A technician is configuring an intrusion prevention system to improve its ability to find and stop threats In the past, the system did not detect and stop some threats. Which of the following BEST describes what the technician is trying to correct with the new configuration?
A. False positives
B. False acceptance rate
C. False negatives
D. Error correction rate
E. False rejection rate
A security engineer is concerned about susceptibility to HTTP downgrade attacks because the current customer portal redirects users from port 80 to the secure site on port 443. Which of the following would be MOST appropriate to mitigate the attack?
A. DNSSEC
B. HSTS
C. Certificate pinning
D. OCSP
A restaurant wants to deploy tablets to all waitstaff but does not want to use passwords or manage users to connect the tablets to the network. Which of the following types of authentication would be BEST suited for this scenario?
A. Proximity cards
B. IEEE 802.1x
C. Hardware token
D. Fingerprint reader
Some call center representatives `workstations were recently updated by a contractor, who was able to collect customer information from the call center workstations. Which of the following types of malware was installed on the call center users' systems?
A. Adware
B. Logic bomb
C. Trojan
D. Spyware
A security engineer needs to obtain a recurring log of changes to system les. The engineer is most concerned with detecting unauthorized changes to system data. Which of the following tools can be used to fulll the requirements that were established by the engineer?
A. TPM
B. Trusted operating system
C. File integrity monitor
D. UEFI
E. FDE
Which of the following models is considered an iterative approach with frequent testing?
A. Agile
B. Waterfall
C. DevOps
D. Sandboxing
A systems administrator wants to enforce me use of HTTPS on a new website. Which of the following should the systems administrator do NEXT after generating the CSR?
A. Install the certificate on the server
B. Provide the public key to the CA
C. Password protect the public key
D. Ensure the new key is not on the CRL
A user attempts to send an email to an external domain and quickly receives a bounce- back message. The user then contacts the help desk stating the message is important and needs to be delivered immediately. While digging through the email logs, a systems administrator finds the email and bounce-back details:
Your email has been rejected because It appears to contain SSN Information. Sending SSN information via email external recipients violates company policy.
Which of the following technologies successfully stopped the email from being sent?
A. DLP
B. UTM
C. WAF
D. DEP
Which of the following is MOST likely the security impact of continuing to operate end-of- life systems?
A. Higher total cost of ownership due to support costs
B. Denial of service due to patch availability
C. Lack of vendor support for decommissioning
D. Support for legacy protocols
An organization discovers that unauthorized applications have been installed on company- provided mobile phones. The organization issues these devices, but some users have managed to bypass the security controls. Which of the following Is the MOST likely issue, and how can the organization BEST prevent this from happening?
A. The mobile phones are being infected Willi malware that covertly installs the applications. Implement full disk encryption and integrity-checking software.
B. Some advanced users are jailbreaking the OS and bypassing the controls. Implement an MDM solution to control access to company resources.
C. The mobile phones have been compromised by an APT and can no longer be trusted. Scan the devices for the unauthorized software, recall any compromised devices, and issue completely new ones.
D. Some advanced users are upgrading the devices' OS and installing the applications. The organization should create an AUP that prohibits this activity.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.