Download CompTIA Security+.PracticeTest.SY0-501.2019-03-04.1e.275q.vcex

Download Dump

File Info

Exam CompTIA Security+
Number SY0-501
File Name CompTIA Security+.PracticeTest.SY0-501.2019-03-04.1e.275q.vcex
Size 1.03 Mb
Posted March 04, 2019
Downloads 234

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.


With discount: 20%

Demo Questions

Question 1
In a corporation where compute utilization spikes several times a year, the Chief Information Officer (CIO) has requested a cost-effective architecture to handle the variable capacity demand. Which of the following characteristics BEST describes what the CIO has requested?

  • A: Elasticity
  • B: Scalability
  • C: High availability
  • D: Redundancy

Question 2
A security engineer is configuring a system that requires the X.509 certificate information to be pasted into a form field in Base64 encoded format to import it into the system. Which of the following certificate formats should the engineer use to obtain the information in the required format?

  • A: PFX
  • B: PEM
  • C: DER
  • D: CER

Question 3
Which of the following attacks specifically impact data availability?

  • A: DDoS
  • B: Trojan
  • C: MITM
  • D: Rootkit

Question 4
A security analyst is hardening a server with the directory services role installed. The analyst must ensure LDAP traffic cannot be monitored or sniffed and maintains compatibility with LDAP clients. Which of the following should the analyst implement to meet these requirements? (Select two.)

  • A: Generate an X.509-compliant certificate that is signed by a trusted CA.
  • B: Install and configure an SSH tunnel on the LDAP server.
  • C: Ensure port 389 is open between the clients and the servers using the communication.
  • D: Ensure port 636 is open between the clients and the servers using the communication.
  • E: Remote the LDAP directory service role from the server.

Question 5
Which of the following characteristics differentiate a rainbow table attack from a brute force attack? (Select two.)

  • A: Rainbow table attacks greatly reduce compute cycles at attack time.
  • B: Rainbow tables must include precomputed hashes.
  • C: Rainbow table attacks do not require access to hashed passwords.
  • D: Rainbow table attacks must be performed on the network.
  • E: Rainbow table attacks bypass maximum failed login restrictions.

Question 6
Refer to the following code:

Which of the following vulnerabilities would occur if this is executed?

  • A: Page exception
  • B: Pointer deference
  • C: NullPointerException
  • D: Missing null check

Question 7
Multiple employees receive an email with a malicious attachment that begins to encrypt their hard drives and mapped shares on their devices when it is opened. The network and security teams perform the following actions:
Shut down all network shares. 
Run an email search identifying all employees who received the malicious message. 
Reimage all devices belonging to users who opened the attachment. 
Next, the teams want to re-enable the network shares. Which of the following BEST describes this phase of the incident response process?

  • A: Eradication
  • B: Containment
  • C: Recovery
  • D: Lessons learned

Question 8
A security analyst is reviewing the following output from an IPS:


Given this output, which of the following can be concluded? (Select two.)

  • A: The source IP of the attack is coming from
  • B: The source IP of the attack is coming from
  • C: The attacker sent a malformed IGAP packet, triggering the alert.
  • D: The attacker sent a malformed TCP packet, triggering the alert.
  • E: The TTL value is outside of the expected range, triggering the alert.

Question 9
A company determines that it is prohibitively expensive to become compliant with new credit card regulations. Instead, the company decides to purchase insurance to cover the cost of any potential loss. Which of the following is the company doing?

  • A: Transferring the risk
  • B: Accepting the risk
  • C: Avoiding the risk
  • D: Migrating the risk

Question 10
A company is using a mobile device deployment model in which employees use their personal devices for work at their own discretion. Some of the problems the company is encountering include the following:
There is no standardization.  
Employees ask for reimbursement for their devices. 
Employees do not replace their devices often enough to keep them running efficiently. 
The company does not have enough control over the devices. 
Which of the following is a deployment model that would help the company overcome these problems?

  • A: BYOD
  • B: VDI
  • C: COPE
  • D: CYOD



You can buy ProfExam with a 20% discount..

Get Now!


Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen


Use VCE Exam Simulator to open VCE files