CompTIA SY0-501 Online Practice Questions and Exam Preparation

CompTIA SY0-501 Online Questions & Answers

• Question 121:

  A global gaming console manufacturer is launching a new gaming platform to its customers. Which of the following controls reduces the risk created by malicious gaming customers attempting to circumvent control by way of modifying consoles?

  A. Firmware version control
  B. Manual software upgrades
  C. Vulnerability scanning
  D. Automatic updates
  E. Network segmentation
  F. Application firewalls
  A. Firmware version control
  D. Automatic updates

• Question 122:

  A systems engineer is configuring a wireless network. The network must not require installation of third-party software. Mutual authentication of the client and the server must be used. The company has an internal PKI. Which of the following configurations should the engineer choose?

  A. EAP-TLS
  B. EAP-TTLS
  C. EAP-FAST
  D. EAP-MD5
  E. PEAP
  A. EAP-TLS

• Question 123:

  After a breach, a company has decided to implement a solution to better understand the technique used by the attackers. Which of the following is the BEST solution to be deployed?

  A. Network analyzer
  B. Protocol analyzer
  C. Honeypot network
  D. Configuration compliance scanner
  C. Honeypot network

• Question 124:

  A network administrator adds an ACL to allow only HTTPS connections form host 192.168.2.3 to web server 192.168.5.2. After applying the rule, the host is unable to access the server. The network administrator runs the output and notices the configuration below:

  

  Which of the following rules would be BEST to resolve the issue?

  

  A. Option A
  B. Option B
  C. Option C
  D. Option D
  A. Option A

• Question 125:

  Which of the following is the purpose of an industry-standard framework?

  A. To promulgate compliance requirements for sales of common IT systems
  B. To provide legal relief to participating organizations in the event of a security breach
  C. To promulgate security settings on a vendor-by-vendor basis
  D. To provide guidance across common system implementations
  D. To provide guidance across common system implementations

• Question 126:

  A security analyst is testing both Windows and Linux systems for unauthorized DNS zone transfers within a LAN on comptia.org from example.org. Which of the following commands should the security analyst use? (Select two.)

  

  A. Option A
  B. Option B
  C. Option C
  D. Option D
  E. Option E
  F. Option F
  A. Option A
  C. Option C

• Question 127:

  An employee opens a web browser and types a URL into the address bar. Instead of reaching the requested site, the browser opens a completely different site. Which of the following types of attacks have MOST likely occurred? (Choose two.)

  A. DNS hijacking
  B. Cross-site scripting
  C. Domain hijacking
  D. Man-in-the-browser
  E. Session hijacking
  A. DNS hijacking
  E. Session hijacking

• Question 128:

  Company A agrees to provide perimeter protection, power, and environmental support with measurable goals for Company B, but will not be responsible for user authentication or patching of operating systems within the perimeter. Which of the following is being described?

  A. Service level agreement
  B. Memorandum of understanding
  C. Business partner agreement
  D. Interoperability agreement
  A. Service level agreement

• Question 129:

  An organization has determined it can tolerate a maximum of three hours of downtime. Which of the following has been specified?

  A. RTO
  B. RPO
  C. MTBF
  D. MTTR
  A. RTO

• Question 130:

  A company is allowing a BYOD policy for its staff. Which of the following is a best practice that can decrease the risk of users jailbreaking mobile devices?

  A. Install a corporately monitored mobile antivirus on the devices.
  B. Prevent the installation of applications from a third-party application store.
  C. Build a custom ROM that can prevent jailbreaking.
  D. Require applications to be digitally signed.
  D. Require applications to be digitally signed.