• Home
  • Articles
  • SYO-501 Free Exam Study Guide! (Updated 715 Questions) [Q390-Q410]

SYO-501 Free Exam Study Guide! (Updated 715 Questions) [Q390-Q410]

Share

SYO-501 Free Exam Study Guide! (Updated 715 Questions)

SYO-501 Dumps for Security+ Certified Exam Questions & Answer

NEW QUESTION 390
When trying to log onto a company's new ticketing system, some employees receive the following message: Access denied: too many concurrent sessions. The ticketing system was recently installed on a small VM with only the recommended hardware specifications.
Which of the following is the MOST likely cause for this error message?

  • A. The VM does not have enough processing power.
  • B. The firewall is misconfigured.
  • C. The software is out of licenses.
  • D. Network resources have been exceeded.

Answer: A

 

NEW QUESTION 391
Two users need to send each other emails over unsecured channels. The system should support the principle of non-repudiation. Which of the following should be used to sign the user's certificates?

  • A. CRL
  • B. CSR
  • C. RA
  • D. CA

Answer: D

 

NEW QUESTION 392
A security administrator is creating a subnet on one of the corporate firewall interfaces to use as a DMZ which is expected to accommodate at most 14 physical hosts. Which of the following subnets would BEST meet the requirements?

  • A. 192.168.1.50 255.255.25.240
  • B. 192.168.0.16/28
  • C. 192.168.0.16 255.25.255.248
  • D. 192.168.2.32/27

Answer: B

 

NEW QUESTION 393
A security analyst is performing a quantitative risk analysis. The risk analysis should show the potential
monetary loss each time a threat or event occurs. Given this requirement, which of the following concepts
would assist the analyst in determining this value? (Select two.)

  • A. ARO
  • B. ALE
  • C. AV
  • D. ROI
  • E. EF

Answer: C,E

 

NEW QUESTION 394
A security administrator wants to implement strong security on the company smart phones and terminal servers located in the data center. Drag and drop the applicable controls to each asset types?
Instructions: Controls can be used multiple times and not all placeholders need to be filled. When you have completed the simulation, please select the Done button to submit.

Answer:

Explanation:

 

NEW QUESTION 395
A company needs to implement a system that only lets a visitor use the company's network infrastructure if the visitor accepts the AUP. Which of the following should the company use?

  • A. Captive portal
  • B. RADIUS
  • C. Password authentication protocol
  • D. WiFi-protected setup

Answer: A

 

NEW QUESTION 396
Which of the following is the summary of loss for a given year?

  • A. ARO
  • B. MTBF
  • C. ALE
  • D. SLA

Answer: C

Explanation:
Explanation

 

NEW QUESTION 397
Which of the following is commonly used for federated identity management across multiple organizations?

  • A. Active Directory
  • B. SAML
  • C. Kerberos
  • D. LDAP

Answer: B

 

NEW QUESTION 398
A junior systems administrator noticed that one of two hard drives in a server room had a red error notification.
The administrator removed the hard drive to replace it but was unaware that the server was configured in an array. Which of the following configurations would ensure no data is lost?

  • A. RAID 0
  • B. RAID 1
  • C. RAID 3
  • D. RAID 2

Answer: B

 

NEW QUESTION 399
A corporation wants to allow users who work for its affiliate companies to sign on to each other's wireless network with their own company's credentials. Which of the following architectures would support this requirement?

  • A. Open authentication
  • B. Certificate chaining
  • C. Key escrow
  • D. RADIUS federation

Answer: A

 

NEW QUESTION 400
During a risk assessment, results show that a fire in one of the company's datacenters could cost up to S20 million in equipment damages and lost revenue. As a result, the company insures the datacenter for up to S20 million in damages for the cost of 530,000 a year. Which of the following risk response techniques has the company chosen?

  • A. Transference
  • B. Avoidance
  • C. Acceptance
  • D. Mitigation

Answer: A

 

NEW QUESTION 401
Which of the following is used to validate the integrity of data?

  • A. Blowfish
  • B. MD5
  • C. CBC
  • D. RSA

Answer: B

 

NEW QUESTION 402
A company wants to host a publicly available server that performs the following functions:
Evaluates MX record lookup

Can perform authenticated requests for A and AAA records Uses RRSIG

Which of the following should the company use to fulfill the above

requirements?
Which of the following should the company use to fulfill the above requirements?

  • A. nslookup
  • B. SFTP
  • C. dig
  • D. DNSSEC

Answer: D

Explanation:
Explanation/Reference:
Explanation:
DNS Security Extensions (DNSSEC) provides, among other things, cryptographic authenticity of responses using Resource Record Signatures (RRSIG) and authenticated denial of existence using Next- Secure (NSEC) and Hashed-NSEC records (NSEC3).

 

NEW QUESTION 403
A security administrator needs to address the following audit recommendations for a public-facing SFTP server:
Users should be restricted to upload and download files to their own home directories only.
Users should not be allowed to use interactive shell login.
Which of the following configuration parameters should be implemented? (Select TWO).

  • A. IgnoreRhosts
  • B. PermitTunnel
  • C. AllowTcpForwarding
  • D. ChrootDirectory
  • E. PermitTTY

Answer: D,E

 

NEW QUESTION 404
Drag and drop the correct protocol to its default port.

Answer:

Explanation:

Explanation:
FTP uses TCP port 21. Telnet uses port 23.
SSH uses TCP port 22.
All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22. Secure Copy Protocol (SCP) is a secure file-transfer facility based on SSH and Remote Copy Protocol (RCP).
Secure FTP (SFTP) is a secured alternative to standard File Transfer Protocol (FTP). SMTP uses TCP port 25.
Port 69 is used by TFTP.
SNMP makes use of UDP ports 161 and 162. http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

 

NEW QUESTION 405
An attack has occurred against a company.
INSTRUCTIONS
You have been tasked to do the following:
Identify the type of attack that is occurring on the network by clicking on the attacker's tablet and reviewing the output. (Answer Area 1) Identify which compensating controls should be implemented on the assets, in order to reduce the effectiveness of future attacks by dragging them to the correct server. (Answer area 2) All objects will be used, but not all placeholders may be filled. Objects may only be used once.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.


Answer:

Explanation:

 

NEW QUESTION 406
A security administrator is developing training for corporate users on basic security principles for personal email accounts. Which of the following should be mentioned as the MOST secure way for password recovery?

  • A. Sending a PIN to a smartphone through text message
  • B. Use a different e-mail address to recover password
  • C. Utilizing CAPTCHA to avoid brute force attacks
  • D. Utilizing a single Qfor password recovery

Answer: A

 

NEW QUESTION 407
An application team is performing a load-balancing test for a critical application during off- hours and has requested access to the load balancer to review which servers are up without having the administrator on call. The security analyst is hesitant to give the application team full access due to other critical applications running on the load balancer.
Which of the following is the BEST solution for security analyst to process the request?

  • A. Disable other critical applications before granting the team access.
  • B. Give the application team read-only access.
  • C. Give the application team administrator access during off-hours.

Answer: C

 

NEW QUESTION 408
A company recently experienced a security incident in which its domain controllers were the target of a DoS attack. In which of the following steps should technicians connect domain controllers to the network and begin authenticating users again?

  • A. Containment
  • B. Lessons learned
  • C. Recovery
  • D. Identification
  • E. Eradication
  • F. Preparation

Answer: C

 

NEW QUESTION 409
After a user reports stow computer performance, a systems administrator detects a suspicious file, which was installed as part of a freeware software package.
The systems administrator reviews the output below:

Based on the above information, which of the following types of malware was installed on the user's computer?

  • A. Worm
  • B. Keylogger
  • C. Spyware
  • D. Bot
  • E. RAT

Answer: A

 

NEW QUESTION 410
......

Use Real SYO-501 Dumps - 100% Free SYO-501 Exam Dumps: https://www.ipassleader.com/CompTIA/SYO-501-practice-exam-dumps.html

Realistic Verified SYO-501 exam dumps Q&As - SYO-501 Free Update : https://drive.google.com/open?id=1rDtr-wlB7By-0gBVLINCL51GVl4wJIkf 

Related Articles

more
CompTIA SYO-501 Certification Practice Exam