CompTIA CompTIA Certifications SY0-501 Questions & Answers

• Question 1181:

  Which of the following differentiates ARP poisoning from a MAC spoofing attack?

  A. ARP poisoning uses unsolicited ARP replies.

  B. ARP poisoning overflows a switch's CAM table.

  C. MAC spoofing uses DHCPOFFER/DHCPACK packets.

  D. MAC spoofing can be performed across multiple routers.

  Correct Answer: A

• Question 1182:

  An organization employee resigns without giving adequate notice. The following day, it is determined that the employees is still in possession of several company-owned mobile devices. Which of the following could have reduced the risk of this occurring? (Choose two.)

  A. Proper offboarding procedures

  B. Acceptable use policies

  C. Non-disclosure agreements

  D. Exit interviews

  E. Background checks

  F. Separation of duties

  Correct Answer: AD

• Question 1183:

  Which of the following access management concepts is MOST closely associated with the use of a password or PIN??

  A. Authorization

  B. Authentication

  C. Accounting

  D. Identification

  Correct Answer: B

• Question 1184:

  A user needs to transmit confidential information to a third party. Which of the following should be used to encrypt the message?

  A. AES

  B. SHA-2

  C. SSL

  D. RSA

  Correct Answer: A

• Question 1185:

  A security analyst believes an employee's workstation has been compromised. The analyst reviews the system logs, but does not find any attempted logins. The analyst then runs the diff command, comparing the C:\Windows\System32

  directory and the installed cache directory. The analyst finds a series of files that look suspicious.

  One of the files contains the following commands:

  

  Which of the following types of malware was used?

  A. Worm

  B. Spyware

  C. Logic bomb

  D. Backdoor

  Correct Answer: D

• Question 1186:

  A company has won an important government contract. Several employees have been transferred from their existing projects to support a new contract. Some of the employees who have transferred will be working long hours and still need

  access to their project information to transition work to their replacements.

  Which of the following should be implemented to validate that the appropriate offboarding process has been followed?

  A. Separation of duties

  B. Time-of-day restrictions

  C. Permission auditing

  D. Mandatory access control

  Correct Answer: C

• Question 1187:

  Which of the following are considered to be "something you do"? (Choose two.)

  A. Iris scan

  B. Handwriting

  C. CAC card

  D. Gait

  E. PIN

  F. Fingerprint

  Correct Answer: BD

• Question 1188:

  Which of the following is used to encrypt web application data?

  A. MD5

  B. AES

  C. SHA

  D. DHA

  Correct Answer: B

• Question 1189:

  Which of the following uses tokens between the identity provider and the service provider to authenticate and authorize users to resources?

  A. RADIUS

  B. SSH

  C. OAuth

  D. MSCHAP

  Correct Answer: C

• Question 1190:

  A small organization has implemented a rogue system detection solution. Which of the following BEST explains the organization's intent?

  A. To identify weak ciphers being used on the network

  B. To identify assets on the network that are subject to resource exhaustion

  C. To identify end-of-life systems still in use on the network

  D. To identify assets that are not authorized for use on the network

  Correct Answer: D