A company wants to ensure users are only logging into the system from their laptops when they are on site. Which of the following would assist with this?
A. Geofencing
B. Smart cards
C. Biometrics
D. Tokens
During a penetration test, the tester performs a preliminary scan for any responsive hosts. Which of the following BEST explains why the tester is doing this?
A. To determine if the network routes are improperly forwarding request packets
B. To identify the total number of hosts and determine if the network can be victimized by a DoS attack
C. To identify servers for subsequent scans and further investigation
D. To identify the unresponsive hosts and determine if those could be used as zombies in a follow-up scan.
A network administrator is trying to provide the most resilient hard drive configuration in a server. With five hard drives which of the following is the MOST fault-tolerant configuration?
A. RAID 1
B. RAID 5
C. RAID 6
D. RAID 10
A Chief Information Security Officer (CISO) has instructed the information assurance staff to act upon a fast-spreading virus. Which of the following steps in the incident response process should be taken NEXT?
A. Identification
B. Eradication
C. Escalation
D. Containment
During an audit, the auditor requests to see a copy of the identified mission-critical applications as well as their disaster recovery plans. The company being audited has an SLA around the applications it hosts With which of the following is the auditor MOST likely concerned?
A. ARO/ALE
B. MTTR/MTBF
C. RTO/RPO
D. Risk assessment
A systems administrator is implementing a remote access method for the system that will utilize GUI. Which of the following protocols would be BEST suited for this?
A. TLS
B. SSH
C. SFTP
D. SRTP
A security administrator is developing a methodology for tracking staff access to patient dat
A. Which of the following would be the BEST method of creating audit trails for usage reports?
B. Deploy file integrity checking
C. Restrict access to the database by following the principle of least privilege
D. Implementing a database activity monitoring system
E. Created automated alerts on the IDS system for the database server
Which of the following BEST explains why a development environment should have the same database server secure baseline that exist in production even if there is no PII in the database?
A. Without the same configuration in both development and production, there are no assurance that changes made in development will have the same effect in production.
B. Attackers can extract sensitive, personal information from lower development environment databases just as easily as they can from production databases.
C. Databases are unique in their need to have secure configurations applied in all environment because they are attacked more often.
D. Laws stipulate that databases with the ability to store personal information must be secured regardless of the environment or if they actually have PIL.
A security administrator is implementing a secure method that allows developers to place files or objects onto a Linux Server. Developers are required to log in using a username, password, and asymmetirc key. Which of the following protocols should be implemented?
A. ssl/tls
B. sftp
C. srtp
D. ipsec
A security analyst is performing a manual audit of captured data from a packet analyzer. The analyst looks forbase64 encoded strings and applies the filter http.authbasic. Which of the following describes what the analysts looking for?
A. Unauthorized software
B. Unencrypted credentials
C. SSL certificate issues
D. Authentication tokens
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.