• Home
  • Articles
  • Real CompTIA SYO-501 Exam Questions Study Guide [Q36-Q57]

Real CompTIA SYO-501 Exam Questions Study Guide [Q36-Q57]

Share

Real CompTIA SYO-501 Exam Questions Study Guide

Updated and Accurate SYO-501 Questions for passing the exam Quickly


One of the benefits of taking the CompTIA SYO-501 certification exam is that it is recognized worldwide. It is a vendor-neutral certification, which means that it is not tied to a specific technology or vendor. This allows IT professionals to apply their knowledge to different technologies and systems. CompTIA Security+ Certification Exam certification is recognized by government agencies, corporations, and educational institutions.

 

NEW QUESTION # 36
An email recipient is unable to open a message encrypted through PKI that was sent from another organization.
Which of the following does the recipient need to decrypt the message?

  • A. The recipient's public key
  • B. The sender's public key
  • C. The CA's root certificate
  • D. An updated CRL
  • E. The sender's private key
  • F. The recipient's private key

Answer: B


NEW QUESTION # 37
For each of the given items, select the appropriate authentication category from the dropdown choices.
Instructions: When you have completed the simulation, please select the Done button to submit.

Answer:

Explanation:

Explanation:
Something you are includes fingerprints, retina scans, or voice recognition.
Something you have includes smart cards, token devices, or keys.
Something you know includes a password, codes, PINs, combinations, or secret phrases. Somewhere you are including a physical location s or logical addresses, such as domain name, an IP address, or a MAC address.
Something you do includes your typing rhythm, a secret handshake, or a private knock http://en.wikipedia.org/wiki/Password_authentication_protocol#Working_cycle http://en.wikipedia.org/wiki/Smart_card#Security


NEW QUESTION # 38
Which of the following must be updated prior to conducting weekly cyber hygiene scans of a network?

  • A. Antivirus definitions
  • B. Rainbow tables
  • C. Vulnerability signatures
  • D. WIDS settings

Answer: C


NEW QUESTION # 39
Drag and Drop Question
A Security administrator wants to implement strong security on the company smart phones and terminal servers located in the data center.
Drag and Drop the applicable controls to each asset type.
Instructions: Controls can be used multiple times and not all placeholders needs to be filled.
When you have completed the simulation, Please select Done to submit.

Answer:

Explanation:

Explanation:
Cable locks are used as a hardware lock mechanism - thus best used on a Data Center Terminal Server.
Network monitors are also known as sniffers - thus best used on a Data Center Terminal Server.
Install antivirus software.
Antivirus software should be installed and definitions kept current on all hosts. Antivirus software should run on the server as well as on every workstation. In addition to active monitoring of incoming fi les, scans should be conducted regularly to catch any infections that have slipped through - thus best used on a Data Center Terminal Server.
Proximity readers are used as part of physical barriers which makes it more appropriate to use on a center's entrance to protect the terminal server.
Mentor app is an Apple application used for personal development and is best used on a mobile device such as a smart phone.
Remote wipe is an application that can be used on devices that are stolen to keep data safe. It is basically a command to a phone that will remotely clear the data on that phone. This process is known as a remote wipe, and it is intended to be used if the phone is stolen or going to another user.
Should a device be stolen, GPS (Global Positioning System) tracking can be used to identify its location and allow authorities to find it - thus best used on a smart phone.
Screen Lock is where the display should be configured to time out after a short period of inactivity and the screen locked with a password. To be able to access the system again, the user must provide the password. After a certain number of attempts, the user should not be allowed to attempt any additional logons; this is called lockout - thus best used on a smart phone.
Strong Password since passwords are always important, but even more so when you consider that the device could be stolen and in the possession of someone who has unlimited access and time to try various values - thus best use strong passwords on a smartphone as it can be stolen more easily than a terminal server in a data center.
Device Encryption - Data should be encrypted on the device so that if it does fall into the wrong hands, it cannot be accessed in a usable form without the correct passwords. It is recommended to you use Trusted Platform Module (TPM) for all mobile devices where possible.
Use pop-up blockers. Not only are pop-ups irritating, but they are also a security threat. Pop-ups (including pop-unders) represent unwanted programs running on the system, and they can jeopardize the system's well-being. This will be more effective on a mobile device rather than a terminal server.
Use host-based firewalls. A firewall is the first line of defense against attackers and malware.
Almost every current operating system includes a firewall, and most are turned on by Default- thus best used on a Data Center Terminal Server.


NEW QUESTION # 40
A security administrator in a bank is required to enforce an access control policy so no single individual is allowed to both initiate and approve financial transactions. Which of the following BEST represents the impact the administrator is deterring?

  • A. Principle of least privilege
  • B. Conflict of Merest
  • C. External intruder
  • D. Fraud

Answer: D


NEW QUESTION # 41
The help desk received a call from a user who was trying to access a set of files from the day before but received the following error message: File format not recognized. Which of the following types of malware MOST likely caused this to occur?

  • A. Ransomware
  • B. Spy ware
  • C. Polymorphic virus
  • D. Rootkit

Answer: A


NEW QUESTION # 42
A security analyst needs to be proactive in understanding the types of attacks that could potentially target the company's executives. Which of the following intelligence sources should the security analyst review?

  • A. Industry Information-sharing and collaboration groups
  • B. Vulnerability feeds
  • C. Trusted automated exchange of indicator Information
  • D. Structured threat information expression

Answer: B


NEW QUESTION # 43
A business sector is highly competitive and safeguarding trade secrets and critical information is paramount On a seasonal basis an organization employs temporary hires and contractor personnel to accomplish its mission objectives The temporary and contract personnel require access to network resources only when on the clock Which of the following account management practices are the BEST ways to manage these accounts'? (Select TWO)

  • A. Employ a password lockout policy
  • B. Employ an account expiration strategy
  • C. Employ time-of-day restrictions
  • D. Employ a random key generator strategy
  • E. Employ password complexity

Answer: B,C


NEW QUESTION # 44
An analyst is reviewing a simple program for potential security vulnerabilities before being deployed to a Windows server. Given the following code:

Which of the following vulnerabilities is present?

  • A. Buffer overflow
  • B. Integer overflow
  • C. Backdoor
  • D. Bad memory pointer

Answer: A


NEW QUESTION # 45
A security administrator receives an alert from a third-party vendor that indicates a certificate that was installed in the browser has been hijacked at the root of a small public C The security administrator knows there are at least four different browsers in use on more than a thousand computers in the domain worldwide. Which of the following solutions would be BEST for the security administrator to implement to most efficiently assist with this issue?

  • A. ACL
  • B. CRL
  • C. PKI
  • D. SSL

Answer: B


NEW QUESTION # 46
Confidential corporate data was recently stolen by an attacker who exploited data transport protections. Which of the following vulnerabilities is the MOST likely cause of this data breach?

  • A. Race condition on the packet inspection firewall
  • B. Weak SSL cipher strength
  • C. Resource exhaustion on the VPN concentrators
  • D. Improper input handling on the FTP site

Answer: D


NEW QUESTION # 47
Which of the following involves the use of targeted and highly crafted custom attacks against a population of users who may have access to a particular service or program?

  • A. Spear phishing
  • B. Hoaxing
  • C. Phishing
  • D. Vishing

Answer: A


NEW QUESTION # 48
A computer forensics team is performing an integrity check on key systems files. The team is comparing the signatures of original baseline files with the latest signatures. The original baseline was taken on March 2, 2016. and was established to be clean of malware and uncorrupted. The latest tile signatures were generated yesterday. One file is known to be corrupted, but when the team compares the signatures of the original and latest flies, the team sees the
Following:
Original: 2d da b1 4a fc f1 98 06 b1 e5 26 b2 df e5 5b 3e cb 83 e1
Latest: 2d da b1 4a 98 fc f1 98 bl e5 26 b2 df e5 5b 3e cb 83 e1
Which of the following is MOST likely the situation?

  • A. The forensics team must have reverted the system to the original date. Which resulted in an identical hash calculation?
  • B. The signature comparison is using two different algorithms that happen to have generated the same values.
  • C. The algorithm used to calculate the hash has a collision weakness, and an attacker has exploited it.
  • D. The original baseline was compromised, so the corrupted file was always on the system.

Answer: C


NEW QUESTION # 49
A law office has been leasing dark fiber from a local telecommunications company to connect a remote office to company headquarters. The telecommunications company has decided to discontinue its dark fiber product and is offering an MPLS connection, which the law office feels is too expensive. Which of the following is the BEST solution for the law office?

  • A. Site-to-site VPN
  • B. VLAN
  • C. Remote access VPN
  • D. VPN concentrator

Answer: A


NEW QUESTION # 50
Which of the following is an asymmetric function that generates a new and separate key every time it runs?

  • A. PBKDF2
  • B. DHE
  • C. HMAC
  • D. DSA
  • E. RSA

Answer: B


NEW QUESTION # 51
A security administrator has been tasked with implementing controls that meet management goals. Drag and drop the appropriate control used to accomplish the account management goal. Options may be used once or not at all.

Answer:

Explanation:


NEW QUESTION # 52
An attacker wearing a building maintenance uniform approached a company's receptionist asking for
access to a secure area. The receptionist asks for identification, a building access badge and checks the
company's list approved maintenance personnel prior to granting physical access to the secure are.
The controls used by the receptionist are in place to prevent which of the following types of attacks?

  • A. Tailgating
  • B. Shoulder surfing
  • C. Impersonation
  • D. Hoax

Answer: C


NEW QUESTION # 53
The Chief Financial Officer (CFO) of an insurance company received an email from Ann, the company's Chief Executive Officer (CEO), requesting a transfer of $10,000 to an account. The email states Ann is on vacation and has lost her purse, containing cash and credit cards. Which of the following social-engineering techniques is the attacker using?

  • A. Whaling
  • B. Typo squatting
  • C. Pharming
    Whaling attack
  • D. Phishing

Answer: A

Explanation:
A whaling attack is a method used by cybercriminals to masquerade as a senior player at an organization and directly target senior or other important individuals at an organization, with the aim of stealing money or sensitive information or gaining access to their computer systems for criminal purposes.
A whaling attack is essentially a spear-phishing attack but the targets are bigger - hence whale phishing. Where spear-phishing attacks may target any individual, whaling attacks are more specific in what type of person they target: focusing on one specific high level executive or influencer vs a broader group of potential victims.
Cybercriminals use whaling attacks to impersonate senior management in an organization, such as the CEO, CFO, or other executives, hoping to leverage their authority to gain access to sensitive data or money. They use the intelligence they find on the internet (and often social media) to trick employees - or another whale - into replying with financial or personal data.


NEW QUESTION # 54
A security engineer wants to implement a site-to-site VPN that will require SSL certificates for mutual authentication. Which of the following should the engineer implement if the design requires client MAC addresses to be visible across the tunnel?

  • A. Transport mode VPN IPSec
  • B. Tunnel mode IPSec
  • C. SSL VPN
  • D. L2TP

Answer: B


NEW QUESTION # 55
A company is deploying smartphones for its mobile salesforce. These devices are for personal and
business use but are owned by the company. Sales personnel will save new customer data via a custom
application developed for the company. This application will integrate with the contact information stored in
the smartphones and will populate new customer records onto it.
The customer application's data is encrypted at rest, and the application's connection to the back office
system is considered secure. The Chief Information Security Officer (CISO) has concerns that customer
contact information may be accidentally leaked due to the limited security capabilities of the devices and
the planned controls.
Which of the following will be the MOST efficient security control to implement to lower this risk?

  • A. Require complex passwords for authentication when accessing the contact information.
  • B. Implement a mobile data loss agent on the devices to prevent any user manipulation with the contact
    information.
  • C. Restrict screen capture features on the devices when using the custom application and the contact
    information.
  • D. Restrict contact information storage dataflow so it is only shared with the customer application.

Answer: D


NEW QUESTION # 56
Joe, a user at a company, clicked an email link that led to a website that infected his workstation. Joe was connected to the network, and the virus spread to the network shares. The protective measures failed to stop this virus, and it has continued to evade detection. Which of the following should a security administrator implement to protect the environment from this malware?

  • A. Implement a heuristic behavior-detection solution.
  • B. Implement CASB to protect the network shares.
  • C. Implement an IDS/IPS.
  • D. Install a definition-based antivirus.

Answer: C


NEW QUESTION # 57
......

Prepare Important Exam with SYO-501 Exam Dumps: https://examsdocs.lead2passed.com/CompTIA/SYO-501-practice-exam-dumps.html

Related Articles

more
CompTIA SYO-501 Certification Practice Exam