Free Access CompTIA.SY0-501.v2022-01-24.q485 Practice Test (Page 20)

Question 91

Which of the following network vulnerability scan indicators BEST validates a successful, active scan?

A.The scan data identifies the use of privileged-user credentials.

B.The scan job is scheduled to run during off-peak hours.

C.The scan results identify the hostname and IP address.

D.The scan output lists SQL injection attack vectors.

Question 92

A security administrator is investigating many recent incidents of credential theft for users accessing the company's website, despite the hosting web server requiring HTTPS for access. The server's logs show the website leverages the HTTP POST method for carrying user authentication details.
Which of the following is the MOST likely reason for compromise?

A.The company doesn't support DNSSEC.

B.The HTTP POST method is not protected by HTTPS.

C.The HTTP response is susceptible to sniffing.

D.The web server is running a vulnerable SSL configuration.

Question 93

An administrator needs to implement a connection to a supplier for confidential order processing and also provide a method for support engineers in the field to connect to the ERP. Which of the following should the administrator implement?

A.A VPN concentrator for the supplier and an SSL accelerator for the field engineers

B.A split-tunnel VPN for the supplier and a full-tunnel VPN for the field engineers

C.A remote access VPN for the supplier and a site-to-site VPN for the field engineers

D.An IPSec VPN connection for the supplier and SSL VPN connections for the field engineers

Question 94

A security analyst investigate a report from an employee in the human resources (HR) department who is issues with Internal access. When the security analyst pull the UTM logs for the IP addresses in the HR group, the following activity is shown:
Which of the following actions should the security analyst take?

A.Edit the last line Of the ACL On the UTM lo: allow any any.

B.Ensure the HR employee is in the appropriate user group

C.Disable the proxy settings on the HR employee's device.

D.Allow port 8080 on the UTM for all outgoing traffic

Question 95

An attacker exploited a vulnerability on a mail server using the code below.

Which of the following BEST explains what the attacker is doing?

A.The attacker is replacing a cookie.

B.The attacker is stealing a document.

C.The attacker is replacing a document.

D.The attacker is deleting a cookie.

Other Version: 77CompTIA.Examboosts.SY0-501.v2021-11-25.by.giles.359q.pdf

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 152Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 166TheSecOpsGroup.CNSP.v2025-09-08.q20; 225CFAInstitute.ESG-Investing.v2025-09-08.q173; 176PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 151Salesforce.Data-Architect.v2025-09-05.q216; 148Adobe.AD0-E605.v2025-09-05.q50

Question 91

Question 92

Question 93

Question 94

Question 95

Download PDF File