1. Home
  2. CompTIA
  3. RC0-501

CompTIA Security+ Recertification Exam

Exam Details

  • Exam Code
    :RC0-501
  • Exam Name
    :CompTIA Security+ Recertification Exam
  • Certification
    :CompTIA Security+
  • Vendor
    :CompTIA
  • Total Questions
    :349 Q&As
  • Last Updated
    :Mar 29, 2025

CompTIA CompTIA Security+ RC0-501 Questions & Answers

  • Question 121:

    The chief security officer (CS0) has issued a new policy that requires that all internal websites be configured for HTTPS traffic only. The network administrator has been tasked to update all internal sites without incurring additional costs. Which of the following is the best solution for the network administrator to secure each internal website?

    A. Use certificates signed by the company CA

    B. Use a signing certificate as a wild card certificate

    C. Use certificates signed by a public ca

    D. Use a self-signed certificate on each internal server

  • Question 122:

    A security program manager wants to actively test the security posture of a system. The system is not yet in production and has no uptime requirement or active user base. Which of the following methods will produce a report which shows vulnerabilities that were actually explogted?

    A. Peer review

    B. Component testing

    C. Penetration testing

    D. Vulnerability testing

  • Question 123:

    A computer on a company network was infected with a zero-day explogt after an employee accidently opened an email that contained malicious content. The employee recognized the email as malicious and was attempting to delete it, but

    accidently opened it. Which of the following should be done to prevent this scenario from occurring again in the future?

    A. Install host-based firewalls on all computers that have an email client installed

    B. Set the email program default to open messages in plain text

    C. Install end-point protection on all computers that access web email

    D. Create new email spam filters to delete all messages from that sender

  • Question 124:

    A company wants to ensure that the validity of publicly trusted certificates used by its web server can be determined even during an extended internet outage. Which of the following should be implemented?

    A. Recovery agent

    B. Ocsp

    C. Crl

    D. Key escrow

  • Question 125:

    An administrator intends to configure an IPSec solution that provides ESP with integrity protection, but not confidentiality protection. Which of the following AES modes of operation would meet this integrity-only requirement?

    A. HMAC

    B. PCBC

    C. CBC

    D. GCM

    E. CFB

  • Question 126:

    A system administrator needs to implement 802.1x whereby when a user logs into the network, the authentication server communicates to the network switch and assigns the user to the proper VLAN. Which of the following protocols should be used?

    A. RADIUS

    B. Kerberos

    C. LDAP

    D. MSCHAP

  • Question 127:

    Which of the following types of cloud Infrastructures would allow several organizations with similar structures and interests to realize shared storage and resources?

    A. Private

    B. Hybrid

    C. Public

    D. Community

  • Question 128:

    After a user reports stow computer performance, a systems administrator detects a suspicious file, which was installed as part of a freeware software package.

    The systems administrator reviews the output below:

    Based on the above information, which of the following types of malware was installed on the user's computer?

    A. RAT

    B. Keylogger

    C. Spyware

    D. Worm

    E. Bot

  • Question 129:

    A company wants to host a publicly available server that performs the following functions:

    Evaluates MX record lookup

    Can perform authenticated requests for A and AAA records Uses RRSIG Which of the following should the company use to fulfill the above requirements? Which of the following should the company use to fulfill the above requirements?

    A. DNSSEC

    B. SFTP

    C. nslookup

    D. dig

  • Question 130:

    A company has a data classification system with definitions for "Private" and public." The company's security policy outlines how data should be protected based on type. The company recently added the data type "Proprietary". Which of the following is the MOST likely reason the company added this data type?

    A. Reduced cost

    B. More searchable data

    C. Better data classification

    D. Expanded authority of the privacy officer

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your RC0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.