CompTIA.SY0-501.v2018-03-19.q100

Exam Code: SY0-501Exam Name: CompTIA Security+ Certification ExamCertification Provider: CompTIAFree Question Number: 100Version: v2018-03-19# of views: 2717# of Questions views: 138580https://www.freecram.com/torrent/CompTIA.SY0-501.v2018-03-19.q100.html

NEW QUESTION: 1A company has three divisions, each with its own networks and services. The company decidesto make its secure web portal accessible to all employees utilizing their existing usernames andpasswords. The security administrator has elected to use SAML to support authentication. In thisscenario, which of the following will occur when users try to authenticate to the portal? (Selecttwo.)A. The portal will request an authentication ticket from each network that is transitively trusted.B. The back-end networks will request authentication tickets from the portal, which will act as thethird-party service provider authentication store.C. The portal will function as a service provider and request an authentication assertion.D. The back-end networks will function as an identity provider and issue an authenticationassertion.E. The back-end networks will verify the assertion token issued by the portal functioning as theidentity provider.F. The portal will function as an identity provider and issue an authentication assertion.Answer: C,F

NEW QUESTION: 2Refer to the following code:

Which of the following vulnerabilities would occur if this is executed?A. Page exceptionB. Pointer deferenceC. Missing null checkD. NullPointerException

Answer: C

NEW QUESTION: 3Joe, a user, wants to send Ann, another user, a confidential document electronically. Which of thefollowing should Joe do to ensure the document is protected from eavesdropping?A. Encrypt it with Joe's public keyB. Encrypt it with Joe's private keyC. Encrypt it with Ann's private keyD. Encrypt it with Ann's public keyAnswer: D

NEW QUESTION: 4A network administrator wants to implement a method of securing internal routing. Which of thefollowing should the administrator implement?A. PATB. VPNC. NATD. DMZAnswer: B

NEW QUESTION: 5A user suspects someone has been accessing a home network without permission by spoofingthe MAC address of an authorized system. While attempting to determine if an authorized user islogged into the home network, the user reviews the wireless router, which shows the followingtable for systems that are currently on the home network.

Which of the following should be the NEXT step to determine if there is an unauthorized user onthe network?A. Apply MAC filtering and see if the router drops any of the systems.B. Physically check each of the authorized systems to determine if they are logged onto thenetwork.C. Conduct a ping sweep of each of the authorized systems and see if an echo response isreceived.D. Deny the "unknown" host because the hostname is not known and MAC filtering is not appliedto this host.Answer: D

NEW QUESTION: 6After an identified security breach, an analyst is tasked to initiate the IR process. Which of thefollowing is the NEXT step the analyst should take?A. EscalationB. IdentificationC. DocumentationD. RecoveryE. PreparationAnswer: B

NEW QUESTION: 7A development team has adopted a new approach to projects in which feedback is iterative andmultiple iterations of deployments are provided within an application's full life cycle.Which of the following software development methodologies is the development team using?A. AgileB. ExtremeC. RapidD.WaterfallAnswer: A

NEW QUESTION: 8An organization's file server has been virtualized to reduce costs. Which of the following types ofbackups would be MOST appropriate for the particular file server?A. IncrementalB. FullC. SnapshotD. DifferentialAnswer: A

NEW QUESTION: 9A company's loss control department identifies theft as a recurring loss type over the past year.Based on the department's report, the Chief information Office (CIO) wants to detect theft ofdatacenter equipment. Which of the following controls should be implemented?A. BiometricsB. Motion detectorsC. MantrapsD. CamerasAnswer: B

NEW QUESTION: 10

Which of the following would meet the requirements for multifactor authentication?A. Smart card and hardware tokenB. Fingerprint and passwordC. Username, PIN, and employee ID numberD. Voice recognition and retina scanAnswer: B

NEW QUESTION: 11A security analyst reviews the following output:

The analyst loads the hash into the SIEM to discover if this hash is seen in other parts of thenetwork. After inspecting a large number of files, the SIEM reports the following.File hash: E289F21CD33E4F57890DDEA5CF267ED2File found: somestuff.xls, somefile.pdf, nofile.docWhich of the following is the MOST likely cause of the hash being found in other areas?A. The file is encrypted.B. Shadow copies are present.C. There are MD5 has collisionsD. Jan Smith is an insider threat.Answer: B

NEW QUESTION: 12A company is terminating an employee for misbehavior. Which of the following steps is MOSTimportant in the process of disengagement from this employee?A. Obtain a list of passwords used by the employee.B. Have the employee sign an NDA before departing.C. Generate a report on outstanding projects the employee handled.D. Have the employee surrender company identification.Answer: B

NEW QUESTION: 13A user has attempted to access data at a higher classification level than the user's account iscurrently authorized to access. Which of the following access control models has been applied tothis user's account?A. MACB. ABAC

C. RBACD. DACAnswer: C

NEW QUESTION: 14An organization is comparing and contrasting migration from its standard desktop configuration tothe newest version of the platform. Before this can happen, the Chief Information Security Officer(CISO) voices the need to evaluate the functionality of the newer desktop platform to ensureinteroperability with existing software in use by the organization. In which of the followingprinciples of architecture and design is the CISO engaging?A. BaseliningB.WaterfallingC. Dynamic analysisD. Change managementAnswer: D

NEW QUESTION: 15A security analyst is performing a quantitative risk analysis. The risk analysis should show thepotential monetary loss each time a threat or event occurs. Given this requirement, which of thefollowing concepts would assist the analyst in determining this value? (Select two.)A. AVB. EFC. ALED. ROIE. AROAnswer: A,B

NEW QUESTION: 16A department head at a university resigned on the first day of the spring semester. It wassubsequently determined that the department head deleted numerous files and directories fromthe server-based home directory while the campus was closed. Which of the following policies orprocedures could have prevented this from occurring?A. Permission auditing and reviewB. OffboardingC. Time-of-day restrictionsD. Account expirationAnswer: D

Valid SY0-501 Dumps shared by PrepAwayExam.com for Helping Passing SY0-501 Exam!PrepAwayExam.com now offer the newest SY0-501 exam dumps, the PrepAwayExam.comSY0-501 exam questions have been updated and answers have been corrected get thenewest PrepAwayExam.com SY0-501 dumps with Test Engine here:https://www.prepawayexam.com/CompTIA/braindumps.SY0-501.ete.file.html (375 Q&As

Dumps, 40%OFF Special Discount: freecram)

NEW QUESTION: 17When identifying a company's most valuable assets as part of a BIA, which of the followingshould be the FIRST priority?A. Intellectual propertyB. Sensitive dataC. LifeD. Public reputationAnswer: C

NEW QUESTION: 18A penetration tester is crawling a target website that is available to the public. Which of thefollowing represents the actions the penetration tester is performing?A. Escalation of privilegeB. URL hijackingC. ReconnaissanceD.White box testingAnswer: B

NEW QUESTION: 19Which of the following cryptography algorithms will produce a fixed-length, irreversible output?A. MD5B. 3DESC. AESD. RSAAnswer: A

NEW QUESTION: 20Which of the following BEST describes an important security advantage yielded by implementingvendor diversity?A. SustainabilityB. ConfigurabilityC. HomogeneityD. Resiliency

Answer: D

NEW QUESTION: 21An incident responder receives a call from a user who reports a computer is exhibiting symptomsconsistent with a malware infection. Which of the following steps should the responder performNEXT?A. Use a remote desktop client to collect and analyze the malware in real time.B. Capture and document necessary information to assist in the response.C. Ask the user to back up files for later recovery.D. Request the user capture and provide a screenshot or recording of the symptoms.Answer: A

NEW QUESTION: 22Which of the following cryptographic algorithms is irreversible?A. RC4B. AESC. SHA-256D. DESAnswer: C

NEW QUESTION: 23A company is using a mobile device deployment model in which employees use their personaldevices for work at their own discretion. Some of the problems the company is encounteringinclude the following:Which of the following is a deployment model that would help the company overcome theseproblems?A. CYODB. COPEC. VDID. BYODAnswer: A

NEW QUESTION: 24When configuring settings in a mandatory access control environment, which of the followingspecifies the subjects that can access specific data objects?A. OwnerB. UserC. SystemD. AdministratorAnswer: D

NEW QUESTION: 25Which of the following explains why vendors publish MD5 values when they provide softwarepatches for their customers to download over the Internet?A. The recipient can request future updates to the software using the published MD5 value.B. The recipient can verify integrity of the software patch.C. The recipient can verify the authenticity of the site used to download the patch.D. The recipient can successfully activate the new software patch.Answer: B

NEW QUESTION: 26Which of the following are methods to implement HA in a web application server environment?(Select two.)A. Reverse proxiesB. Application layer firewallsC. Load balancersD. RoutersE. VPN concentratorsAnswer: B,C

NEW QUESTION: 27When systems, hardware, or software are not supported by the original vendor, it is a vulnerabilityknown as:A. end-of-life systemsB. resource exhaustionC. system sprawlD. a default configurationAnswer: A

NEW QUESTION: 28A systems administrator is reviewing the following information from a compromised server:Given the above information, which of the following processes was MOST likely exploited via aremote buffer overflow attack?A. TFTPB. LSASSC. ApacheD. MySQLAnswer: C

NEW QUESTION: 29An in-house penetration tester is using a packet capture device to listen in on networkcommunications. This is an example of:

A. Passive reconnaissanceB. Escalation of privilegesC. PersistenceD. Exploiting the switchAnswer: D

NEW QUESTION: 30A manager wants to distribute a report to several other managers within the company.Some of them reside in remote locations that are not connected to the domain but have a localserver.Because there is sensitive data within the report and the size of the report is beyond the limit ofthe email attachment size, emailing the report is not an option. Which of the following protocolsshould be implemented to distribute the report securely? (Select three.)A. HTTPSB. FTPSC. SNMPv3D. SRTPE. S/MIMEF. SSHG. LDAPSAnswer: A,B,F

NEW QUESTION: 31Ann. An employee in the payroll department, has contacted the help desk citing multiple issueswith her device, including:Ann states the issues began after she opened an invoice that a vendor emailed to her.Upon opening the invoice, she had to click several security warnings to view it in her wordprocessor. With which of the following is the device MOST likely infected?A. RootkitB. SpywareC. BackdoorD. Crypto-malwareAnswer: C

Valid SY0-501 Dumps shared by PrepAwayExam.com for Helping Passing SY0-501 Exam!PrepAwayExam.com now offer the newest SY0-501 exam dumps, the PrepAwayExam.comSY0-501 exam questions have been updated and answers have been corrected get thenewest PrepAwayExam.com SY0-501 dumps with Test Engine here:

https://www.prepawayexam.com/CompTIA/braindumps.SY0-501.ete.file.html (375 Q&As

Dumps, 40%OFF Special Discount: freecram)

NEW QUESTION: 32An organization is using a tool to perform a source code review. Which of the following describesthe case in which the tool incorrectly identifies the vulnerability?A. True negativeB. False negativeC. False positiveD. True positiveAnswer: C

NEW QUESTION: 33Which of the following occurs when the security of a web application relies on JavaScript for inputvalidation?A. The application is vulnerable to race conditions.B. The integrity of the data is at risk.C. A host-based firewall is required.D. The security of the application relies on antivirus.Answer: B

NEW QUESTION: 34A security consultant discovers that an organization is using the PCL protocol to print documents,utilizing the default driver and print settings. Which of the following is the MOST likely risk in thissituation?A. Attackers can use the PCL protocol to bypass the firewall of client computers.B. An attacker can easily inject malicious code into the printer firmware.C. An attacker can access and change the printer configuration.D. SNMP data leaving the printer will not be properly encrypted.E. An MITM attack can reveal sensitive information.Answer: D

NEW QUESTION: 35Which of the following BEST describes a network-based attack that can allow an attacker to takefull control of a vulnerable host?A. Man-in-the-middleB. AmplificationC. Remote exploitD. SniffingAnswer: D

NEW QUESTION: 36An analyst wants to implement a more secure wireless authentication for office access points.Which of the following technologies allows for encrypted authentication of wireless clients overTLS?A.WPA2B. PEAPC. EAPD. RADIUSAnswer: A

NEW QUESTION: 37Which of the following can be provided to an AAA system for the identification phase?A. Private certificateB. PermissionsC. UsernameD. One-time tokenAnswer: C

NEW QUESTION: 38As part of the SDLC, a third party is hired to perform a penetration test. The third party will haveaccess to the source code, integration tests, and network diagrams. Which of the following BESTdescribes the assessment being performed?A. FuzzingB. Black boxC. RegressionD.White boxAnswer: D

NEW QUESTION: 39DRAG DROPYou have been tasked with designing a security plan for your company. Drag and drop theappropriate security controls on the floor plan.Instructions: All objects must be used and all place holders must be filled. Order does not matter.When you have completed the simulation, please select the Done button to submit.Answer:

NEW QUESTION: 40A user is presented with the following items during the new-hire onboarding process:-Laptop-Secure USB drive-Hardware OTP token

-External high-capacity HDD-Password complexity policy-Acceptable use policy-HASP key-Cable lockWhich of the following is one component of multifactor authentication?A. Secure USB driveB. Cable lockC. HASP keyD. Hardware OTP tokenAnswer: D

NEW QUESTION: 41A Chief Executive Officer (CEO) suspects someone in the lab testing environment is stealingconfidential information after working hours when no one else is around. Which of the followingactions can help to prevent this specific threat?A. Implement time-of-day restrictions.B. Audit file access times.C. Require swipe-card access to enter the labD. Secretly install a hidden surveillance cameraAnswer: C

NEW QUESTION: 42In a corporation where compute utilization spikes several times a year, the Chief InformationOfficer (CIO) has requested a cost-effective architecture to handle the variable capacity demand.Which of the following characteristics BEST describes what the CIO has requested?A. ScalabilityB. RedundancyC. ElasticityD. High availabilityAnswer: C

NEW QUESTION: 43CORRECT TEXTYou have just received some room and WiFi access control recommendations from a securityconsulting company. Click on each building to bring up available security controls.Please implement the following requirements:* The Chief Executive Officer's (CEO) office had multiple redundant security measures installedon the door to the office. Remove unnecessary redundancies to deploy three- factorauthentication, while retaining the expensive iris render.

* The Public Cafe has wireless available to customers. You need to secure the WAP with WPAand place a passphrase on the customer receipts.* In the Data Center you need to include authentication from the "something you know" categoryand take advantage of the existing smartcard reader on the door.* In the Help Desk Office you need to require single factor authentication through the use ofphysical tokens given to guests by the receptionist.* The PII Office has redundant security measures in place. You need to eliminate the redundancywhile maintaining three-factor authentication and retaining the more expensive controls.Instructions: The original security controls for each office can be reset at anytime by selecting theReset button. Once you have met the above requirements for each office, select the Save button.When you have completed the entire simulation, please select the Done button to submit.Once the simulation is submitted, please select the Next button to continue.

Answer:Please refer to the Explanation part to solve this sim.Explanation:Use the following to get this sim work as :

NEW QUESTION: 44A vulnerability scanner that uses its running service's access level to better assess vulnerabilitiesacross multiple assets within an organization is performing a:A. Non-intrusive scan.B. Passive scan.C. Credentialed scan.D. Privilege escalation test.Answer: C

NEW QUESTION: 45

A security administrator is developing controls for creating audit trails and tracking if a PHI databreach is to occur. The administrator has been given the following requirements:Which of the following should the administrator implement to meet the above requirements?(Select three.)A. Implement usage auditing and review.B. Implement time-of-day restrictions.C. Enable account lockout thresholds.D. Perform regular permission audits and reviews.E. Eliminate shared accounts.F. Create a standard naming convention for accounts.G. Copy logs in real time to a secured WORM drive.Answer: A,D,E

NEW QUESTION: 46Which of the following are the MAIN reasons why a systems administrator would install securitypatches in a staging environment before the patches are applied to the production server? (Selecttwo.)A. To verify the appropriate patch is being installedB. To ensure users are trained on new functionalityC. To prevent server availability issuesD. To allow users to test functionalityE. To generate a new baseline hash after patchingAnswer: C,D

Valid SY0-501 Dumps shared by PrepAwayExam.com for Helping Passing SY0-501 Exam!PrepAwayExam.com now offer the newest SY0-501 exam dumps, the PrepAwayExam.comSY0-501 exam questions have been updated and answers have been corrected get thenewest PrepAwayExam.com SY0-501 dumps with Test Engine here:https://www.prepawayexam.com/CompTIA/braindumps.SY0-501.ete.file.html (375 Q&As

Dumps, 40%OFF Special Discount: freecram)

NEW QUESTION: 47A high-security defense installation recently begun utilizing large guard dogs that bark very loudlyand excitedly at the slightest provocation. Which of the following types of controls does this BESTdescribe?A. CompensatingB. PreventiveC. DetectiveD. Deterrent

Answer: D

NEW QUESTION: 48A Chief Executive Officer (CEO) suspects someone in the lab testing environment is stealingconfidential information after working hours when no one else is around. Which of the followingactions can help to prevent this specific threat?A. Require swipe-card access to enter the lab.B. Secretly install a hidden surveillance camera.C. Implement time-of-day restrictions.D. Audit file access times.Answer: C

NEW QUESTION: 49A Chief Information Officer (CIO) drafts an agreement between the organization and itsemployees. The agreement outlines ramifications for releasing information without consentand/for approvals. Which of the following BEST describes this type of agreement?A. MOUB. ISAC. NDAD. SLAAnswer: C

NEW QUESTION: 50A company hires a third-party firm to conduct an assessment of vulnerabilities exposed to theInternet. The firm informs the company that an exploit exists for an FTP server that had a versioninstalled from eight years ago. The company has decided to keep the system online anyway, asno upgrade exists form the vendor. Which of the following BEST describes the reason why thevulnerability exists?A. End-of-life systemB. Default configurationC. Zero-day threatsD.Weak cipher suiteAnswer: A

NEW QUESTION: 51A security administrator receives an alert from a third-party vendor that indicates a certificate thatwas installed in the browser has been hijacked at the root of a small public CA. The securityadministrator knows there are at least four different browsers in use on more than a thousandcomputers in the domain worldwide. Which of the following solution would be BEST for thesecurity administrator to implement to most efficiently assist with this issue?A. PKI

B. ACLC. CRLD. SSLAnswer: D

NEW QUESTION: 52A security analyst receives a notification from the IDS after working hours, indicating a spike innetwork traffic. Which of the following BEST describes this type of IDS?A. StatefulB. Host-basedC. Signature-basedD. Anomly-basedAnswer: C

NEW QUESTION: 53A company hired a third-party firm to conduct as assessment of vulnerabilities exposed to theInternet. The firm informs the company that an exploit exists for an FTP server that has a versioninstalled from eight years ago. The company has decided to keep the system online anyway, asno upgrade exists from the vendor. Which of the following BEST describes the reason why thevulnerability exists?A. Default configurationB.Weak cipher suiteC. Zero-day threatsD. End-of-lifeAnswer: D

NEW QUESTION: 54As part of a new industry regulation, companies are required to utilize secure, standardized OSsettings. A technical must ensure the OS settings are hardened. Which of the following is theBEST way to do this?A. Use a passive, in-line scanner.B. Use a protocol analyzer.C. Use a configuration compliance scanner.D. Use a vulnerability scanner.Answer: D

NEW QUESTION: 55A system administrator is reviewing the following information from a compromised server.

Given the above information, which of the following processes was MOST likely exploited viaremote buffer overflow attack?A. MySQLB. ApacheC. LSASSD. TFTPAnswer: D

NEW QUESTION: 56A security analyst is diagnosing an incident in which a system was compromised from an externalIP address. The socket identified on the firewall was traced to 207.46.130.0:6666.Which of the following should the security analyst do to determine if the compromised system stillhas an active connection?A. pingB. nslookupC. tracertD. netstatAnswer: D

NEW QUESTION: 57A company was recently audited by a third party. The audit revealed the company's networkdevices were transferring files in the clear. Which of the following protocols should the companyuse to transfer files?A. SNMP3B. LDAPSC. SCPD. HTTPSAnswer: C

NEW QUESTION: 58Which of the following types of keys is found in a key escrow?A. SessionB. PrivateC. SharedD. Public

Answer: A

NEW QUESTION: 59Which of the following network vulnerability scan indicators BEST validates a successful, activescan?A. The scan output lists SQL injection attack vectors.B. The scan job is scheduled to run during off-peak hours.C. The scan results identify the hostname and IP address.D. The scan data identifies the use of privileged-user credentials.Answer: C

NEW QUESTION: 60A security analyst is hardening a server with the directory services role installed. The analystmust ensure LDAP traffic cannot be monitored or sniffed and maintains compatibility with LDAPclients. Which of the following should the analyst implement to meet these requirements? (Selecttwo.)A. Generate an X.509-compliant certificate that is signed by a trusted CA.B. Install and configure an SSH tunnel on the LDAP server.C. Ensure port 389 is open between the clients and the servers using the communication.D. Remote the LDAP directory service role from the server.E. Ensure port 636 is open between the clients and the servers using the communication.Answer: B,E

NEW QUESTION: 61A security engineer is configuring a system that requires the X.509 certificate information to bepasted into a form field in Base64 encoded format to import it into the system. Which of thefollowing certificate formats should the engineer use to obtain the information in the requiredformat?A. CERB. PFXC. PEMD. DERAnswer: C

Valid SY0-501 Dumps shared by PrepAwayExam.com for Helping Passing SY0-501 Exam!PrepAwayExam.com now offer the newest SY0-501 exam dumps, the PrepAwayExam.comSY0-501 exam questions have been updated and answers have been corrected get thenewest PrepAwayExam.com SY0-501 dumps with Test Engine here:

https://www.prepawayexam.com/CompTIA/braindumps.SY0-501.ete.file.html (375 Q&As

Dumps, 40%OFF Special Discount: freecram)

NEW QUESTION: 62Which of the following precautions MINIMIZES the risk from network attacks directed atmultifunction printers, as well as the impact on functionality at the same time?A. Implementing a unique user PIN access functionsB. Installing a software-based IPS on all devicesC. Enabling full disk encryptionD. Isolating the systems using VLANsAnswer: D

NEW QUESTION: 63A security analyst is reviewing the following output from an IPS:

Given this output, which of the following can be concluded? (Select two.)A. The attacker sent a malformed IGAP packet, triggering the alert.B. The source IP of the attack is coming from 250.19.18.22.C. The attacker sent a malformed TCP packet, triggering the alert.D. The source IP of the attack is coming from 250.19.18.71.E. The TTL value is outside of the expected range, triggering the alert.Answer: A,D

NEW QUESTION: 64DRAG DROPDrag and drop the correct protocol to its default port.Answer:Explanation:FTP uses TCP port 21.Telnet uses port 23.SSH uses TCP port 22. All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec,and slogin, also use TCP port 22. Secure Copy Protocol (SCP) is a secure file- transfer facilitybased on SSH and Remote Copy Protocol (RCP). Secure FTP (SFTP) is a secured alternative tostandard File Transfer Protocol (FTP).SMTP uses TCP port 25.Port 69 is used by TFTP.

SNMP makes use of UDP ports 161 and 162.References:Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp.42, 45, 51http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

NEW QUESTION: 65A security analyst is hardening a web server, which should allow a secure certificate-basedsession using the organization's PKI infrastructure. The web server should also utilize the latestsecurity techniques and standards. Given this set of requirements, which of the followingtechniques should the analyst implement to BEST meet these requirements?(Select two.)A. Install an X- 509-compliant certificate.B. Enable and configure TLS on the server.C. Configure the web server to use a host header.D. Implement a CRL using an authorized CA.E. Install a certificate signed by a public CA.Answer: A,B

NEW QUESTION: 66DRAG DROPA security administrator wants to implement strong security on the company smart phones andterminal servers located in the data center. Drag and drop the applicable controls to each assettypes?Instructions: Controls can be used multiple times and not all placeholders need to be filled.When you have completed the simulation, please select the Done button to submit.Answer:Explanation:Company Manages Smart PhoneScreen LockStrong PasswordDevice EncryptionRemote WipeGPS TrackingPop-up blockerData Center Terminal ServerCable LocksAntivirusHost Based FirewallProximity ReaderSniffer

Mantrap

NEW QUESTION: 67An application developer is designing an application involving secure transports from one serviceto another that will pass over port 80 for a request.Which of the following secure protocols is the developer MOST likely to use?A. FTPSB. SFTPC. SSLD. LDAPSAnswer: C

NEW QUESTION: 68Which of the following is an important step to take BEFORE moving any installation packagesfrom a test environment to production?A. Verify the hashes of filesB. Archive and compress the filesC. Update the secure baselineD. Roll back changes in the test environmentAnswer: D

NEW QUESTION: 69A security analyst is hardening an authentication server. One of the primary requirements is toensure there is mutual authentication and delegation. Given these requirements, which of thefollowing technologies should the analyst recommend and configure?A. Kerberos servicesB. CHAP servicesC. NTLM servicesD. LDAP servicesAnswer: D

NEW QUESTION: 70An administrator is replacing a wireless router. The configuration of the old wireless router wasnot documented before it stopped functioning. The equipment connecting to the wireless networkuses older legacy equipment that was manufactured prior to the release of the 802.11i standard.Which of the following configuration options should the administrator select for the new wirelessrouter?A.WPA+CCMPB.WPA+TKIPC.WPA2+CCMPD.WPA2+TKIP

Answer: D

NEW QUESTION: 71An organization's internal auditor discovers that large sums of money have recently been paid toa vendor that management does not recognize. The IT security department is asked toinvestigate the organizations the organization's ERP system to determine how the accountspayable module has been used to make these vendor payments.The IT security department finds the following security configuration for the accounts payablemodule:Which of the following changes to the security configuration of the accounts payable modulewould BEST mitigate the risk?A.B. Option DC. Option CD.E.F.G. Option BH. Option AAnswer: A

NEW QUESTION: 72A wireless network uses a RADIUS server that is connected to an authenticator, which in turnconnects to a supplicant. Which of the following represents the authentication architecture in use?A. 802.1xB. Captive portalC. RADIUS federationD. Open systems authenticationAnswer: A

NEW QUESTION: 73A company has a data system with definitions for "Private" and "Public". The company's securitypolicy outlines how data should be protected based on type. The company recently added thedata type "Proprietary". Which of the following is the MOST likely reason the company added thisdata type?A. Better data classificationB. More searchable dataC. Expanded authority of the privacy officerD. Reduced costAnswer: B

NEW QUESTION: 74A technician suspects that a system has been compromised.The technician reviews the following log entry:WARNING- hash mismatch: C:\Window\SysWOW64\user32.dllWARNING- hash mismatch: C:\Window\SysWOW64\kernel32.dllBased solely ono the above information, which of the following types of malware is MOST likelyinstalled on the system?A. RansomwareB. TrojanC. RootkitD. BackdoorAnswer: C

NEW QUESTION: 75A director of IR is reviewing a report regarding several recent breaches. The director compiles thefollowing statistic's-Initial IR engagement time frame-Length of time before an executive management notice went out-Average IR phase completionThe director wants to use the data to shorten the response time. Which of the following wouldaccomplish this?A. Containment phaseB. CSIRTC. Escalation notificationsD. Tabletop exerciseAnswer: D

NEW QUESTION: 76DRAG DROPA Security administrator wants to implement strong security on the company smart phones andterminal servers located in the data center. Drag and Drop the applicable controls to each assettype.Instructions: Controls can be used multiple times and not all placeholders needs to be filled.When you have completed the simul-ation, Please select Done to submit.Answer:Explanation:Cable locks are used as a hardware lock mechanism - thus best used on a Data Center TerminalServer.Network monitors are also known as sniffers - thus best used on a Data Center Terminal Server.Install antivirus software. Antivirus software should be installed and definitions kept current on allhosts. Antivirus software should run on the server as well as on every workstation. In addition to

active monitoring of incoming fi les, scans should be conducted regularly to catch any infectionsthat have slipped through- thus best used on a Data Center Terminal Server.Proximity readers are used as part of physical barriers which makes it more appropriate to use ona center's entrance to protect the terminal server.Mentor app is an Apple application used for personal development and is best used on a mobiledevice such as a smart phone.Remote wipe is an application that can be used on devices that are stolen to keep data safe. It isbasically a command to a phone that will remotely clear the data on that phone.This process is known as a remote wipe, and it is intended to be used if the phone is stolen orgoing to another user.Should a device be stolen, GPS (Global Positioning System) tracking can be used to identify itslocation and allow authorities to find it - thus best used on a smart phone.Screen Lock is where the display should be configured to time out after a short period of inactivityand the screen locked with a password. To be able to access the system again, the user mustprovide the password. After a certain number of attempts, the user should not be allowed toattempt any additional logons; this is called lockout - thus best used on a smart phone.Strong Password since passwords are always important, but even more so when you considerthat the device could be stolen and in the possession of someone who has unlimited access andtime to try various values - thus best use strong passwords on a smartphone as it can be stolenmore easily than a terminal server in a data center.Device Encryption- Data should be encrypted on the device so that if it does fall into the wronghands, it cannot be accessed in a usable form without the correct passwords. It is recommendedto you use Trusted Platform Module (TPM) for all mobile devices where possible.Use pop-up blockers. Not only are pop-ups irritating, but they are also a security threat.Pop-ups (including pop-unders) represent unwanted programs running on the system, and theycan jeopardize the system's well-being. This will be more effective on a mobile device rather thana terminal server.Use host-based firewalls. A firewall is the first line of defense against attackers and malware.Almost every current operating system includes a firewall, and most are turned on by Default-thus best used on a Data Center Terminal Server.References:Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex,Indianapolis, 2014, pp. 221, 222, 369, 418http://www.mentor-app.com/

Valid SY0-501 Dumps shared by PrepAwayExam.com for Helping Passing SY0-501 Exam!PrepAwayExam.com now offer the newest SY0-501 exam dumps, the PrepAwayExam.comSY0-501 exam questions have been updated and answers have been corrected get thenewest PrepAwayExam.com SY0-501 dumps with Test Engine here:

https://www.prepawayexam.com/CompTIA/braindumps.SY0-501.ete.file.html (375 Q&As

Dumps, 40%OFF Special Discount: freecram)

NEW QUESTION: 77A security analyst receives an alert from a WAF with the following payload:var data= "<test test test>" ++ <../../../../../../etc/passwd>"Which of the following types of attacks is this?A. SQL injectionB. Cross-site request forgeryC. JavaScript data insertionD. Buffer overflowE. Firewall evasion sciptAnswer: C

NEW QUESTION: 78An analyst is reviewing a simple program for potential security vulnerabilities before beingdeployed to a Windows server. Given the following code:

Which of the following vulnerabilities is present?A. Buffer overflowB. Integer overflowC. Bad memory pointerD. BackdoorAnswer: A

NEW QUESTION: 79An application team is performing a load-balancing test for a critical application during off- hoursand has requested access to the load balancer to review which servers are up without having theadministrator on call. The security analyst is hesitant to give the application team full access dueto other critical applications running on the load balancer.Which of the following is the BEST solution for security analyst to process the request?A. Give the application team administrator access during off-hours.B. Disable other critical applications before granting the team access.C. Give the application team read-only access.Answer: A

NEW QUESTION: 80Which of the following must be intact for evidence to be admissible in court?A. Chain of custodyB. Order of violationC. Legal holdD. PreservationAnswer: A

NEW QUESTION: 81A datacenter recently experienced a breach. When access was gained, an RF device was usedto access an air-gapped and locked server rack. Which of the following would Best prevent thistype of attack?A. Faraday cageB. infrared detectionC. Smart cardsD. AlarmsAnswer: A

NEW QUESTION: 82A network technician is setting up a segmented network that will utilize a separate ISP to providewireless access to the public area for a company. Which of the following wireless securitymethods should the technician implement to provide basic accountability for access to the publicnetwork?A. EnterpriseB.WiFi Protected SetupC. Pre-shared keyD. Captive PortalAnswer: B

NEW QUESTION: 83A botnet has hit a popular website with a massive number of GRE-encapsulated packets toperform a DDoS attack. News outlets discover a certain type of refrigerator was exploited andused to send outbound packets to the website that crashed. To which of the following categoriesdoes the refrigerator belong?A. ICSB. MFDC. SoCD. IoTAnswer: D

NEW QUESTION: 84

A system administrator wants to provide balance between the security of a wireless network andusability. The administrator is concerned with wireless encryption compatibility of older devicesused by some employees. Which of the following would provide strong security and backwardcompatibility when accessing the wireless network?A.WPA using a preshared keyB.WPA2 using a RADIUS back-end for 802.1x authenticationC.WEP with a 40-bit keyD. Open wireless network and SSL VPNAnswer: B

NEW QUESTION: 85Which of the following vulnerability types would the type of hacker known as a script kiddie beMOST dangerous against?A. Unpatched exploitable Internet-facing servicesB. Passwords written on the bottom of a keyboardC. Misplaced hardware tokenD. Unencrypted backup tapesAnswer: A

NEW QUESTION: 86A manager suspects that an IT employee with elevated database access may be knowinglymodifying financial transactions for the benefit of a competitor. Which of the following practicesshould the manager implement to validate the concern?A. Background checksB. Separation of dutiesC. Security awareness trainingD. Mandatory vacationsAnswer: B

NEW QUESTION: 87A company's user lockout policy is enabled after five unsuccessful login attempts. The help desknotices a user is repeatedly locked out over the course of a workweek. Upon contacting the user,the help desk discovers the user is on vacation and does not have network access. Which of thefollowing types of attacks are MOST likely occurring? (Select two.)A. DictionaryB. ReplayC. Pass the hashD. Brute forceE. Rainbow tablesAnswer: A,C

NEW QUESTION: 88When performing data acquisition on a workstation, which of the following should be capturedbased on memory volatility? (Select two.)A. Mounted network storageB. Swap/pagefileC. USB-attached hard diskD. RAME. ROMAnswer: C,E

NEW QUESTION: 89To reduce disk consumption, an organization's legal department has recently approved a newpolicy setting the data retention period for sent email at six months. Which of the following is theBEST way to ensure this goal is met?A. Migrate the relevant emails into an "Archived" folder.B. Configure the email server to delete the relevant emails.C. Create a daily encrypted backup of the relevant emails.D. Implement automatic disk compression on email servers.Answer: C

NEW QUESTION: 90A security administrator has found a hash in the environment known to belong to malware.The administrator then finds this file to be in in the preupdate area of the OS, which indicates itwas pushed from the central patch system.File: winx86_adobe_flash_upgrade.exeHash: 99ac28bede43ab869b853ba62c4ea243The administrator pulls a report from the patch management system with the following output:

Given the above outputs, which of the following MOST likely happened?A. The file was infected when the patch manager downloaded it.B. The file was embedded with a logic bomb to evade detection.C. The file was corrupted after it left the patch system.D. The file was not approved in the application whitelist system.Answer: B

NEW QUESTION: 91Malicious traffic from an internal network has been detected on an unauthorized port on anapplication server.

Which of the following network-based security controls should the engineer considerimplementing?A. NATB. HIPSC. MAC filteringD. ACLsAnswer: D

Valid SY0-501 Dumps shared by PrepAwayExam.com for Helping Passing SY0-501 Exam!PrepAwayExam.com now offer the newest SY0-501 exam dumps, the PrepAwayExam.comSY0-501 exam questions have been updated and answers have been corrected get thenewest PrepAwayExam.com SY0-501 dumps with Test Engine here:https://www.prepawayexam.com/CompTIA/braindumps.SY0-501.ete.file.html (375 Q&As

Dumps, 40%OFF Special Discount: freecram)

NEW QUESTION: 92Before an infection was detected, several of the infected devices attempted to access a URL thatwas similar to the company name but with two letters transported. Which of the following BESTdescribes the attack vector used to infect the devices?A. DNS poisoningB. URL hijackingC. Typo squattingD. Cross-site scriptingAnswer: C

NEW QUESTION: 93A security engineer is configuring a wireless network that must support mutual authentication ofthe wireless client and the authentication server before users provide credentials. The wirelessnetwork must also support authentication with usernames and passwords. Which of the followingauthentication protocols MUST the security engineer select?A. EAP-TLSB. EAP-FASTC. PEAPD. EAPAnswer: C

NEW QUESTION: 94Which of the following attack types BEST describes a client-side attack that is used to manipulatean HTML iframe with JavaScript code via a web browser?

A. XSSB. Buffer overflowC. SQLiD. MITMAnswer: A

NEW QUESTION: 95A database backup schedule consists of weekly full backups performed on Saturday at12:00 a.m. and daily differential backups also performed at 12:00 a.m. If the database is restoredon Tuesday afternoon, which of the following is the number of individual backups that would needto be applied to complete the database recovery?A. 2B. 4C. 3D. 1Answer: A

NEW QUESTION: 96Which of the following would MOST likely appear in an uncredentialed vulnerability scan?A. Auditing parametersB. Inactive local accountsC. Self-signed certificatesD. Missing patchesAnswer: B

NEW QUESTION: 97When connected to a secure WAP, which of the following encryption technologies is MOST likelyto be configured when connecting to WPA2-PSK?A.WEPB. MD5C. AESD. DESAnswer: C

NEW QUESTION: 98A network administrator at a small office wants to simplify the configuration of mobile clientsconnecting to an encrypted wireless network. Which of the following should be implemented inthe administrator does not want to provide the wireless password or he certificate to theemployees?A.WPA2-PSKB. TKIP

C.WPSD. 802.1xAnswer: C

NEW QUESTION: 99A company wants to host a publicity available server that performs the following functions:Evaluates MX record lookupCan perform authenticated requests for A and AAA recordsUses RRSIGWhich of the following should the company use to fulfill the above requirements?A. nslookupB. SFTPC. digD. DNSSECE. LDAPSAnswer: E

NEW QUESTION: 100HOTSPOTSelect the appropriate attack from each drop down list to label the corresponding illustratedattack.Instructions: Attacks may only be used once, and will disappear from drop down list if selected.When you have completed the simulation, please select the Done button to submit.Answer:

Valid SY0-501 Dumps shared by PrepAwayExam.com for Helping Passing SY0-501 Exam!PrepAwayExam.com now offer the newest SY0-501 exam dumps, the PrepAwayExam.comSY0-501 exam questions have been updated and answers have been corrected get thenewest PrepAwayExam.com SY0-501 dumps with Test Engine here:https://www.prepawayexam.com/CompTIA/braindumps.SY0-501.ete.file.html (375 Q&As

Dumps, 40%OFF Special Discount: freecram)