Free Access CompTIA.SY0-501.v2022-01-24.q485 Practice Test (Page 33)

Question 156

A security analyst is inspecting the results of a recent internal vulnerability scan that was performed against intranet services. The scan reports include the following critical-rated vulnerability:
Title: Remote Command Execution vulnerability in web server
Rating: Critical (CVSS 10.0)
Threat actor: any remote user of the web server
Confidence: certain
Recommendation: apply vendor patches
Which of the following actions should the security analyst perform FIRST?

A.Apply organizational context to the risk rating.

B.Escalate the issue to senior management.

C.Exploit the server to check whether it is a false positive.

D.Organize for urgent out-of-cycle patching.

Question 157

A security specialist is notified about a certificate warning that users receive when using a new internal website.
After being given the URL from one of the users and seeing the warning, the security specialist inspects the certificate and realizes it has been issued to the IP address, which is how the developers reach the site.
Which of the following would BEST resolve the issue?

A.OSCP

B.PEM

C.OID

D.SAN

Question 158

To reduce disk consumption, an organization's legal department has recently approved a new policy setting the data retention period for sent email at six months. Which of the following is the BEST way to ensure this goal is met?

A.Configure the email server to delete the relevant emails.

B.Implement automatic disk compression on email servers.

C.Migrate the relevant emails into an "Archived" folder.

D.Create a daily encrypted backup of the relevant emails.

Question 159

An information systems owner has decided to create a more stringent password policy based on recent reports that systems are being compromised with current user credentials. The current policy has password complexity reuse and history measures in place, however, attackers are repeatedly gaming access to the systems after passwords have been changed. Which of the following would be the BEST method to add to the password policy to prevent compromise?

A.Account lockout

B.Password recovery

C.Password length

D.Account expiration

Question 160

Which of the following technologies would be MOST appropriate to utilize when testing a new software patch before a company-wide deployment?

A.Cloud computing

B.Virtualization

C.Redundancy

D.Application control

Other Version: 77CompTIA.Examboosts.SY0-501.v2021-11-25.by.giles.359q.pdf

Latest Upload: 106OCEG.GRCP.v2025-09-11.q211; 106HP.HPE0-V27.v2025-09-11.q78; 122Oracle.1Z0-1057-23.v2025-09-10.q47; 157Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 136SAP.C-S4EWM-2023.v2025-09-08.q83; 172TheSecOpsGroup.CNSP.v2025-09-08.q20; 239CFAInstitute.ESG-Investing.v2025-09-08.q173; 234PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 159Salesforce.Data-Architect.v2025-09-05.q216; 153Adobe.AD0-E605.v2025-09-05.q50

Question 156

Question 157

Question 158

Question 159

Question 160

Download PDF File