New CompTIA SY0-501 Q&A  

  RSS

New Member
Joined:4 months  ago
Posts: 3
31/07/2018 11:06 am  

1. Which of the following is an asymmetric function that generates a new and separate key every time it runs?

A. RSA
B. DSA
C. DHE
D. HMAC
E. PBKDF2

Correct Answer: C

2. Which of the following access management concepts is associated with the file permissions?

A. Authentication
B. Accounting
C. Authorization
D. Identification

Correct Answer: C

3. While working with a small, local farm to improve its security practices, a security consultant notices attempted logons to the farm’s email server from a foreign country. The consultant can help block these attempts by implementing:

A. firewall ACLs.
B. port security.
C. an IDS.
D. A reverse proxy.

Correct Answer: D

4. An organization’s Chief Information Officer (CIO) recently received an email from human resources that contained sensitive information. The CIO noticed the email was sent via unsecure means. A policy has since been put into place stating all emails must be transmitted using secure technologies. Which of the following should be implemented to address the new policy?

A. HTTPS
B. SMTP
C. TLS
D. SFTP

Correct Answer: C

5. A technician wants to perform network enumeration against a subnet in preparation for an upcoming assessment. During the first phase, the technician performs a ping sweep. Which of the following scan types did the technicians use?

A. Non-intrusive
B. Intrusive
C. Credentialed
D. Passive

Correct Answer: C

6. A security analyst is checking the bash command history on a Linux host that was involved in a data breach. The data breach stemmed from the Linux host running a senses of commands against a web server on the internal network, which exploited a vulnerability in an unpatched, outdated Apache module. Given this scenario, which of the following commands might the analyst find in the bash command history for banner grabbing? (Select TWO).

A. Arp
B. tracert
C. nmap
D. telnet
E. nslookup
F. grep

Correct Answer: C & D

7. A security analyst finished drafting an official response to a security assessment report, which must be sent to the head of the auditing department. The security analyst needs to assure the head of the auditing department that the response came from the security analyst, and the contents of the response must be kept confidential. Which of the following are the LAST steps the security analyst should perform prior to electronically sending the message? (Select TWO).

A. Hash the message.
B. Encrypt the message.
C. Digitally sign the message.
D. Label the email as “Confidential.”
E. Perform key exchange with the recipient.

Correct Answer: B & C

8. Which of the following would be MOST effective in reducing tailgating incidents?

A. Mantrap
B. Faraday cage
C. Motion detection
D. Bollards

Correct Answer: A

9. A retail store recently deployed tablets for sales employees to use while assisting customers. Two of the tablets have already been lost or stolen. Which of the following would be the BEST way for the store to secure the tablets against future loss or theft?

A. Cable locks
B. Screen filters
C. Geocaching
D. Remote wipe

Correct Answer: A

10. Which of the following security controls provides an alternative solution to a control that would be considered unpractical or excessively expensive?

A. Deterrent
B. Compensating
C. Technical
D. Administrative

Correct Answer: D

Until next time, I will post a new lab 

Cheer,

Kid Prodigy

 


ReplyQuote
New Member
Joined:4 months  ago
Posts: 3
22/08/2018 2:48 pm  

1. Ann, a security analyst, wants to implement a secure exchange of email. Which of the following is the BEST option to implement?

A. PGP
B. HTTPS
C. WPA
D. S/MIME

Correct Answer: D

2. A company is deploying a file-sharing protocol across a network and needs to select a protocol for authenticating clients. Management requests that the service be configured in the most secure way possible. The protocol must also be capable of mutual authentication, and support SSO and smart card logons. Which of the following would BEST accomplish this task?

A. Store credentials in LDAP.
B. Use NTLM authentication.
C. Implement Kerberos
D. Use MSCHAP authentication.

Correct Answer: C

3. An organization has experienced issues with authorized users being unable to authenticate to the network with their fingerprint scanners. Which of the following alternative solutions would MOST likely reduce the false rejection rate?

A. Retinal scanner
B. Smart card
C. Signing name
D. Keystroke timing

Correct Answer: A

4. A security administrator needs to configure remote access to a file share so only accountants and financial executives can establish a connection. The file share must allow the owners of the data to determine which users can read and write to the data owner’s file and folders. Which of the following access controls would be the MOST appropriate for this situation?

A. RBAC
B. MAC
C. ABAC
D. DAC

Correct Answer: D

5. A public announcement is made about a newly discovered, rapidly spreading virus. The security team immediately updates and applies all its antivirus signatures. The security manager contacts vendor support to ask why one of the system was infected. The vendor support team explains that a signature update is not available for this virus yet. Which of the following BEST describes this situation?

A. Race condition
B. Zero day
C. Lack of vendor support
D. Untrained users

Correct Answer: B


ReplyQuote
PrepAway - Latest Free Exam Questions & Answers
  
Working

Please Login or Register