Use Real SY0-501 - 100% Cover Real Exam Questions [Jan-2022]
Dumps Brief Outline Of The SY0-501 Exam - Prep4SureReview
Who Does It Target?
The main target audience for this test is those individuals who have the skills and knowledge required to configure and install systems to protect applications, devices, or networks. They should have the CompTIA Network+ certification and at least 2 years of experience in IT administration.
Threats, attacks, and vulnerabilities
This objective is built around the following skills:
- Understanding the concepts of penetration testing;
- Comparing and contrasting types of security attacks;
- Explaining the types of threat actors and their features;
- Analyzing the indicators of a compromised system and determining the type of malware;
- Dealing with the effects associated with different types of vulnerabilities.
- Covering the concepts of vulnerability scanning;
NEW QUESTION 19
A security analyst is asked to check the configuration of the company's DNS service on the server. Which of the following command line tools should the analyst use to perform the Initial assessment?
- A. tcpdump
- B. tracert
- C. ipconfig/ifconfig
- D. nslookup/dlg
Answer: B
NEW QUESTION 20
Drag and drop the correct protocol to its default port.
Answer:
Explanation:
Explanation:
FTP uses TCP port 21. Telnet uses port 23.
SSH uses TCP port 22.
All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22. Secure Copy Protocol (SCP) is a secure file-transfer facility based on SSH and Remote Copy Protocol (RCP).
Secure FTP (SFTP) is a secured alternative to standard File Transfer Protocol (FTP). SMTP uses TCP port 25.
Port 69 is used by TFTP.
SNMP makes use of UDP ports 161 and 162.
http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
NEW QUESTION 21
A security analyst is assessing a small company's internal servers against recommended security practices.
Which of the following should the analyst do to conduct the assessment? (Select TWO).
- A. Confirm adherence to the company's industry-specific regulations.
- B. Verify alignment with policy related to regulatory compliance
- C. Compare configurations against platform benchmarks,
- D. Run an exploitation framework to confirm vulnerabilities
- E. Review the company's current security baseline,
Answer: D,E
NEW QUESTION 22
An in-house penetration tester is using a packet capture device to listen in on network communications. This is an example of:
- A. Escalation of privileges
- B. Persistence
- C. Exploiting the switch
- D. Passive reconnaissance
Answer: C
NEW QUESTION 23
A forensic analyst is asked to respond to an ongoing network attack on a server. Place the items in the list below in the correct order in which the forensic analyst should preserve them.
Answer:
Explanation:
Explanation:
When dealing with multiple issues, address them in order of volatility (OOV); always deal with the most volatile first. Volatility can be thought of as the amount of time that you have to collect certain data before a window of opportunity is gone. Naturally, in an investigation you want to collect everything, but some data will exist longer than others, and you cannot possibly collect all of it once. As an example, the OOV in an investigation may be RAM, hard drive data, CDs/DVDs, and printouts.
Order of volatility: Capture system images as a snapshot of what exists, look at network traffic and logs, capture any relevant video/screenshots/hashes, record time offset on the systems, talk to witnesses, and track total man-hours and expenses associated with the investigation.
NEW QUESTION 24
A company has three divisions, each with its own networks and services. The company decides to make its secure web portal accessible to all employees utilizing their existing usernames and passwords, The security administrator has elected to use SAML to support authentication.
In this scenario, which of the following will occur when users try to authenticate to the portal?
(Select TWO)
- A. The back-end networks will verify the assertion token issued by the portal functioning as the identity provider
- B. The back-end networks will request authentication tickets from the portal, which will act as the third-party service provider authentication store
- C. The portal will request an authentication ticket from each network that is transitively trusted
- D. The back-end networks will function as an identity provider and issue an authentication assertion
- E. The portal will function as an identity provider and issue an authentication assertion
Answer: C,D
NEW QUESTION 25
A security auditor is putting together a report for the Chief Executive Officer (CEO) on personnel security
and its impact on the security posture of the whole organization. Which of the following would be the
MOST important factor to consider when it comes to personnel security?
- A. Insider threats
- B. Phishing through social media
- C. Corporate espionage
- D. Privilege escalation
- E. Hacktivist
Answer: A
NEW QUESTION 26
A user from the financial aid office is having trouble interacting with the finaid directory on the university's ERP system. The systems administrator who took the call ran a command and received the following output:
Subsequently, the systems administrator has also confirmed the user is a member of the finaid group on the ERP system.
Which of the following is the MOST likely reason for the issue?
- A. The finaid directory is not formatted correctly
- B. The files on the finaid directory have become corrupted.
- C. The problem is local to the user, and the user should reboot the machine.
- D. The permissions on the finaid directory should be drwxrwxrwx.
Answer: A
NEW QUESTION 27
During a risk assessment, results show that a fire in one of the company's datacenters could cost up to $20 million in equipment damages and lost revenue. As a result, the company insures the datacenter for up to $20 million damages for the cost of $30,000 a year. Which of the following risk response techniques has the company chosen?
- A. Acceptance
- B. Avoidance
- C. Transference
- D. Mitigation
Answer: C
NEW QUESTION 28
A systems administrator wants to generate a self-signed certificate for an internal website. Which of the following steps should the systems administrator complete prior to installing the certificate on the server?
- A. Provide the private key to a public CA.
- B. Provide the public key to a public CA.
- C. Provide the public/private key pair to the internal CA
- D. Provide the private key to the internal CA.
- E. Provide the public key to the internal CA.
- F. Provide the public/private key pair to a public CA.
Answer: D
NEW QUESTION 29
When viewing IPS logs the administrator see systems all over the world scanning the network for servers with port 22 open. The administrator concludes that this traffic is a(N):
- A. Threat
- B. Vulnerability
- C. Risk
- D. Exploit
Answer: A
NEW QUESTION 30
Which of the following are the MOST likely vectors for the unauthorized or unintentional inclusion of vulnerable code in a software company's final software releases? (Select TWO)
- A. Use of penetration-testing utilities
- B. Weak passwords
- C. Outdated anti-malware software
- D. Vendors/supply chain
- E. Unsecure protocols
- F. included third-party libraries
Answer: B,E
NEW QUESTION 31
While reviewing the security controls in place for a web-based application, a security controls assessor notices that there are no password strength requirements in place. Because of this vulnerability, passwords might be easily discovered using a brute force attack. Which of the following password requirements will MOST effectively improve the security posture of the application against these attacks? (Select two)
- A. Minimum length
- B. Minimum complexity
- C. Maximum length
- D. Minimum age limit
- E. Minimum re-use limit
- F. Maximum age limit
Answer: A,B
NEW QUESTION 32
An attack has occurred against a company.
INSTRUCTIONS
You have been tasked to do the following:
Identify the type of attack that is occurring on the network by clicking on the attacker's tablet and reviewing the output. (Answer Area 1) Identify which compensating controls should be implemented on the assets, in order to reduce the effectiveness of future attacks by dragging them to the correct server. (Answer area 2) All objects will be used, but not all placeholders may be filled. Objects may only be used once.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.


Answer:
Explanation:
NEW QUESTION 33
A company has users and porters in multiple geographic locations and the printers are locked in common areas of the offices To preserve the confidentially of PII, a security administrator needs to implement the appropriate controls Which of the following would BEST meet the confidentiality requirements of the data?
- A. Conducting regular account maintenance at each location
- B. Adding location to the standard naming convention
- C. implementing time-of-day restrictions based on location
- D. Enforcing location-based policy restrictions
Answer: D
NEW QUESTION 34
An attacker wearing a building maintenance uniform approached a company's receptionist asking for access to a secure area. The receptionist asks for identification, a building access badge and checks the company's list approved maintenance personnel prior to granting physical access to the secure are.
The controls used by the receptionist are in place to prevent which of the following types of attacks?
- A. Hoax
- B. Impersonation
- C. Tailgating
- D. Shoulder surfing
Answer: B
NEW QUESTION 35
After disabling SSID broadcast, a network administrator still sees the wireless network listed in available networks on a client laptop. Which of the following attacks may be occurring?
- A. TKIP compromise
- B. Disassociation flooding
- C. Evil Twin
- D. ARP spoofing
- E. Rogue access point
Answer: C
NEW QUESTION 36
A security administrator has been tasked with implementing controls that meet management goals. Drag and drop the appropriate control used to accomplish the account management goal. Options may be used once or not at all.
Answer:
Explanation:
Explanation
NEW QUESTION 37
Which of the following implements a stream cipher?
- A. S/MIME encryption
- B. IKEv2 exchange
- C. File-level encryption
- D. SFTP data transfer
Answer: D
NEW QUESTION 38
Malicious traffic from an internal network has been detected on an unauthorized port on an application server.
Which of the following network-based security controls should the engineer consider implementing?
- A. MAC filtering
- B. ACLs
- C. HIPS
- D. NAT
Answer: B
NEW QUESTION 39
You have been tasked with designing a security plan for your company. Drag and drop the appropriate security controls on the floor plan.
Instructions: All objects must be used and all place holders must be filled. Order does not matter. When you have completed the simulation, please select the Done button to submit.
Answer:
Explanation:
Explanation:
Cable locks - Adding a cable lock between a laptop and a desk prevents someone from picking it up and walking away Proximity badge + reader Safe is a hardware/physical security measure Mantrap can be used to control access to sensitive areas. CCTV can be used as video surveillance.
Biometric reader can be used to control and prevent unauthorized access. Locking cabinets can be used to protect backup media, documentation and other physical artefacts.
NEW QUESTION 40
......
Architecture as well as Design
This objective will determine if you understand the role of IT frameworks, secure configuration guides, and best practices. Besides, it will also emphasize the skills listed below:
- The pros of using automation and resiliency methods;
- Utilizing reliable systems design;
- The implementation of reliable concepts of network architecture;
- The significance of secure concepts of staging deployment;
- Summary of the cloud and virtualization techniques;
- Significance of physical security controls;
- Security implications associated with embedded systems.
Certification Training for SY0-501 Exam Dumps Test Engine: https://www.prep4surereview.com/SY0-501-latest-braindumps.html
SY0-501 Training & Certification Get Latest Security+ : https://drive.google.com/open?id=1UBT4YhTluIUAbfke9ylSR8AXojqLIdii
