1. Home
  2. CompTIA
  3. RC0-501

CompTIA Security+ Recertification Exam

Exam Details

  • Exam Code
    :RC0-501
  • Exam Name
    :CompTIA Security+ Recertification Exam
  • Certification
    :CompTIA Security+
  • Vendor
    :CompTIA
  • Total Questions
    :349 Q&As
  • Last Updated
    :Apr 15, 2025

CompTIA CompTIA Security+ RC0-501 Questions & Answers

  • Question 181:

    Which of the following should identify critical systems and components?

    A. MOU

    B. BPA

    C. ITCP

    D. BCP

  • Question 182:

    Which of the following works by implanting software on systems but delays execution until a specific set of conditions is met?

    A. Logic bomb

    B. Trojan

    C. Scareware

    D. Ransomware

  • Question 183:

    A web application is configured to target browsers and allow access to bank accounts to siphon money to a foreign account. This is an example of which of the following attacks?

    A. SQL injection

    B. Header manipulation

    C. Cross-site scripting

    D. Flash cookie explogtation

  • Question 184:

    A bank requires tellers to get manager approval when a customer wants to open a new account. A recent audit shows that there have been four cases in the previous year where tellers opened accounts without management approval. The

    bank president thought separation of duties would prevent this from happening.

    In order to implement a true separation of duties approach the bank could:

    A. Require the use of two different passwords held by two different individuals to open an account

    B. Administer account creation on a role based access control approach

    C. Require all new accounts to be handled by someone else other than a teller since they have different duties

    D. Administer account creation on a rule based access control approach

  • Question 185:

    A security administrator has been tasked with improving the overall security posture related to desktop machines on the network. An auditor has recently that several machines with confidential customer information displayed in the screens are left unattended during the course of the day. Which of the following could the security administrator implement to reduce the risk associated with the finding?

    A. Implement a clean desk policy

    B. Security training to prevent shoulder surfing

    C. Enable group policy based screensaver timeouts

    D. Install privacy screens on monitors

  • Question 186:

    The security administrator receives an email on a non-company account from a coworker stating that some reports are not exporting correctly. Attached to the email was an example report file with several customers' names and credit card numbers with the PIN. Which of the following is the BEST technical controls that will help mitigate this risk of disclosing sensitive data?

    A. Configure the mail server to require TLS connections for every email to ensure all transport data is encrypted

    B. Create a user training program to identify the correct use of email and perform regular audits to ensure compliance

    C. Implement a DLP solution on the email gateway to scan email and remove sensitive data or files

    D. Classify all data according to its sensitivity and inform the users of data that is prohibited to share

  • Question 187:

    A technician is configuring a wireless guest network. After applying the most recent changes the technician finds the new devices can no longer find the wireless network by name but existing devices are still able to use the wireless network. Which of the following security measures did the technician MOST likely implement to cause this Scenario?

    A. Deactivation of SSID broadcast

    B. Reduction of WAP signal output power

    C. Activation of 802.1X with RADIUS

    D. Implementation of MAC filtering

    E. Beacon interval was decreased

  • Question 188:

    A security administrator has been assigned to review the security posture of the standard corporate system image for virtual machines. The security administrator conducts a thorough review of the system logs, installation procedures, and

    network configuration of the VM image. Upon reviewing the access logs and user accounts, the security administrator determines that several accounts will not be used in production.

    Which of the following would correct the deficiencies?

    A. Mandatory access controls

    B. Disable remote login

    C. Host hardening

    D. Disabling services

  • Question 189:

    Although a web enabled application appears to only allow letters in the comment field of a web form, malicious user was able to carry a SQL injection attack by sending special characters through the web comment field. Which of the following has the application programmer failed to implement?

    A. Revision control system

    B. Client side exception handling

    C. Server side validation

    D. Server hardening

  • Question 190:

    An attacker discovers a new vulnerability in an enterprise application. The attacker takes advantage of the vulnerability by developing new malware. After installing the malware, the attacker is provided with access to the infected machine. Which of the following is being described?

    A. Zero-day explogt

    B. Remote code execution

    C. Session hijacking

    D. Command injection

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your RC0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.