The exploitation of a buffer-overrun vulnerability in an application will MOST likely lead to:
A. arbitrary code execution.The Chief Executive Officer (CEO) of an organization would like staff members to have the flexibility to work from home anytime during business hours, including during a pandemic or crisis. However, the CEO is concerned that some staff members may take advantage of the flexibility and work from high-risk countries while on holiday or outsource work to a third-party organization in another country. The Chief Information Officer (CIO) believes the company can implement some basic controls to mitigate the majority of the risk. Which of the following would be BEST to mitigate the CEO's concerns? (Choose two.)
A. GeolocationA security analyst wants to harden the company's VoIP PBX. The analyst is worried that credentials may be intercepted and compromised when IP phones authenticate with the BPX. Which of the following would best prevent this from occurring?
A. Implement SRTP between the phones and the PBX.An organization has hired a penetration tester to test the security of its ten web servers. The penetration tester is able to gain root/administrative access in several servers by exploiting vulnerabilities associated with the implementation of SMTP, POP, DNS, FTP, Telnet, and IMAP. Which of the following recommendations should the penetration tester provide to the organization to better protect their web servers in the future?
A. Use a honeypotAn organization has hired a security analyst to perform a penetration test. The analyst captures 1GB worth of inbound network traffic to the server and transfers the pcap back to the machine for analysis. Which of the following tools should the analyst use to future review the pcap?
A. NmapA technician wants to add wireless guest capabilities to an enterprise wireless network that is currently implementing 802.1X EAP-TLS The guest network must
Support client Isolation.
Issue a unique encryption key to each client.
Allow guests to register using their personal email addresses
Which of the following should the technician implement? (Select TWO),
A. RADIUS FederationA security administrator has configured a RADIUS and a TACACS+ server on the company's network. Network devices will be required to connect to the TACACS+ server for authentication and send accounting information to the RADIUS server. Given the following information: RADIUS IP: 192.168.20.45 TACACS+ IP: 10.23.65.7 Which of the following should be configured on the network clients? (Select two.)
A. Accounting port: TCP 389A technician must configure a firewall to block external DNS traffic from entering a network. Which of the following ports should they block on the firewall?
A. 53Users in a corporation currently authenticate with a username and password. A security administrator wishes to implement two-factor authentication to improve security. Which of the following authentication methods should be deployed to achieve this goal?
A. PINWhich of the following implements a lossy algorithm?
A. BlowfishNowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.