An auditor is requiring an organization to perform real-time validation of SSL certificates. Which of the following should the organization implement?
A. OCSP
B. CRL
C. CSR
D. KDC
A pass-the-hash attack is commonly used to:
A. modify DNS records to point to a different domains.
B. modify the IP address of the targeted computer.
C. execute java script to capture user credentials.
D. laterally move across the network.
A company recently experienced a network security breach and wants to apply two-factor authentication to secure its network. Which of the following should the company use? (Select TWO)
A. User ID and password
B. Cognitive password and OTP
C. Fingerprint scanner and voice recognition
D. Smart card and PIN
E. Proximity card and CAC
An organization's Chief Information Officer (CIO) read an article that identified leading hacker trends and attacks, one of which is the alteration of URLs to IP addresses resulting in users being redirected to malicious websites. To reduce the chance of this happening in the organization, which of the following secire protocols should be implemented?
A. DNSSEC
B. IPSec
C. LDAPS
D. HTTPS
A security analyst is asked to check the configuration of the company's DNS service on the server. Which of the following command line tools should the analyst use to perform the Initial assessment?
A. nslookup/dlg
B. traced
C. ipconfig/ifconfig
D. tcpdump
Which of the following implements a stream cipher?
A. File-level encryption
B. IKEv2 exchange
C. SFTP data transfer
D. S/MIME encryption
Which of the following are disadvantages of full backups? (Select THREE)
A. They rely on other backups tor recovery
B. They require the most storage.
C. They demand the most bandwidth.
D. They have the slowest recovery time
E. They are impossible in virtual environments
F. They require on-site storage.
G. They are time-consuming to complete.
A security administrator has been conducting an account permissions review that has identified several users who belong to functional groups and groups responsible for auditing the functional groups' actions. Several recent outages have not been able to be traced to any user. Which of the following should the security administrator recommend to preserve future audit tag integrity?
A. Enforcing stricter onboarding workflow policies.
B. Applying least privilege to user group membership.
C. Following standard naming conventions for audit group users.
D. Restricting audit group membership to service accounts.
A credentialed vulnerability scan is often preferred over a non-credentialed scan because credentialed scans:
A. generates more false positives.
B. rely solely on passive measures.
C. are always non-intrusive.
D. provide more accurate data.
A network administrator is configuring a honeypot in a company's DMZ To provide a method for hackers to access the system easily, the company needs to configure a plaintext authentication method that will send only the username and password to a service in the honeypot. Which of the following protocols should the company use?
A. OAuth
B. PAP
C. RADIUS
D. Shibboleth
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.