CompTIA SY0-501 CompTIA Security+ Certification Exam Web: www.exactinside.com Version: Demo Email: firstname.lastname@example.org [ Total Questions: 10] IMPORTANT NOTICE Feedback We have developed quality product and state-of-art service to ensure our customers interest. If you have any suggestions, please feel free to contact us at email@example.com Support If you have any questions about our product, please provide the following items: exam code screenshot of the question login id/email please contact us at firstname.lastname@example.org and our technical experts will provide support within 24 hours. Copyright The product of each order has its own encryption code, so you should use it independently. Any unauthorized changes will inflict legal punishment. We reserve the right of final explanation for this statement. Exact Questions CompTIA - SY0-501 Exam Topic Breakdown Exam Topic Number of Questions Topic 2 : Exam Pool B 4 Topic 3 : Simulations 4 Topic 1 : Exam Pool A 2 TOTAL 10 Find Everything , Exactly in your Exam 1 of 16 Exact Questions CompTIA - SY0-501 Topic 2, Exam Pool B Question #:1 - (Exam Topic 2) A system in the network is used to store proprietary secrets and needs the highest level of security possible. Which of the following should a security administrator implement to ensure the system cannot be reached from the Internet? A. VLAN B. Air gap C. NAT D. Firewall Answer: B Explanation An air gap, air wall or air gapping is a network security measure employed on one or more computers to ensure that a secure computer network is physically isolated from unsecured networks, such as the public Internet or an unsecured local area network. Question #:2 - (Exam Topic 2) An organization is struggling to differentiate threats from normal traffic and access to systems A security engineer has been asked to recommend a system that will aggregate data and provide metrics that will assist in Identifying malicious actors or other anomalous activity throughout the environment. Which of the following solutions should the engineer recommend? A. Web application firewall B. SIEM C. IPS D. UTM E. File integrity monitor Answer: B Find Everything , Exactly in your Exam 2 of 16 Exact Questions CompTIA - SY0-501 Question #:3 - (Exam Topic 2) A large Industrial system's smart generator monitors the system status and sends alerts to third-party maintenance personnel when critical failures occur. While reviewing the network logs, the company's security manager notices the generator's IP is sending packets to an internal file server's IP. Which of the following mitigations would be BEST for the security manager to implement while maintaining alerting capabilities? A. Segmentation B. Firewall whitelisting C. Containment D. Isolation Answer: B Question #:4 - (Exam Topic 2) An analyst is concerned about data leaks and wants to restrict access to Internet services to authorized users only. The analyst also wants to control the actions each user can perform on each service Which of the following would be the BEST technology for me analyst to consider implementing? A. DLP B. VPC C. CASB D. ACL Answer: A Find Everything , Exactly in your Exam 3 of 16 Exact Questions CompTIA - SY0-501 Topic 3, Simulations Question #:5 - (Exam Topic 3) Leveraging the information supplied below, complete the CSR for the server to set up TLS (HTTPS) • Hostname: ws01 • Domain: comptia.org • IPv4: 10.1.9.50 • IPV4: 10.2.10.50 • Root: home.aspx • DNS CNAME:homesite. Instructions: Drag the various data points to the correct locations within the CSR. Extension criteria belong in the let hand column and values belong in the corresponding row in the right hand column. Answer: Find Everything , Exactly in your Exam 4 of 16 Exact Questions CompTIA - SY0-501 Explanation Question #:6 - (Exam Topic 3) Drag and drop the correct protocol to its default port. Find Everything , Exactly in your Exam 5 of 16 Exact Questions CompTIA - SY0-501 Answer: Find Everything , Exactly in your Exam 6 of 16 Exact Questions CompTIA - SY0-501 Explanation Find Everything , Exactly in your Exam 7 of 16 Exact Questions CompTIA - SY0-501 FTP uses TCP port 21. Telnet uses port 23. SSH uses TCP port 22. All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22. Secure Copy Protocol (SCP) is a secure file-transfer facility based on SSH and Remote Copy Protocol (RCP). Secure FTP (SFTP) is a secured alternative to standard File Transfer Protocol (FTP). SMTP uses TCP port 25. Port 69 is used by TFTP. SNMP makes use of UDP ports 161 and 162. http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers Question #:7 - (Exam Topic 3) Find Everything , Exactly in your Exam 8 of 16 Exact Questions CompTIA - SY0-501 You have been tasked with designing a security plan for your company. Drag and drop the appropriate security controls on the floor plan. Instructions: All objects must be used and all place holders must be filled. Order does not matter. When you have completed the simulation, please select the Done button to submit. Answer: Find Everything , Exactly in your Exam 9 of 16 Exact Questions CompTIA - SY0-501 Explanation Find Everything , Exactly in your Exam 10 of 16 Exact Questions CompTIA - SY0-501 Cable locks - Adding a cable lock between a laptop and a desk prevents someone from picking it up and walking away Proximity badge + reader Safe is a hardware/physical security measure Mantrap can be used to control access to sensitive areas. CCTV can be used as video surveillance. Biometric reader can be used to control and prevent unauthorized access. Locking cabinets can be used to protect backup media, documentation and other physical artifacts. Question #:8 - (Exam Topic 3) An attack has occurred against a company. INSTRUCTIONS You have been tasked to do the following: Identify the type of attack that is occurring on the network by clicking on the attacker’s tablet and reviewing the output. (Answer Area 1) Find Everything , Exactly in your Exam 11 of 16 Exact Questions CompTIA - SY0-501 Identify which compensating controls should be implemented on the assets, in order to reduce the effectiveness of future attacks by dragging them to the correct server. (Answer area 2) All objects will be used, but not all placeholders may be filled. Objects may only be used once. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button. Find Everything , Exactly in your Exam 12 of 16 Exact Questions CompTIA - SY0-501 Answer: Find Everything , Exactly in your Exam 13 of 16 Exact Questions CompTIA - SY0-501 Explanation Find Everything , Exactly in your Exam 14 of 16 Exact Questions Find Everything , Exactly in your Exam CompTIA - SY0-501 15 of 16 Exact Questions CompTIA - SY0-501 Topic 1, Exam Pool A Question #:9 - (Exam Topic 1) Which of the following is the MOST likely motivation for a script kiddie threat actor? A. Financial gain B. Notoriety C. Political expression D. Corporate espionage Answer: B Question #:10 - (Exam Topic 1) A security engineer needs to build a solution to satisfy regulatory requirements that state certain critical server must be accessed using MFA. However, the critical servers are older and are unable to support the addition of MFA. Which of the following will the engineer MOST likely use to achieve this objective? A. A forward proxy B. A stateful firewall C. A jump server D. A port tap Answer: B Find Everything , Exactly in your Exam 16 of 16 About exactinside.com exactinside.com was founded in 2007. We provide latest & high quality IT / Business Certification Training Exam Questions, Study Guides, Practice Tests. We help you pass any IT / Business Certification Exams with 100% Pass Guaranteed or Full Refund. Especially Cisco, CompTIA, Citrix, EMC, HP, Oracle, VMware, Juniper, Check Point, LPI, Nortel, EXIN and so on. View list of all certification exams: All vendors We prepare state-of-the art practice tests for certification exams. You can reach us at any of the email addresses listed below. Sales: email@example.com Feedback: firstname.lastname@example.org Support: email@example.com Any problems about IT certification or our products, You can write us back and we will get back to you within 24 hours.