SY0-501 Braindumps PDF, CompTIA SY0-501 Exam Cram
New 2022 SY0-501 Sample Questions Reliable SY0-501 Test Engine
NEW QUESTION 248
Legal authorities notify a company that its network has been compromised for the second time in two years.
The investigation shows the attackers were able to use the same vulnerability on different systems in both attacks. Which of the following would have allowed the security team to use historical information to protect against the second attack?
- A. Tabletop exercise
- B. Recovery point objectives
- C. Lessons learned
- D. Key risk indicators
Answer: C
NEW QUESTION 249
A security engineer is setting up passwordless authentication for the first time.
INSTRUCTIONS
Use the minimum set of commands to set this up and verify that it works. Commands cannot be reused.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
Answer:
Explanation:
Explanation
NEW QUESTION 250
Which of the following solutions should an administrator use to reduce the risk from an unknown vulnerability in a third-party software application?
- A. Encryption
- B. Sandboxing
- C. Fuzzing
- D. Code signing
Answer: B
NEW QUESTION 251
Ann, a user, reports she is unable to access an application from her desktop. A security analyst verifies Ann's access and checks the SIEM for any errors. The security analyst reviews the log file from Ann's system and notices the following output:
Which of the following is MOST likely preventing Ann from accessing the application from the desktop?
- A. DLP
- B. Host-based firewall
- C. Network-based firewall
- D. UTM
- E. Web application firewall
Answer: B
NEW QUESTION 252
Select the appropriate attack from each drop down list to label the corresponding illustrated attack.
Instructions: Attacks may only be used once, and will disappear from drop down list if selected. When you have completed the simulation, please select the Done button to submit.
Answer:
Explanation:
Explanation
1: Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. As with the e-mail messages used in regular phishing expeditions, spear phishing messages appear to come from a trusted source. Phishing messages usually appear to come from a large and well-known company or Web site with a broad membership base, such as eBay or PayPal. In the case of spear phishing, however, the apparent source of the e-mail is likely to be an individual within the recipient's own company and generally someone in a position of authority.
2: The Hoax in this question is designed to make people believe that the fake AV (anti- virus) software is genuine.
3: Vishing is the act of using the telephone in an attempt to scam the user into surrendering private information that will be used for identity theft. The scammer usually pretends to be a legitimate business, and fools the victim into thinking he or she will profit.
4: Phishing is the act of sending an email to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft.
Phishing email will direct the user to visit a website where they are asked to update personal information, such as a password, credit card, social security, or bank account numbers, that the legitimate organization already has. The website, however, is bogus and set up only to steal the information the user enters on the page.
5: Similar in nature to e-mail phishing, pharming seeks to obtain personal or private (usually financial related) information through domain spoofing. Rather than being spammed with malicious and mischievous e-mail requests for you to visit spoof Web sites which appear legitimate, pharming 'poisons' a DNS server by infusing false information into the DNS server, resulting in a user's request being redirected elsewhere. Your browser, however will show you are at the correct Web site, which makes pharming a bit more serious and more difficult to detect. Phishing attempts to scam people one at a time with an e-mail while pharming allows the scammers to target large groups of people at one time through domain spoofing.
References:
http://searchsecurity.techtarget.com/definition/spear-phishing
http://www.webopedia.com/TERM/V/vishing.html http://www.webopedia.com/TERM/P/phishing.html
http://www.webopedia.com/TERM/P/pharming.html
NEW QUESTION 253
A company wants to host a publicly available server that performs the following functions:
* Evaluates MX record lookup
* Can perform authenticated requests for A and AAA records
* Uses RRSIG
Which of the following should the company use to fulfill the above requirements?
- A. dig
- B. nslookup
- C. SFTP
- D. DNSSEC
- E. LDAPS
Answer: A
NEW QUESTION 254
During a risk assessment, results show that a fire in one of the company's datacenters could cost up to $20 million in equipment damages and lost revenue. As a result, the company insures the datacenter for up to $20 million in damages for the cost of $30,000 a year. Which of the following risk response techniques has the company chosen?
- A. Mitigation
- B. Acceptance
- C. Avoidance
- D. Transference
Answer: D
NEW QUESTION 255
A security administrator wants to implement least privilege access for a network share that stores sensitive company data. The organization is particularly concerned with the integrity of data and implementing discretionary access control. The following controls are available:
* Read = A user can read the content of an existing file.
* White = A user can modify the content of an existing file and delete an existing file.
* Create = A user can create a new file and place data within the file.
A missing control means the user does not have that access. Which of the following configurations provides the appropriate control to support the organization/s requirements?
- A. Owners: Read, Write, CreateGroup Members: Read, WriteOthers: Read, Create
- B. Owners: Read, WriteGroup Members: Read, CreateOthers: Read, Create
- C. Owners: Write, CreateGroup Members: Read, CreateOthers: Read, Write, Create
- D. Owners: Read, CreateGroup Members: Read, Write, CreateOthers: Read
Answer: A
NEW QUESTION 256
An organization has the following password policies:
* Passwords must be at least 16 characters long.
* A password cannot be the same as any previous 20 passwords.
* Three failed login attempts will lock the account for five minutes.
* Passwords must have one uppercase letter, one lowercase letter, and one non-alphanumeric symbol.
A database server was recently breached, and the incident response team suspects the passwords were compromised. Users with permission on that database server were forced to change their passwords for that server. Unauthorized and suspicious logins are now being detected on a completely separate server. Which of the following is MOST likely the issue and the best solution?
- A. User passwords are not sufficiently long or complex: the organization should increase the complexity and length requirements for passwords.
- B. The organization has improperly configured single sign-on; the organization should implement a RADIUS server to control account logins.
- C. Some users are reusing passwords for different systems; the organization should scan for password reuse across systems.
- D. The trust relationship between the two servers has been compromised: the organization should place each server on a separate VLAN.
Answer: D
NEW QUESTION 257
A company is experiencing an increasing number of systems that are locking up on Windows startup. The security analyst clones a machine, enters into safe mode, and discovers a file in the startup process that runs Wstart.bat.
@echo offasdhbawdhbasdhbawdhb
start notepad.exe
start notepad.exe
start calculator.exe
start calculator.exe
goto asdhbawdhbasdhbawdhb
Given the file contents and the system's issues, which of the following types of malware is present?
- A. Rootkit
- B. Virus
- C. Logic bomb
- D. Worm
Answer: C
NEW QUESTION 258
An analyst generates the following color-coded table shown in the exhibit to help explain the risk of potential incidents in the company. The vertical axis indicates the likelihood or an incident, while the horizontal axis indicates the impact.
Which of the following is this table an example of?
- A. Internal threat assessment
- B. Supply chain assessment
- C. Privacy impact assessment
- D. Qualitative risk assessment
Answer: D
NEW QUESTION 259
A remote user (User1) is unable to reach a newly provisioned corporate windows workstation. The system administrator has been given the following log files from the VPN, corporate firewall and workstation host.
Which of the following is preventing the remote user from being able to access the workstation?
- A. Network latency is causing remote desktop service request to time out
- B. The workstation host firewall is not allowing remote desktop connections
- C. The workstation has been compromised and is accessing known malware sites
- D. User1 has been locked out due to too many failed passwords
- E. Lack of network time synchronization is causing authentication mismatches
Answer: D
NEW QUESTION 260
Staff members of an organization received an email message from the Chief Executive Officer (CEO) asking them for an urgent meeting in the main conference room. When the staff assembled, they learned the message received was not actually from the CEO. Which of the following BEST represents what happened?
- A. Phishing attack
- B. Spear phoshing attack
- C. Vishing attack
- D. Whaling attack
Answer: A
NEW QUESTION 261
Management wants to ensure any sensitive data on company-provided cell phones is isolated in a single location that can be remotely wiped if the phone is lost. Which of the following technologies BEST meets this need?
- A. Geofencing
- B. Device encryption
- C. Sandboxing
- D. Containerization
Answer: D
NEW QUESTION 262
SIMULATION
You have just received some room and WiFi access control recommendations from a security consulting company. Click on each building to bring up available security controls. Please implement the following requirements:
The Chief Executive Officer's (CEO) office had multiple redundant security measures installed on the door to the office. Remove unnecessary redundancies to deploy three-factor authentication, while retaining the expensive iris render.
The Public Cafe has wireless available to customers. You need to secure the WAP with WPA and place a passphrase on the customer receipts.
In the Data Center you need to include authentication from the "something you know" category and take advantage of the existing smartcard reader on the door.
In the Help Desk Office, you need to require single factor authentication through the use of physical tokens given to guests by the receptionist.
The PII Office has redundant security measures in place. You need to eliminate the redundancy while maintaining three-factor authentication and retaining the more expensive controls.
Instructions: The original security controls for each office can be reset at any time by selecting the Reset button. Once you have met the above requirements for each office, select the Save button. When you have completed the entire simulation, please select the Done button to submit. Once the simulation is submitted, please select the Next button to continue.
Answer:
Explanation:
NEW QUESTION 263
During a recent audit, it was discovered that several user accounts belonging to former employees were still active and had valid VPN permissions. Which of the following would help reduce the amount of risk the organization incurs in this situation in the future?
- A. Group-based privileges
- B. User access reviews
- C. Time-of-day restrictions
- D. Change management policies
Answer: B
NEW QUESTION 264
A security analyst is reviewing the logs from a NGFWs automated correlation engine and sees the following:
Which of the following should the analyst perform fiRST?
- A. Set up an alert to receive an email notification for all events.
- B. Isolate the compromised host from the network.
- C. Refresh the URL filtering database to ensure accuracy.
- D. Clear the logs and see If the same events reoccur.
- E. Set up a packet capture to analyze the unknown TCP and UDP traffic.
Answer: B
NEW QUESTION 265
A security administrator suspects that a DDoS attack is affecting the DNS server. The administrator accesses a workstation with the hostname of workstation01 on the network and obtains the following output from the ipconfig command:
The administrator successfully pings the DNS server from the workstation. Which of the following commands should be issued from the workstation to verify the DDoS attack is no longer occuring?
- A. dig 192.168.1.26
- B. dig workstation01.com
- C. dig 192.168.1.254
- D. dig www.google.com
Answer: B
NEW QUESTION 266
......
What Next? Your Career Paths after Passing CompTIA SY0-501 Exam
Of course, your career journey doesn't stop after passing SY0-501 test. Which only begs the question, what should be the next step? Well, after acing the CompTIA Security+ exam, many students choose to stick with the CompTIA career path by gaining more skills and experience along the same track. To achieve this, the most suitable option is always the CompTIA Cybersecurity Analyst (CySA+) certification. The CompTIA Advanced Security Practitioner or just CASP+ as it's commonly called comes next. If you choose to focus on a different path, one of the best cybersecurity alternatives to the mentioned certificates is the Certified Information Systems Security Professional (CISSP). Based on your preferences, you may want to work in a Cisco environment by going after the new CCNA or CCNP certificates but just be sure the selected path aligns with your career ambitions, interest, and income goals.
Feel CompTIA SY0-501 Dumps PDF Will likely be The best Option: https://www.practicevce.com/CompTIA/SY0-501-practice-exam-dumps.html
SY0-501 exam torrent CompTIA study guide: https://drive.google.com/open?id=1eOHFjtMlnDS3Hs5a05mqsxw3wzEI7KwX