A developer is creating a new web application on a public cloud platform and wants to ensure the application can respond to increase in load while minimizing costs during periods of low usage. Which of the following strategies is MOST relevant to the use-case?
A. Elasticity
B. Redundancy
C. High availability
D. Non-persistence
The phones at a business are being replaced with VoIP phones that get plugged in-line between the switch and PC The voice and data networks still need to be kept separate. Which of the following would allow for this?
A. NAT
B. Intranet
C. Subnetting
D. VLAN
A security administrator begins assessing a network with software that checks for available exploits against a known database using both credentials and external scripts A report will be compiled and used to confirm patching levels. This is an example of
A. penetration testing
B. fuzzing
C. static code analysis
D. vulnerability scanning
A network administrator was recently terminated. A few weeks later, the new administrator noticed unauthorized changes to several devices that are causing denial of services. Additionally, the administrator noticed an unusual connection from an external IP address to an internal server. Which of the following is the MOST likely cause of the problem?
A. Spyware
B. Virus
C. Ransomware
D. Backdoor
An organization has the following written policies:
Users must request approval for non-standard software installation Administrators will perform all software installations Software must be installed from a trusted repository
A recent security audit identified crypto-currency software installed on one user's machine. There are no indications of compromise on this machine. Which of the following is the MOST likely cause of this policy violation and the BEST remediation to prevent a reoccurrence'?
A. The user's machine was infected with malware implement the organization's incident response
B. The user installed the software on the machine implement technical controls to enforce the written policies
C. The crypto-currency software was misidentified and is authorized; add the software to the organization's approved list
D. Administrators downloaded the software from an untrusted repository; add a policy that requires integrity checking for all software
Which of the following should be implemented to stop an attacker from interacting with the hypervisor through another guest?
A. Containers
B. VM escape protection
C. Security broker
D. Virtual Desktop
A security analyst needs a solution that can execute potential malware in a restricted and isolated environment for analysis. In which of the following technologies is the analyst interested?
A. Sandboxing
B. Staging
C. DMZ
D. Honeypot
Several systems and network administrators are determining how to manage access to a facility and enable managers to allow after-hours access. Which of the following access control methods should managers use to assign after-hours access to the employees?
A. Rule-based access control
B. Discretionary access control
C. Mandatory access control
D. Role-based access control
Which of the following identity access methods creates a cookie on the rst logic to a central authority to allow logins to subsequent applications without referring credentials?
A. Multifactor authentication
B. Transitive trust
C. Federated access
D. Single sign-on
An authorized user is conducting a penetration scan of a system for an organization. The tester has a set of network diagrams. Source code, version numbers of applications. and other information about the system. Including hostnames and network addresses. Which of the following BEST describes this type of penetration test?
A. Gray-box testing
B. Black-boxtestlng
C. White-box testing
D. Blue team exercise
E. Red team exercise
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.