After downloading third-party software, a user begins receiving continuous pop-up messages stating the Windows antivirus is outdated. The user is unable to access any files or programs until the subscription is renewed with Bitcoin. Which of the following types of attacks is being executed?
A. Spyware
B. Crypto-malware
C. Adware
D. Ransomware
An organization would like to set up a more robust network access system. The network administrator suggests the organization move to a certificate-based authentication setup in which a client-side certificate is used while connecting. Which of the following EAP types should be used to meet these criteria?
A. EAP-TLS
B. EAP-FAST
C. EAP-MD5
D. EAP-TTLS
Which of the following involves the use of targeted and highly crafted custom attacks against a population of users who may have access to a particular service or program?
A. Hoaxing
B. Spear phishing
C. Vishing
D. Phishing
When building a hosted datacenter, which of the following is the MOST important consideration for physical security within the datacenter?
A. Security guards
B. Cameras
C. Secure enclosures
D. Biometrics
An auditor requiring an organization to perform real-time validation of SSL certificates. Which of the following should the organization implement?
A. OCSP
B. CRL
C. CSR
D. KDC
Which of the following is a resiliency strategy that allows a system to automatically adapt to workload changes?
A. Fault tolerance
B. Redundancy
C. Elasticity
D. High availability
A penetration tester was able to connect to a company's internal network and perform scans and staged attacks for the duration of the testing period without being noticed. The SIEM did not alert the security team to the presence of the penetration tester's devices on the network. Which of the following would provide the security team with notification in a timely manner?
A. Implement rogue system detection and sensors
B. Create a trigger on the IPS and alert the security team when unsuccessful logins occur
C. Decrease the correlation threshold for alerts on the SIEM
D. Run a credentialed vulnerability scan
A developer has just finished coding a custom web application and would like to test it for bugs by automatically injecting mailformed data into it. Which of the following is the developer looking to perform?
A. Fuzzing
B. Stress testing
C. Sandboxing
D. Normalization
Which of the following is the BEST example of a reputation impact identified during a risk assessment?
A. A bad software patch taking down the production systems
B. A misconfigured firewall exposing intellectual property to the Internet
C. An attacker defacing the e-commerce portal
D. Malware collecting credentials for company bank accounts
Which of the following types of vulnerability scans typically returns more detailed and thorough insights into actual system vulnerabilities?
A. Non-credentialed
B. Intrusive
C. Credentialed
D. Non-intrusive
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.