

F. A warning banner

Discussion 0

Correct Answer: B,C Vote an answer

Question #60

Which of the following types of attack is being used when an attacker responds by sending the MAC address of the attacking machine to resolve the MAC to IP address of a valid server?

A. Session hijacking

B. ARP poisoning

C. Evil twin

D. IP spoofing

Discussion 0

Correct Answer: B Vote an answer

Explanation: Only visible for EduDump members. You can sign-up / login (it's free).

Question #61

A critical web application experiences slow response times during the end of a company's fiscal year. This web application typically sees a 35% increase in utilization during this time. The Chief Information Officer (CIO) wants an automated solution in place to deal with the annual spike. Which of the following does the CIO MOST likely want to implement?

A. Redundancy

B. Scalability

C. Elasticity

D. High availability

Discussion 0

Correct Answer: B Vote an answer

Question #62

Which of the following would be MOST effective at stopping zero-day attacks on an endpoint? (Select TWO)

A. Removing administrator rights from users

B. Installing a reverse proxy

C. Deploying antivirus and anti-malware system tools

D. Implementing a web application firewall

E. Implementing application whitelisting

F. Deploying multivendor NGFWs

Discussion 0

Correct Answer: A,E Vote an answer

Question #63

A hospital has received reports from multiple patients that their PHI was stolen after completing forms on the hospital's website. Upon investigation, the hospital finds a packet analyzer was used to steal dat a. Which of the following protocols would prevent this attack from reoccurring?

A. HTTPS

B. SFTP

C. SRTP

D. FTPS

Discussion 0

Correct Answer: B Vote an answer

Explanation: Only visible for EduDump members. You can sign-up / login (it's free).

Question #64

Which of the following would provide a safe environment for an application to access only the resources needed to function while not having access to run at the system level?

A. Sandbox

B. GPO

C. DMZ

D. Honey pot

Discussion 0

Correct Answer: A Vote an answer

Question #65

A network administrator wants to further secure the routers and switches that are used on the company network The administrator would like to achieve full packet encryption and full command logging when interacting with these devices Which of the following technologies should be implemented?

A. LDAP

B. TACACS+

C. RADIUS

D. SAML

Discussion 0

Correct Answer: B Vote an answer

Question #66

A security analyst is investigating a vulnerability In which a default file permission was set incorrectly. The company uses non-credentialed scanning for vulnerability management. Which of the following tools can the analyst use to verify the permissions?

A. ls

B. chmod

C. nessus

D. nc

E. setuid

F. ssh

Discussion 0

Correct Answer: B Vote an answer

Question #67

A security analyst wants to verify that a client-server (non-web) application is sending encrypted traffic. Which of the following should the analyst use?

A. tcpdump

B. hping

C. openssl

D. netcat

Discussion 0

Correct Answer: A Vote an answer

Question #68

A security administrator is creating a risk assessment on BYOD. One of the requirements of the risk assessment is to address the following
* Centrally managing mobile devices
* Data loss prevention
Which of the following recommendations should the administrator include in the assessment? (Select TWO).

A. implement and allow cloud storage features on the network.

B. implement hashing.

C. implement encryption.

D. implement an MDM with mobile device hardening.

E. implement a VPN with secure connection in webmail.

Discussion 0

Correct Answer: A,D Vote an answer

Question #69

An organization uses multifactor authentication to restrict local network access. It requires a PIV and a PIN. Which of the following factors is the organization using?

A. Something you have, something you know

B. Something you know, something you do

C. Something you do, something you are

D. Something you have; something you are

Discussion 0

Correct Answer: A Vote an answer

Question #70

A security administrator has received multiple calls from the help desk about customers who are unable to access the organization's web server. Upon reviewing the log files the security administrator determines multiple open requests have been made from multiple IP addresses, which is consuming system resources. Which of the following attack types does this BEST describe?

A. Logic bomb

B. DDoS

C. Zero day

D. DoS

Discussion 0

Correct Answer: B Vote an answer

Download Free CompTIA SY0-501 Demo

Simply submit your e-mail address below to get started with our free demo of your CompTIA SY0-501 exam.