The CSIRT is reviewing the lessons learned from a recent incident A worm was able to spread unhindered throughout the network and infect a large number of computers and servers. Which of the following recommendations would be BEST to mitigate the impacts of a similar incident in the future?
A. Install a NIDS device at the boundary.As part of a new industry regulation, companies are required to utilize secure, standardized OS settings. A technical must ensure the OS settings are hardened. Which of the following is the BEST way to do this?
A. Use a vulnerability scanner.Penetration testing is distinct from vulnerability scanning primarily because penetration testing:
A. leverages credentials scanning to obtain persistence.Which of the following BEST explains why a development environment should have the same database server secure baseline that exist in production even if there is no PII in the database?
A. Without the same configuration in both development and production, there are no assurance that changes made in development will have the same effect in production.Which of the following describes the key difference between vishing and phishing attacks?
A. Phishing is used by attackers to steal a person's identity.A company just implemented a new telework policy that allows employees to use personal devices for official email and file sharing while working from home. Some of the requirements are:
*
Employees must provide an alternate work location (i.e., a home address).
*
Employees must install software on the device that will prevent the loss of proprietary data but will not restrict any other software from being installed. Which of the following BEST describes the MDM options the company is using?
A. Geofencing, content management, remote wipe, containerization, and storage segmentationA help desk is troubleshooting user reports that the corporate website is presenting untrusted certificate errors to employees and customers when they visit the website. Which of the following is the MOST likely cause of this error, provided the certificate has not expired?
A. The certificate was self signed, and the CA was not imported by employees or customersAn organization is working with a cloud services provider to transition critical business applications to a hybrid cloud environment. The organization retains sensitive customer data and wants to ensure the provider has sufficient administrative and logical controls in place to protect its dat
A. In which of the following documents would this concern MOST likely be addressed?A user recently entered a username and password into a recruiting application website that had been forged to look like the legitimate site. Upon Investigation, a security analyst identifies the following:
*
The legitimate website's IP address is 10.1.1.20 and eRecruit.local resolves to this IP.
*
The forged website's IP address appears to be 10.2.12.99. based on NetFlow records.
*
All three of the organization's DNS servers show the website correctly resolves to the legitimate IP.
*
DNS query logs show one of the three DNS servers returned a result of 10.2.12.99 (cached) at the approximate time of the suspected compromise. Which of the following MOST likely occurred?
A. A reverse proxy was used to redirect network traffic.A company notices that at 10 a.m. every Thursday, three users' computers become inoperable. The security analyst team discovers a file called where.pdf.exe that runs on system startup. The contents of where.pdf.exe are shown below:

Based on the above information, which of the following types of malware was discovered?
A. RootkitNowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.