Last Updated on July 16, 2021 by InfraExam

SY0-501 : CompTIA Security+ Certification​​ : Part 27

  1. Which of the following is the proper order for logging a user into a system from the first step to the last step?

    • Identification, authentication, authorization
    • Identification, authorization, authentication
    • Authentication, identification, authorization
    • Authentication, identification, authorization
    • Authorization, identification, authentication
  2. A company stores highly sensitive data files used by the accounting system on a server file share.
    The accounting system uses a service account named accounting-svc to access the file share.
    The data is protected will a full disk encryption, and the permissions are set as follows:

    File system permissions: Users = Read Only
    Share permission: accounting-svc = Read Only

    Given the listed protections are in place and unchanged, to which of the following risks is the data still subject?

    • Exploitation of local console access and removal of data
    • Theft of physical hard drives and a breach of confidentiality
    • Remote exfiltration of data using domain credentials
    • Disclosure of sensitive data to third parties due to excessive share permissions
  3. A bank uses a wireless network to transmit credit card purchases to a billing system.

    Which of the following would be MOST appropriate to protect credit card information from being accessed by unauthorized individuals outside of the premises?

    • Air gap
    • Infrared detection
    • Faraday cage
    • Protected distributions
  4. A help desk technician receives a phone call from an individual claiming to be an employee of the organization and requesting assistance to access a locked account. The help desk technician asks the individual to provide proof of identity before access can be granted. Which of the following types of attack is the caller performing?

    • Phishing
    • Shoulder surfing
    • Impersonation
    • Dumpster diving
  5. Confidential emails from an organization were posted to a website without the organization’s knowledge. Upon investigation, it was determined that the emails were obtained from an internal actor who sniffed the emails in plain text.

    Which of the following protocols, if properly implemented, would have MOST likely prevented the emails from being sniffed? (Choose two.)

    • Secure IMAP
    • DNSSEC
    • S/MIME
    • SMTPS
    • HTTPS
  6. A company wants to implement an access management solution that allows employees to use the same usernames and passwords for multiple applications without having to keep multiple credentials synchronized.

    Which of the following solutions would BEST meet these requirements?

    • Multifactor authentication
    • SSO
    • Biometrics
    • PKI
    • Federation
  7. An external auditor visits the human resources department and performs a physical security assessment. The auditor observed documents on printers that are unclaimed. A closer look at these documents reveals employee names, addresses, ages, and types of medical and dental coverage options each employee has selected.

    Which of the following is the MOST appropriate actions to take?

    • Flip the documents face down so no one knows these documents are PII sensitive
    • Shred the documents and let the owner print the new set
    • Retrieve the documents, label them with a PII cover sheet, and return them to the printer
    • Report to the human resources manager that their personnel are violating a privacy policy
  8. Which of the following authentication concepts is a gait analysis MOST closely associated?

    • Somewhere you are
    • Something you are
    • Something you do
    • Something you know
  9. Which of the following metrics are used to calculate the SLE? (Choose two.)

    • ROI
    • ARO
    • ALE
    • MTBF
    • MTTF
    • TCO
  10. Due to regulatory requirements, server in a global organization must use time synchronization. Which of the following represents the MOST secure method of time synchronization?

    • The server should connect to external Stratum 0 NTP servers for synchronization
    • The server should connect to internal Stratum 0 NTP servers for synchronization
    • The server should connect to external Stratum 1 NTP servers for synchronization
    • The server should connect to external Stratum 1 NTP servers for synchronization
  11. When sending messages using symmetric encryption, which of the following must happen FIRST?

    • Exchange encryption key
    • Establish digital signatures
    • Agree on an encryption method
    • Install digital certificates
  12. Which of the following scenarios BEST describes an implementation of non-repudiation?

    • A user logs into a domain workstation and access network file shares for another department
    • A user remotely logs into the mail server with another user’s credentials
    • A user sends a digitally signed email to the entire finance department about an upcoming meeting 
    • A user access the workstation registry to make unauthorized changes to enable functionality within an application
  13. An office manager found a folder that included documents with various types of data relating to corporate clients. The office manager notified the data included dates of birth, addresses, and phone numbers for the clients. The office manager then reported this finding to the security compliance officer. Which of the following portions of the policy would the security officer need to consult to determine if a breach has occurred?

    • Public
    • Private
    • PHI
    • PII
  14. Which of the following is an asymmetric function that generates a new and separate key every time it runs?

    • RSA
    • DSA
    • DHE
    • HMAC
    • PBKDF2
  15. Which of the following would be considered multifactor authentication?

    • Hardware token and smart card
    • Voice recognition and retina scan
    • Strong password and fingerprint
    • PIN and security questions
  16. A user receives an email from ISP indicating malicious traffic coming from the user’s home network is detected. The traffic appears to be Linux-based, and it is targeting a website that was recently featured on the news as being taken offline by an Internet attack. The only Linux device on the network is a home surveillance camera system.

    Which of the following BEST describes what is happening?

    • The camera system is infected with a bot.
    • The camera system is infected with a RAT.
    • The camera system is infected with a Trojan.
    • The camera system is infected with a backdoor.
  17. A security auditor is testing perimeter security in a building that is protected by badge readers. Which of the following types of attacks would MOST likely gain access?

    • Phishing
    • Man-in-the-middle
    • Tailgating
    • Watering hole
    • Shoulder surfing
  18. An organization wants to upgrade its enterprise-wide desktop computer solution. The organization currently has 500 PCs active on the network. The Chief Information Security Officer (CISO) suggests that the organization employ desktop imaging technology for such a large-scale upgrade. Which of the following is a security benefit of implementing an imaging solution?

    • It allows for faster deployment.
    • It provides a consistent baseline.
    • It reduces the number of vulnerabilities.
    • It decreases the boot time.
  19. An organization has implemented an IPSec VPN access for remote users.

    Which of the following IPSec modes would be the MOST secure for this organization to implement?

    • Tunnel mode
    • Transport mode
    • AH-only mode
    • ESP-only mode

    In both ESP and AH cases with IPSec Transport mode, the IP header is exposed. The IP header is not exposed in IPSec Tunnel mode.

  20. Several workstations on a network are found to be on OS versions that are vulnerable to a specific attack.

    Which of the following is considered to be a corrective action to combat this vulnerability?

    • Install an antivirus definition patch
    • Educate the workstation users
    • Leverage server isolation
    • Install a vendor-supplied patch
    • Install an intrusion detection system