CompTIA SY0-501 Online Practice Questions and Exam Preparation

CompTIA SY0-501 Online Questions & Answers

• Question 1331:

  Which of the following should be used to implement voice encryption?

  A. SSLv3
  B. VDSL
  C. SRTP
  D. VoIP
  C. SRTP

• Question 1332:

  Ann. a user, reported to the service desk that many files on her computer will not open or the contents are not readable. The service desk technician asked Ann if she encountered any strange messages on boot-up or login, and Ann indicated she did not. Which of the following has MOST likely occurred on Ann's computer?

  A. The hard drive is falling, and the files are being corrupted.
  B. The computer has been infected with crypto-malware.
  C. A replay attack has occurred.
  D. A keylogger has been installed.
  B. The computer has been infected with crypto-malware.

• Question 1333:

  Following the successful response to a data-leakage incident, the incident team lead facilitates an exercise that focuses on continuous improvement of the organization's incident response capabilities. Which of the following activities has the incident team lead executed?

  A. Lessons learned review
  B. Root cause analysis
  C. Incident audit
  D. Corrective action exercise
  A. Lessons learned review

• Question 1334:

  A security administrator suspects an employee has been emailing proprietary information to a competitor. Company policy requires the administrator to capture an exact copy of the employee's hard disk. Which of the following should the administrator use?

  A. dd
  B. chmod
  C. dnaenum
  D. logger
  A. dd

• Question 1335:

  After the integrity of a patch has been verified, but before being deployed to production, it is important to: A. perform static analysis

  B. reverse engineer it for embedded malware.
  C. run dynamic analysis on the executable.
  D. test it in a staging environment
  D. test it in a staging environment

• Question 1336:

  Which of the following differentiates a collision attack from a rainbow table attack?

  A. A rainbow table attack performs a hash lookup
  B. A rainbow table attack uses the hash as a password
  C. In a collision attack, the hash and the input data are equivalent
  D. In a collision attack, the same input results in different hashes
  A. A rainbow table attack performs a hash lookup

• Question 1337:

  An organization requires three separate factors for authentication to sensitive systems. Which of the following would BEST satisfy the requirement?

  A. Fingerprint, PIN, and mother's maiden name
  B. One-time password sent to a smartphone, thumbprint, and home street address
  C. Fingerprint, voice recognition, and password
  D. Password, one-time password sent to a smartphone, and text message sent to a smartphone
  B. One-time password sent to a smartphone, thumbprint, and home street address

• Question 1338:

  Which of the following explains why a vulnerability scan might return a false positive?

  A. The scan is performed at a time of day when the vulnerability does not exist.
  B. The test Is performed against the wrong host.
  C. The signature matches the product but not the version information.
  D. The hosts are evaluated based on an OS-specific profile.
  C. The signature matches the product but not the version information.

• Question 1339:

  A security administrator is reviewing the following network capture: Which of the following malware is MOST likely to generate the above information?

  

  A. Keylogger
  B. Ransomware
  C. Logic bomb
  D. Adware
  A. Keylogger

• Question 1340:

  Which of the following is the proper use of a Faraday cage?

  A. To block electronic signals sent to erase a cell phone
  B. To capture packets sent to a honeypot during an attack
  C. To protect hard disks from access during a forensics investigation
  D. To restrict access to a building allowing only one person to enter at a time
  A. To block electronic signals sent to erase a cell phone