An organization is setting up a satellite office and wishes to extend the corporate network to the new site. Which of the following is the BEST solution to allow the users to access corporate resources while focusing on usability and security?
A. Federated services
B. Single sign-on
C. Site-to-site VPN
D. SSL accelerators
A NIPS administrator needs to install a new signature to observe the behavior of a worm that may be spreading over SMB. Which of the following signatures should be installed on the NIPS?
A. PERMIT from ANY:ANY to ANY:445 regex `.*SMB.*'
B. DROP from ANY:445 to ANY:445 regex `.*SMB.*'
C. DENY from ANY:ANY to ANY:445 regex `.*SMB.*'
D. RESET from ANY:ANY to ANY:445 regex `.*SMB.*'
An engineer is configuring a wireless network using PEAP for the authentication protocol. Which of the following is required?
A. 802.11n support on the WAP
B. X.509 certificate on the server
C. CCMP support on the network switch
D. TLS 1.0 support on the client
Employees receive a benefits enrollment email from the company's human resources department at the beginning of each year. Several users have reported receiving the email but are unable to log in to the website with their usernames and passwords. Users who enter the URL for the human resources website can log in without issue. Which of the following security issues is occurring?
A. Several users' computers were not configured to use HTTPS to access the website
B. The human resources servers received a large number of requests, resulting in a DoS
C. The internal DNS server was compromised, directing users to a hacker's server
D. Users received a social engineering email and were directed to an external website
Penetration testing is distinct from vulnerability scanning primarily because penetration testing:
A. leverages credentialed scanning to obtain persistence
B. involves multiple active exploitation techniques
C. relies exclusively on passive exploitation attempts for pivoting
D. relies on misconfiguration of security controls
Which of the following systems, if compromised, may cause great danger to the integrity of water supplies and their chemical levels?
A. UAV
B. SCADA
C. HVAC
D. MFD
An organization has the following written policies:
1.
Users must request approval for non-standard software installation.
2.
Administrators will perform all software installations.
3.
Software must be installed from a trusted repository.
A recent security audit identified crypto-currency software installed on one user's machine. There are no indications of compromise on this machine. Which of the following is the MOST likely cause of this policy violation and the BEST remediation to prevent a reoccurrence?
A. The user's machine was infected with malware; implement the organization's incident response
B. The user installed the software on the machine; implement technical controls to enforce the written policies
C. The crypto-currency software was misidentified and is authorized; add the software to the organization's approved list
D. Administrators downloaded the software from an untrusted repository; add a policy that requires integrity checking for all software.
An organization requires three separate factors for authentication to sensitive systems. Which of the following would BEST satisfy the requirement?
A. Fingerprint, PIN, and mother's maiden name
B. One-time password sent to a smartphone, thumbprint, and home street address
C. Fingerprint, voice recognition, and password
D. Password, one-time password sent to a smartphone, and text message sent to a smartphone
A security analyst has been asked to implement secure protocols to prevent cleartext credentials from being transmitted over the internal network. Which of the following protocols is the security analyst MOST likely to implement? (Choose two.)
A. SNMPv3
B. S/MIME
C. DNSSEC
D. SSH
E. SFTP
Buffer overflow can be avoided using proper:
A. memory leak prevention
B. memory reuse
C. input validation
D. implementation of ASLR
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.