Category Archives: SY0-501 Exam Questions

[2018-NEW-Exams]100% Real SY0-501 PDF 182Q Free Download in Braindump2go[Q34-Q44]

2018 New CompTIA SY0-501 Exam Dumps with PDF and VCE Free Updated Today! Following are some new SY0-501 Exam Questions:

1.2018 New SY0-501 Exam Dumps (PDF and VCE)Share:
https://www.braindump2go.com/sy0-501.html

2.2018 New SY0-501 Exam Questions & Answers:
https://drive.google.com/drive/folders/1QYBwvoau8PlTQ3bugQuy0pES-zrLrRB1?usp=sharing

QUESTION 34
Which of the following cryptographic attacks would salting of passwords render ineffective?

A. Brute force
B. Dictionary
C. Rainbow tables
D. Birthday

Answer: B

QUESTION 35
A network administrator wants to implement a method of securing internal routing.
Which of the following should the administrator implement?

A. DMZ
B. NAT
C. VPN
D. PAT

Answer: C

QUESTION 36
Which of the following types of keys is found in a key escrow?

A. Public
B. Private
C. Shared
D. Session

Answer: D

QUESTION 37
A senior incident response manager receives a call about some external IPs communicating with internal computers during off hours. Which of the following types of malware is MOST likely causing this issue?

A. Botnet
B. Ransomware
C. Polymorphic malware
D. Armored virus

Answer: A

QUESTION 38
A company is currently using the following configuration:
* IAS server with certificate-based EAP-PEAP and MSCHAP
* Unencrypted authentication via PAP
A security administrator needs to configure a new wireless setup with the following configurations:
* PAP authentication method
* PEAP and EAP provide two-factor authentication
Which of the following forms of authentication are being used? (Select TWO).

A. PAP
B. PEAP
C. MSCHAP
D. PEAP-MSCHAP
E. EAP
F. EAP-PEAP

Answer: AF

QUESTION 39
A security administrator is trying to encrypt communication. For which of the following reasons should administrator take advantage of the Subject Alternative Name (SAM) attribute of a certificate?

A. It can protect multiple domains
B. It provides extended site validation
C. It does not require a trusted certificate authority
D. It protects unlimited subdomains

Answer: B

QUESTION 40
After a merger between two companies a security analyst has been asked to ensure that the organization’s systems are secured against infiltration by any former employees that were terminated during the transition.
Which of the following actions are MOST appropriate to harden applications against infiltration by former employees? (Select TWO)

A. Monitor VPN client access
B. Reduce failed login out settings
C. Develop and implement updated access control policies
D. Review and address invalid login attempts
E. Increase password complexity requirements
F. Assess and eliminate inactive accounts

Answer: CF

QUESTION 41
A new mobile application is being developed in-house. Security reviews did not pick up any major flaws, however vulnerability scanning results show fundamental issues at the very end of the project cycle. Which of the following security activities should also have been performed to discover vulnerabilities earlier in the lifecycle?

A. Architecture review
B. Risk assessment
C. Protocol analysis
D. Code review

Answer: D

QUESTION 42
A security administrator is creating a subnet on one of the corporate firewall interfaces to use as a DMZ which is expected to accommodate at most 14 physical hosts. Which of the following subnets would BEST meet the requirements?

A. 192.168.0.16 255.25.255.248
B. 192.168.0.16/28
C. 192.168.1.50 255.255.25.240
D. 192.168.2.32/27

Answer: B

QUESTION 43
A company has a security policy that specifies all endpoint computing devices should be assigned a unique identifier that can be tracked via an inventory management system. Recent changes to airline security regulations have cause many executives in the company to travel with mini tablet devices instead of laptops. These tablet devices are difficult to tag and track. An RDP application is used from the tablet to connect into the company network. Which of the following should be implemented in order to meet the security policy requirements?

A. Virtual desktop infrastructure (IDI)
B. WS-security and geo-fencing
C. A hardware security module (HSM)
D. RFID tagging system
E. MDM software
F. Security Requirements Traceability Matrix (SRTM)

Answer: E

QUESTION 44
The security administrator receives an email on a non-company account from a coworker stating that some reports are not exporting correctly. Attached to the email was an example report file with several customers’ names and credit card numbers with the PIN. Which of the following is the BEST technical controls that will help mitigate this risk of disclosing sensitive data?

A. Configure the mail server to require TLS connections for every email to ensure all transport data is encrypted
B. Create a user training program to identify the correct use of email and perform regular audits to ensure compliance
C. Implement a DLP solution on the email gateway to scan email and remove sensitive data or files
D. Classify all data according to its sensitivity and inform the users of data that is prohibited to share

Answer: C


!!!RECOMMEND!!!

1.2018 New SY0-501 Exam Dumps (PDF and VCE)Share:
https://www.braindump2go.com/sy0-501.html

2.2018 New SY0-501 Study Guide Video:

https://youtu.be/iqQ_uBVOfZw

[2018-NEW-Exams]100% Real SY0-501 Exam Questions 182Q Free Download in Braindump2go[Q34-Q44]

2018 New CompTIA SY0-501 Exam Dumps with PDF and VCE Free Updated Today! Following are some new SY0-501 Exam Questions:

1.2018 New SY0-501 Exam Dumps (PDF and VCE)Share:
https://www.braindump2go.com/sy0-501.html

2.2018 New SY0-501 Exam Questions & Answers:
https://drive.google.com/drive/folders/1QYBwvoau8PlTQ3bugQuy0pES-zrLrRB1?usp=sharing

QUESTION 34
Which of the following cryptographic attacks would salting of passwords render ineffective?

A. Brute force
B. Dictionary
C. Rainbow tables
D. Birthday

Answer: B

QUESTION 35
A network administrator wants to implement a method of securing internal routing.
Which of the following should the administrator implement?

A. DMZ
B. NAT
C. VPN
D. PAT

Answer: C

QUESTION 36
Which of the following types of keys is found in a key escrow?

A. Public
B. Private
C. Shared
D. Session

Answer: D

QUESTION 37
A senior incident response manager receives a call about some external IPs communicating with internal computers during off hours. Which of the following types of malware is MOST likely causing this issue?

A. Botnet
B. Ransomware
C. Polymorphic malware
D. Armored virus

Answer: A

QUESTION 38
A company is currently using the following configuration:
* IAS server with certificate-based EAP-PEAP and MSCHAP
* Unencrypted authentication via PAP
A security administrator needs to configure a new wireless setup with the following configurations:
* PAP authentication method
* PEAP and EAP provide two-factor authentication
Which of the following forms of authentication are being used? (Select TWO).

A. PAP
B. PEAP
C. MSCHAP
D. PEAP-MSCHAP
E. EAP
F. EAP-PEAP

Answer: AF

QUESTION 39
A security administrator is trying to encrypt communication. For which of the following reasons should administrator take advantage of the Subject Alternative Name (SAM) attribute of a certificate?

A. It can protect multiple domains
B. It provides extended site validation
C. It does not require a trusted certificate authority
D. It protects unlimited subdomains

Answer: B

QUESTION 40
After a merger between two companies a security analyst has been asked to ensure that the organization’s systems are secured against infiltration by any former employees that were terminated during the transition.
Which of the following actions are MOST appropriate to harden applications against infiltration by former employees? (Select TWO)

A. Monitor VPN client access
B. Reduce failed login out settings
C. Develop and implement updated access control policies
D. Review and address invalid login attempts
E. Increase password complexity requirements
F. Assess and eliminate inactive accounts

Answer: CF

QUESTION 41
A new mobile application is being developed in-house. Security reviews did not pick up any major flaws, however vulnerability scanning results show fundamental issues at the very end of the project cycle. Which of the following security activities should also have been performed to discover vulnerabilities earlier in the lifecycle?

A. Architecture review
B. Risk assessment
C. Protocol analysis
D. Code review

Answer: D

QUESTION 42
A security administrator is creating a subnet on one of the corporate firewall interfaces to use as a DMZ which is expected to accommodate at most 14 physical hosts. Which of the following subnets would BEST meet the requirements?

A. 192.168.0.16 255.25.255.248
B. 192.168.0.16/28
C. 192.168.1.50 255.255.25.240
D. 192.168.2.32/27

Answer: B

QUESTION 43
A company has a security policy that specifies all endpoint computing devices should be assigned a unique identifier that can be tracked via an inventory management system. Recent changes to airline security regulations have cause many executives in the company to travel with mini tablet devices instead of laptops. These tablet devices are difficult to tag and track. An RDP application is used from the tablet to connect into the company network. Which of the following should be implemented in order to meet the security policy requirements?

A. Virtual desktop infrastructure (IDI)
B. WS-security and geo-fencing
C. A hardware security module (HSM)
D. RFID tagging system
E. MDM software
F. Security Requirements Traceability Matrix (SRTM)

Answer: E

QUESTION 44
The security administrator receives an email on a non-company account from a coworker stating that some reports are not exporting correctly. Attached to the email was an example report file with several customers’ names and credit card numbers with the PIN. Which of the following is the BEST technical controls that will help mitigate this risk of disclosing sensitive data?

A. Configure the mail server to require TLS connections for every email to ensure all transport data is encrypted
B. Create a user training program to identify the correct use of email and perform regular audits to ensure compliance
C. Implement a DLP solution on the email gateway to scan email and remove sensitive data or files
D. Classify all data according to its sensitivity and inform the users of data that is prohibited to share

Answer: C


!!!RECOMMEND!!!

1.2018 New SY0-501 Exam Dumps (PDF and VCE)Share:
https://www.braindump2go.com/sy0-501.html

2.2018 New SY0-501 Study Guide Video:

https://youtu.be/iqQ_uBVOfZw

[2018-NEW-Exams]SY0-501 Exam Dumps Free Download in Braindump2go[Q23-Q33]

2018 New CompTIA SY0-501 Exam Dumps with PDF and VCE Free Updated Today! Following are some new SY0-501 Exam Questions:

1.2018 New SY0-501 Exam Dumps (PDF and VCE)Share:
https://www.braindump2go.com/sy0-501.html

2.2018 New SY0-501 Exam Questions & Answers:
https://drive.google.com/drive/folders/1QYBwvoau8PlTQ3bugQuy0pES-zrLrRB1?usp=sharing

QUESTION 23
A database backup schedule consists of weekly full backups performed on Saturday at 12:00 A.m. and daily differential backups also performed at 12:00 A.m. If the database is restored on Tuesday afternoon, which of the following is the number of individual backups that would need to be applied to complete the database recovery?

A. 1
B. 2
C. 3
D. 4

Answer: B

QUESTION 24
Which of the following technologies employ the use of SAML? (Select TWO).

A. Single sign-on
B. Federation
C. LDAP
D. Secure token
E. RADIUS

Answer: AB

QUESTION 25
An organization is using a tool to perform a source code review. Which of the following describes the case in which the tool incorrectly identifies the vulnerability?

A. False negative
B. True negative
C. False positive
D. True positive

Answer: C

QUESTION 26
In a corporation where compute utilization spikes several times a year, the Chief Information Officer (CIO) has requested a cost-effective architecture to handle the variable capacity demand. Which of the following characteristics BEST describes what the CIO has requested?

A. Elasticity
B. Scalability
C. High availability
D. Redundancy

Answer: A

QUESTION 27
A Security analyst is diagnosing an incident in which a system was compromised from an external IP address. The socket identified on the firewall was traced to 207.46.130.6666. Which of the following should the security analyst do to determine if the compromised system still has an active connection?

A. tracert
B. netstat
C. Ping
D. nslookup

Answer: B

QUESTION 28
Which of the following BEST describes an important security advantage yielded by implementing vendor diversity?

A. Sustainability
B. Homogeneity
C. Resiliency
D. Configurability

Answer: C

QUESTION 29
Drag and Drop Question
You have been tasked with designing a security plan for your company.
Drag and drop the appropriate security controls on the floor plan.
Instructions:
All objects must be used and all place holders must be filled Order does not matter
When you have completed the simulation, please select the Done button to submit.

Answer:

Explanation:
Cable locks – Adding a cable lock between a laptop and a desk prevents someone from picking it up and walking away
Proximity badge + reader
Safe is a hardware/physical security measure
Mantrap can be used to control access to sensitive areas.
CCTV can be used as video surveillance.
Biometric reader can be used to control and prevent unauthorized access. Locking cabinets can be used to protect backup media, documentation and other physical artefacts.

QUESTION 30
Which of the following encryption methods does PKI typically use to securely protect keys?

A. Elliptic curve
B. Digital signatures
C. Asymmetric
D. Obfuscation

Answer: B

QUESTION 31
Which of the following characteristics differentiate a rainbow table attack from a brute force attack? (Select TWO).

A. Rainbow table attacks greatly reduce compute cycles at attack time.
B. Rainbow tables must include precompiled hashes.
C. Rainbow table attacks do not require access to hashed passwords.
D. Rainbow table attacks must be performed on the network.
E. Rainbow table attacks bypass maximum failed login restrictions.

Answer: BE

QUESTION 32
Which of the following BEST describes a routine in which semicolons, dashes, quotes, and commas are removed from a string?

A. Error handling to protect against program exploitation
B. Exception handling to protect against XSRF attacks
C. Input validation to protect against SQL injection
D. Padding to protect against string buffer overflows

Answer: C

QUESTION 33
Which of the following is an important step to take BEFORE moving any installation packages from a test environment to production?

A. Roll back changes in the test environment
B. Verify the hashes of files
C. Archive and compress the files
D. Update the secure baseline

Answer: A


!!!RECOMMEND!!!

1.2018 New SY0-501 Exam Dumps (PDF and VCE)Share:
https://www.braindump2go.com/sy0-501.html

2.2018 New SY0-501 Study Guide Video:

https://youtu.be/iqQ_uBVOfZw

[2018-NEW-Exams]SY0-501 VCE 182Q Dumps Free Offered by Braindump2go[Q12-Q22]

2018 New CompTIA SY0-501 Exam Dumps with PDF and VCE Free Updated Today! Following are some new SY0-501 Exam Questions:

Continue reading

[2018-NEW-Exams]Braindump2go Free SY0-501 VCE Instant Download[Q1-Q11]

2018 New CompTIA SY0-501 Exam Dumps with PDF and VCE Free Updated Today! Following are some new SY0-501 Exam Questions:

Continue reading

[2017-New-Exams]Full Version SY0-501 Dumps VCE and PDF 166Q for Free Download[111-120]

2017 November New CompTIA SY0-501 Exam Dumps with PDF and VCE Free Released Today! Following are some New SY0-501 Questions:

Continue reading

[2017-New-Exams]SY0-501 Exam Dumps VCE(Full Version)166Q Download in Braindump2go[101-110]

2017 November New CompTIA SY0-501 Exam Dumps with PDF and VCE Free Released Today! Following are some New SY0-501 Questions:

Continue reading

[2017-New-Exams]SY0-501 PDF and VCE Dumps Free Download in Braindump2go[81-90]

2017 November New CompTIA SY0-501 Exam Dumps with PDF and VCE Free Released Today! Following are some New SY0-501 Questions:

Continue reading

[2017-New-Exams]100% Real SY0-501 PDF Dumps 166Q-Braindump2go[71-80]

2017 November New CompTIA SY0-501 Exam Dumps with PDF and VCE Free Released Today! Following are some New SY0-501 Questions:

Continue reading

[2017-New-Exams]100% Real SY0-501 Dumps PDF and VCE 166Q-Braindump2go[61-70]

2017 November New CompTIA SY0-501 Exam Dumps with PDF and VCE Free Released Today! Following are some New SY0-501 Questions:

Continue reading

[2017-New-Exams]100% Valid SY0-501 VCE and PDF 166Q Provided by Braindump2go[51-60]

2017 November New CompTIA SY0-501 Exam Dumps with PDF and VCE Free Released Today! Following are some New SY0-501 Questions:

Continue reading

[2017-New-Exams]Free CompTIA 166Q SY0-501 Exam Questions PDF Braindump2go Offers[41-50]

2017 November New CompTIA SY0-501 Exam Dumps with PDF and VCE Free Released Today! Following are some New SY0-501 Questions:

Continue reading

[2017-New-Exams]High Quality Braindump2go SY0-501 VCE and PDF Dumps 166Q Free Share[31-40]

2017 November New CompTIA SY0-501 Exam Dumps with PDF and VCE Free Released Today! Following are some New SY0-501 Questions:

Continue reading

[2017-New-Exams]Valid Braindump2go SY0-501 Dumps PDF 166Q Offer[21-30]

2017 November New CompTIA SY0-501 Exam Dumps with PDF and VCE Free Released Today! Following are some New SY0-501 Questions:

Continue reading

[2017-New-Exams]100% Success-Braindump2go SY0-501 VCE and SY0-501 PDF 166Q Instant Download[11-20]

2017 November New CompTIA SY0-501 Exam Dumps with PDF and VCE Free Released Today! Following are some New SY0-501 Questions:

Continue reading

Pages: 1 2