November/2018 New SY0-501 Dumps with PDF and VCE 566Q Released!

Discussion in 'Security+' started by John Wang, Nov 7, 2018.

  1. John Wang

    John Wang Member
    Member

    Joined:
    May 9, 2018
    Messages:
    88
    Likes Received:
    0
    2018/November Braindump2go SY0-501 Exam Dumps with PDF and VCE New Updated Today! Following are some new SY0-501 Real Exam Questions:

    QUESTION 168
    An attacker uses a network sniffer to capture the packets of a transaction that adds $20 to a gift card. The attacker then user a function of the sniffer to push those packets back onto the network again, adding another $20 to the gift card. This can be done many times. Which of the following describes this type of attack?


    A. Integer overflow attack
    B. Smurf attack
    C. Replay attack
    D. Buffer overflow attack
    E. Cross-site scripting attack


    Answer: C

    QUESTION 169
    An organization is moving its human resources system to a cloud services provider.
    The company plans to continue using internal usernames and passwords with the service provider, but the security manager does not want the service provider to have a company of the passwords. Which of the following options meets all of these requirements?


    A. Two-factor authentication
    B. Account and password synchronization
    C. Smartcards with PINS
    D. Federated authentication


    Answer: D

    QUESTION 170
    The data backup window has expanded into the morning hours and has begun to affect production users. The main bottleneck in the process is the time it takes to replicate the backups to separate severs at the offsite data center. Which of the following uses of deduplication could be implemented to reduce the backup window?


    A. Implement deduplication at the network level between the two locations
    B. Implement deduplication on the storage array to reduce the amount of drive space needed
    C. Implement deduplication on the server storage to reduce the data backed up
    D. Implement deduplication on both the local and remote servers


    Answer: B

    QUESTION 171
    A penetration testing is preparing for a client engagement in which the tester must provide data that proves and validates the scanning tools' results.
    Which of the following is the best method for collecting this information?


    A. Set up the scanning system's firewall to permit and log all outbound connections
    B. Use a protocol analyzer to log all pertinent network traffic
    C. Configure network flow data logging on all scanning system
    D. Enable debug level logging on the scanning system and all scanning tools used.


    Answer: B

    QUESTION 172
    Which of the following best describes the initial processing phase used in mobile device forensics?


    A. The phone should be powered down and the battery removed to preserve the state of data on any internal or removable storage utilized by the mobile device
    B. The removable data storage cards should be processed first to prevent data alteration when examining the mobile device
    C. The mobile device should be examined first, then removable storage and lastly the phone without removable storage should be examined again
    D. The phone and storage cards should be examined as a complete unit after examining the removable storage cards separately.


    Answer: D

    QUESTION 173
    Ann a security analyst is monitoring the IDS console and noticed multiple connections from an internal host to a suspicious call back domain.
    Which of the following tools would aid her to decipher the network traffic?


    A. Vulnerability Scanner
    B. NMAP
    C. NETSTAT
    D. Packet Analyzer


    Answer: D

    QUESTION 174
    An administrator is testing the collision resistance of different hashing algorithms. Which of the following is the strongest collision resistance test?


    A. Find two identical messages with different hashes
    B. Find two identical messages with the same hash
    C. Find a common has between two specific messages
    D. Find a common hash between a specific message and a random message


    Answer: A

    QUESTION 175
    The SSID broadcast for a wireless router has been disabled but a network administrator notices that unauthorized users are accessing the wireless network. The administor has determined that attackers are still able to detect the presence of the wireless network despite the fact the SSID has been disabled.
    Which of the following would further obscure the presence of the wireless network?


    A. Upgrade the encryption to WPA or WPA2
    B. Create a non-zero length SSID for the wireless router
    C. Reroute wireless users to a honeypot
    D. Disable responses to a broadcast probe request


    Answer: D
    Explanation:
    When “SSID broadcast” is disabled you can:
    1) Completely disable the sending of beacons
    2) Disable probe responses except in cases where the probe request was explicitly addressed to the correct SSID (ignore broadcast probe requests to the wildcard
    SSID) and was from an authorized client (apply MAC Address filtering), and even send a null SSID in the probe responses to those.


    QUESTION 176
    Which of the following should be used to implement voice encryption?


    A. SSLv3
    B. VDSL
    C. SRTP
    D. VoIP


    Answer: C

    QUESTION 177
    During an application design, the development team specifics a LDAP module for single sign-on communication with the company's access control database. This is an example of which of the following?


    A. Application control
    B. Data in-transit
    C. Identification
    D. Authentication


    Answer: D

    QUESTION 178
    After a merger, it was determined that several individuals could perform the tasks of a network administrator in the merged organization. Which of the following should have been performed to ensure that employees have proper access?


    A. Time-of-day restrictions
    B. Change management
    C. Periodic auditing of user credentials
    D. User rights and permission review


    Answer: D

    1.|2018 Latest SY0-501 Exam Dumps (PDF & VCE) 566Q&As Download:

    Dear visitor, you need to Register or Login to view links on Certify Chat.



    2.|2018 Latest SY0-501 Exam Questions & Answers Download:

    Dear visitor, you need to Register or Login to view links on Certify Chat.

     
  2. John Wang

    John Wang Member
    Member

    Joined:
    May 9, 2018
    Messages:
    88
    Likes Received:
    0
    More Braindump2go 2018/November New SY0-501 Real Exam Questions:

    QUESTION 179
    A company exchanges information with a business partner. An annual audit of the business partner is conducted against the SLA in order to verify:

    A. Performance and service delivery metrics
    B. Backups are being performed and tested
    C. Data ownership is being maintained and audited
    D. Risk awareness is being adhered to and enforced

    Answer: A

    QUESTION 180
    Which of the following is the proper way to quantify the total monetary damage resulting from an exploited vulnerability?

    A. Calculate the ALE
    B. Calculate the ARO
    C. Calculate the MTBF
    D. Calculate the TCO

    Answer: A

    QUESTION 181
    A security administrator needs to implement a system that detects possible intrusions based upon a vendor provided list. Which of the following BEST describes this type of IDS?

    A. Signature based
    B. Heuristic
    C. Anomaly-based
    D. Behavior-based

    Answer: A

    QUESTION 182
    The chief Security Officer (CSO) has reported a rise in data loss but no break ins have occurred. By doing which of the following is the CSO most likely to reduce the number of incidents?

    A. Implement protected distribution
    B. Empty additional firewalls
    C. Conduct security awareness training
    D. Install perimeter barricades

    Answer: C

    QUESTION 183
    Ann, a user, states that her machine has been behaving erratically over the past week. She has experienced slowness and input lag and found text files that appear to contain pieces of her emails or online conversations with coworkers. The technician runs a standard virus scan but detects nothing. Which of the following types of malware has infected the machine?

    A. Ransomware
    B. Rootkit
    C. Backdoor
    D. Keylogger

    Answer: D

    QUESTION 184
    An information security specialist is reviewing the following output from a Linux server.

    Based on the above information, which of the following types of malware was installed on the server?

    A. Logic bomb
    B. Trojan
    C. Backdoor
    D. Ransomware
    E. Rootkit

    Answer: A

    QUESTION 185
    In terms of encrypting data, which of the following is BEST described as a way to safeguard password data by adding random data to it in storage?

    A. Using salt
    B. Using hash algorithms
    C. Implementing elliptical curve
    D. Implementing PKI

    Answer: A

    QUESTION 186
    A system administrator wants to provide for and enforce wireless access accountability during events where external speakers are invited to make presentations to a mixed audience of employees and non-employees. Which of the following should the administrator implement?

    A. Shared accounts
    B. Preshared passwords
    C. Least privilege
    D. Sponsored guest

    Answer: D

    QUESTION 187
    Which of the following would MOST likely appear in an uncredentialed vulnerability scan?

    A. Self-signed certificates
    B. Missing patches
    C. Auditing parameters
    D. Inactive local accounts

    Answer: D

    QUESTION 188
    A security analyst observes the following events in the logs of an employee workstation:

    Given the information provided, which of the following MOST likely occurred on the workstation?

    A. Application whitelisting controls blocked an exploit payload from executing.
    B. Antivirus software found and quarantined three malware files.
    C. Automatic updates were initiated but failed because they had not been approved.
    D. The SIEM log agent was not turned properly and reported a false positive.

    Answer: A

    QUESTION 189
    When identifying a company's most valuable assets as part of a BIA, which of the following should be the FIRST priority?

    A. Life
    B. Intellectual property
    C. Sensitive data
    D. Public reputation

    Answer: A


    1.|2018 Latest SY0-501 Exam Dumps (PDF & VCE) 566Q&As Download:

    Dear visitor, you need to Register or Login to view links on Certify Chat.



    2.|2018 Latest SY0-501 Exam Questions & Answers Download:

    Dear visitor, you need to Register or Login to view links on Certify Chat.

     
  3. ammyjhon

    ammyjhon Member
    Member

    Joined:
    Jul 10, 2018
    Messages:
    280
    Likes Received:
    6
    I am so happy I passed my Sy0-501 exam today. Thank you so much for all the Sy0-501 study guide provided. It was my first attempt and my score was so much better than I expected it.

    Dear visitor, you need to Register or Login to view links on Certify Chat.

     

Share This Page