[2017-Nov-NEW]SY0-501 VCE and PDF Dumps 166Q&As Free Share[ 135-144]

Archie Praed

Member
Member
Joined
Mar 28, 2016
Messages
116
Reaction score
18
Points
18
Hello Everyone, CompTIA Exam SY0-501 Questions Free Released Today! Following are some new questions:

QUESTION 135
A company wants to host a publicly available server that performs the following functions:
Evaluates MX record lookup
Can perform authenticated requests for A and AAA records
Uses RRSIG
Which of the following should the company use to fulfill the above requirements?

A. DNSSEC
B. SFTP
C. nslookup
D. dig

Answer: C

QUESTION 136
Which of the following attack types BEST describes a client-side attack that is used to mandate an HTML iframe with JavaScript code via web browser?

A. MITM
B. xss
C. SQLi

Answer: B

QUESTION 137
A company has a data classification system with definitions for "Private" and public." The company's security policy outlines how data should be protected based on type. The company recently added the data type "Proprietary" Which of the following is the MOST likely reason the company added this data type?

A. Reduced cost
B. More searchable data
C. Better data classification
D. Expanded authority of the privacy officer

Answer: B

QUESTION 138
A security administrator is developing training for corporate users on basic security principles for personal email accounts.
Which of the following should be mentioned as the MOST secure way for password recovery?

A. Utilizing a single Qfor password recovery
B. Sending a PIN to a smartphone through text message
C. Utilizing CAPTCHA to avoid brute force attacks
D. Use a different e-mail address to recover password

Answer: B

QUESTION 139
A company researched the root cause of a recent vulnerability in its software. It was determined that the vulnerability was the result of two updates made in the last release. Each update alone would not have resulted in the vulnerability.
In order to prevent similar situations in the future, the company should improve which of the following?

A. Change management procedures
B. Job rotation policies
C. Incident response management
D. Least privilege access controls

Answer: A

QUESTION 140
A computer on a company network was infected with a zero-day exploit after an employee accidently opened an email that contained malicious content. The employee recognized the email as malicious and was attempting to delete it, but accidently opened it.
Which of the following should be done to prevent this scenario from occurring again in the future?

A. Install host-based firewalls on all computers that have an email client installed
B. Set the email program default to open messages in plain text
C. Install end-point protection on all computers that access web email
D. Create new email spam filters to delete all messages from that sender

Answer: C

QUESTION 141
A company wants to ensure that the validity of publicly trusted certificates used by its web server can be determined even during an extended internet outage.
Which of the following should be implemented?

A. Recovery agent
B. Ocsp
C. Crl
D. Key escrow

Answer: B

QUESTION 142
An administrator intends to configure an IPSec solution that provides ESP with integrity protection, but not confidentiality protection.
Which of the following AES modes of operation would meet this integrity-only requirement?

A. HMAC
B. PCBC
C. CBC
D. GCM
E. CFB

Answer: A

QUESTION 143
The chief security officer (CS0) has issued a new policy that requires that all internal websites be configured for HTTPS traffic only. The network administrator has been tasked to update all internal sites without incurring additional costs.
Which of the following is the best solution for the network administrator to secure each internal website?

A. Use certificates signed by the company CA
B. Use a signing certificate as a wild card certificate
C. Use certificates signed by a public ca
D. Use a self-signed certificate on each internal server

Answer: D
Explanation:
This is a way to update all internal sites without incurring additional costs?
To be a CA (Certificate Authority), you need an infrastructure that consists of considerable operational elements, hardware, software, policy frameworks and practice statements, auditing, security infrastructure and personnel.

QUESTION 144
A security program manager wants to actively test the security posture of a system.
The system is not yet in production and has no uptime requirement or active user base.
Which of the following methods will produce a report which shows vulnerabilities that were actually exploited?

A. Peer review
B. Component testing
C. Penetration testing
D. Vulnerability testing

Answer: C
Explanation:
A penetration test, or pen test, is an attempt to evaluate the security of an IT infrastructure by safely trying to exploit vulnerabilities.


New 400-101 VCE Dumps:
https://drive.google.com/drive/folders/0B75b5xYLjSSNZWpRdXBrR0RYaTQ?usp=sharing
 

finbalor

Member
Member
Joined
Jul 28, 2017
Messages
95
Reaction score
3
Points
6
Here, Dumps4download SY0-501 exam materials will help you pass your CompTIA SY0-501 certification exam and get SY0-501 certification certificate. Our exam materials are written to the highest standards of technical accuracy. And free SY0-501 dumps pdf questions and answers are edited by experienced IT experts and have a 99.9% hit rate.
 

candusmisheel

Banned
Banned
Joined
Feb 12, 2018
Messages
171
Reaction score
1
Points
16
Validate your SY0-501 Exam learning and preparation with our most updated SY0-501 dumps. (Dumpspdf.com) has experienced IT experts who gather and approve a huge range of CompTIA SY0-501 Questions Answers for Certification seekers. Practicing our 100% updated SY0-501 Practice Tests is a guaranteed way towards your success in CompTIA SY0-501 Exam Dumps.
 
Last edited:

Zaixkingg

Banned
Banned
Joined
Apr 19, 2018
Messages
148
Reaction score
70
Points
18
I took the CompTIA Security+ SY0-501 exam in 2018 and I passed it with good grades. I dont think the exam would have been so easy without practice all questions available in SY0-501 dumps pdf. I have recommend this SY0-501 braindumps to my colleagues who are trying to obtain the CompTIA Security+ certification
 

John Wang

Member
Member
Joined
May 9, 2018
Messages
124
Reaction score
1
Points
16
2018/November Braindump2go SY0-501 Exam Dumps with PDF and VCE New Updated Today! Following are some new SY0-501 Real Exam Questions:

QUESTION 168
An attacker uses a network sniffer to capture the packets of a transaction that adds $20 to a gift card. The attacker then user a function of the sniffer to push those packets back onto the network again, adding another $20 to the gift card. This can be done many times. Which of the following describes this type of attack?


A. Integer overflow attack
B. Smurf attack
C. Replay attack
D. Buffer overflow attack
E. Cross-site scripting attack


Answer: C

QUESTION 169
An organization is moving its human resources system to a cloud services provider.
The company plans to continue using internal usernames and passwords with the service provider, but the security manager does not want the service provider to have a company of the passwords. Which of the following options meets all of these requirements?


A. Two-factor authentication
B. Account and password synchronization
C. Smartcards with PINS
D. Federated authentication


Answer: D

QUESTION 170
The data backup window has expanded into the morning hours and has begun to affect production users. The main bottleneck in the process is the time it takes to replicate the backups to separate severs at the offsite data center. Which of the following uses of deduplication could be implemented to reduce the backup window?


A. Implement deduplication at the network level between the two locations
B. Implement deduplication on the storage array to reduce the amount of drive space needed
C. Implement deduplication on the server storage to reduce the data backed up
D. Implement deduplication on both the local and remote servers


Answer: B

QUESTION 171
A penetration testing is preparing for a client engagement in which the tester must provide data that proves and validates the scanning tools' results.
Which of the following is the best method for collecting this information?


A. Set up the scanning system's firewall to permit and log all outbound connections
B. Use a protocol analyzer to log all pertinent network traffic
C. Configure network flow data logging on all scanning system
D. Enable debug level logging on the scanning system and all scanning tools used.


Answer: B

QUESTION 172
Which of the following best describes the initial processing phase used in mobile device forensics?


A. The phone should be powered down and the battery removed to preserve the state of data on any internal or removable storage utilized by the mobile device
B. The removable data storage cards should be processed first to prevent data alteration when examining the mobile device
C. The mobile device should be examined first, then removable storage and lastly the phone without removable storage should be examined again
D. The phone and storage cards should be examined as a complete unit after examining the removable storage cards separately.


Answer: D

QUESTION 173
Ann a security analyst is monitoring the IDS console and noticed multiple connections from an internal host to a suspicious call back domain.
Which of the following tools would aid her to decipher the network traffic?


A. Vulnerability Scanner
B. NMAP
C. NETSTAT
D. Packet Analyzer


Answer: D

QUESTION 174
An administrator is testing the collision resistance of different hashing algorithms. Which of the following is the strongest collision resistance test?


A. Find two identical messages with different hashes
B. Find two identical messages with the same hash
C. Find a common has between two specific messages
D. Find a common hash between a specific message and a random message


Answer: A

QUESTION 175
The SSID broadcast for a wireless router has been disabled but a network administrator notices that unauthorized users are accessing the wireless network. The administor has determined that attackers are still able to detect the presence of the wireless network despite the fact the SSID has been disabled.
Which of the following would further obscure the presence of the wireless network?


A. Upgrade the encryption to WPA or WPA2
B. Create a non-zero length SSID for the wireless router
C. Reroute wireless users to a honeypot
D. Disable responses to a broadcast probe request


Answer: D
Explanation:
When “SSID broadcast” is disabled you can:
1) Completely disable the sending of beacons
2) Disable probe responses except in cases where the probe request was explicitly addressed to the correct SSID (ignore broadcast probe requests to the wildcard
SSID) and was from an authorized client (apply MAC Address filtering), and even send a null SSID in the probe responses to those.


QUESTION 176
Which of the following should be used to implement voice encryption?


A. SSLv3
B. VDSL
C. SRTP
D. VoIP


Answer: C

QUESTION 177
During an application design, the development team specifics a LDAP module for single sign-on communication with the company's access control database. This is an example of which of the following?


A. Application control
B. Data in-transit
C. Identification
D. Authentication


Answer: D

QUESTION 178
After a merger, it was determined that several individuals could perform the tasks of a network administrator in the merged organization. Which of the following should have been performed to ensure that employees have proper access?


A. Time-of-day restrictions
B. Change management
C. Periodic auditing of user credentials
D. User rights and permission review


Answer: D

1.|2018 Latest SY0-501 Exam Dumps (PDF & VCE) 566Q&As Download:

https://www.braindump2go.com/sy0-501.html

2.|2018 Latest SY0-501 Exam Questions & Answers Download:

https://drive.google.com/drive/folders/1Mto9aYkbmrvlHB5IFqCx-MuIqEVJQ9Yu?usp=sharing
 

John Wang

Member
Member
Joined
May 9, 2018
Messages
124
Reaction score
1
Points
16
More Braindump2go 2018/November New SY0-501 Real Exam Questions:

QUESTION 179
A company exchanges information with a business partner. An annual audit of the business partner is conducted against the SLA in order to verify:

A. Performance and service delivery metrics
B. Backups are being performed and tested
C. Data ownership is being maintained and audited
D. Risk awareness is being adhered to and enforced

Answer: A

QUESTION 180
Which of the following is the proper way to quantify the total monetary damage resulting from an exploited vulnerability?

A. Calculate the ALE
B. Calculate the ARO
C. Calculate the MTBF
D. Calculate the TCO

Answer: A

QUESTION 181
A security administrator needs to implement a system that detects possible intrusions based upon a vendor provided list. Which of the following BEST describes this type of IDS?

A. Signature based
B. Heuristic
C. Anomaly-based
D. Behavior-based

Answer: A

QUESTION 182
The chief Security Officer (CSO) has reported a rise in data loss but no break ins have occurred. By doing which of the following is the CSO most likely to reduce the number of incidents?

A. Implement protected distribution
B. Empty additional firewalls
C. Conduct security awareness training
D. Install perimeter barricades

Answer: C

QUESTION 183
Ann, a user, states that her machine has been behaving erratically over the past week. She has experienced slowness and input lag and found text files that appear to contain pieces of her emails or online conversations with coworkers. The technician runs a standard virus scan but detects nothing. Which of the following types of malware has infected the machine?

A. Ransomware
B. Rootkit
C. Backdoor
D. Keylogger

Answer: D

QUESTION 184
An information security specialist is reviewing the following output from a Linux server.

Based on the above information, which of the following types of malware was installed on the server?

A. Logic bomb
B. Trojan
C. Backdoor
D. Ransomware
E. Rootkit

Answer: A

QUESTION 185
In terms of encrypting data, which of the following is BEST described as a way to safeguard password data by adding random data to it in storage?

A. Using salt
B. Using hash algorithms
C. Implementing elliptical curve
D. Implementing PKI

Answer: A

QUESTION 186
A system administrator wants to provide for and enforce wireless access accountability during events where external speakers are invited to make presentations to a mixed audience of employees and non-employees. Which of the following should the administrator implement?

A. Shared accounts
B. Preshared passwords
C. Least privilege
D. Sponsored guest

Answer: D

QUESTION 187
Which of the following would MOST likely appear in an uncredentialed vulnerability scan?

A. Self-signed certificates
B. Missing patches
C. Auditing parameters
D. Inactive local accounts

Answer: D

QUESTION 188
A security analyst observes the following events in the logs of an employee workstation:

Given the information provided, which of the following MOST likely occurred on the workstation?

A. Application whitelisting controls blocked an exploit payload from executing.
B. Antivirus software found and quarantined three malware files.
C. Automatic updates were initiated but failed because they had not been approved.
D. The SIEM log agent was not turned properly and reported a false positive.

Answer: A

QUESTION 189
When identifying a company's most valuable assets as part of a BIA, which of the following should be the FIRST priority?

A. Life
B. Intellectual property
C. Sensitive data
D. Public reputation

Answer: A


1.|2018 Latest SY0-501 Exam Dumps (PDF & VCE) 566Q&As Download:

https://www.braindump2go.com/sy0-501.html

2.|2018 Latest SY0-501 Exam Questions & Answers Download:

https://drive.google.com/drive/folders/1Mto9aYkbmrvlHB5IFqCx-MuIqEVJQ9Yu?usp=sharing
 

cillemong

Banned
Banned
Joined
Nov 29, 2018
Messages
127
Reaction score
14
Points
18
If you want to succeed in CompTIA SY0-501Exam then you must get latest SY0-501dumps to prepare exam. Pass4surekey providing you latest SY0-501question answers. You just get SY0-501pdf with updated SY0-501exam questions. I am so happy to utilize SY0-501by Pass4surekey. I discovered this site like a supportive friend. I am so appreciative for their colleagues who made SY0-501due to their dumps I got my success without having any anxiety. SY0-501exam guide helps you to prepare in a proper way or exam and passing it in a better way for the sake of your time and money. I am assure you by getting sample questions from Pass4surekey then you don’t need any other source for preparing SY0-501certification exam because from here you can get verified SY0-501answers of each question that’s all from my side. https://www.pass4surekey.com/exam/sy0-501.html
 
Top