Using a one-time code that has been texted to a smartphone is an example of:
A. something you have.
B. something you know.
C. something you do.
D. something you are.
A first responder needs to collect digital evidence from a compromised headless virtual host. Which of the following should the first responder collect FIRST?
A. Virtual memory
B. BIOS configuration
C. Snapshot
D. RAM
Which of the following BEST explains the difference between a credentialed scan and a non- credentialed scan?
A. A credentialed scan sees devices in the network, including those behind NAT, while a non- credentialed scan sees outward-facing applications.
B. A credentialed scan will not show up in system logs because the scan is running with the necessary authorization, while non-credentialed scan activity will appear in the logs.
C. A credentialed scan generates significantly more false positives, while a non-credentialed scan generates fewer false positives.
D. A credentialed scan sees the system the way an authorized user sees the system, while a non- credentialed scan sees the system as a guest.
An organization wants to set up a wireless network in the most secure way. Budget is not a major consideration, and the organization is willing to accept some complexity when clients are connecting. It is also willing to deny wireless connectivity for clients who cannot be connected in the most secure manner. Which of the following would be the MOST secure setup that conforms to the organization's requirements?
A. Enable WPA2-PSK for older clients and WPA2-Enterprise for all other clients.
B. Enable WPA2-PSK, disable all other modes, and implement MAC filtering along with port security.
C. Use WPA2-Enterprise with RADIUS and disable pre-shared keys.
D. Use WPA2-PSK with a 24-character complex password and change the password monthly.
Which of the following serves to warn users against downloading and installing pirated software on company devices?
A. AUP
B. NDA
C. ISA
D. BPA
Which of the following documents would provide specific guidance regarding ports and protocols that should be disabled on an operating system?
A. Regulatory requirements
B. Secure configuration guide
C. Application installation guides
D. User manuals
A security analyst is investigating a call from a user regarding one of the websites receiving a 503: Service Unavailable error. The analyst runs a netstat-an command to discover if the web server is up and listening. The analyst receives the following output: TCP 10.1.5.2:80 192.168.2.112:60973 TIME_WAIT TCP 10.1.5.2:80 192.168.2.112:60974 TIME_WAIT TCP 10.1.5.2:80 192.168.2.112:60975 TIME_WAIT TCP 10.1.5.2:80 192.168.2.112:60976 TIME_WAIT TCP 10.1.5.2:80 192.168.2.112:60977 TIME_WAIT TCP 10.1.5.2:80 192.168.2.112:60978 TIME_WAIT Which of the following types of attack is the analyst seeing?
A. Buffer overflow
B. Domain hijacking
C. Denial of service
D. ARP poisoning
Which of the following BEST distinguishes Agile development from other methodologies in terms of vulnerability management?
A. Cross-functional teams
B. Rapid deployments
C. Daily standups
D. Peer review
E. Creating user stories
An organization is concerned about video emissions from users' desktops. Which of the following is the BEST solution to implement?
A. Screen filters
B. Shielded cables
C. Spectrum analyzers
D. Infrared detection
A security engineer is analyzing the following line of JavaScript code that was found in a comment field on a web forum, which was recently involved in a security breach:
Given the line of code above, which of the following BEST represents the attack performed during the breach?
A. CSRF
B. DDoS
C. DoS
D. XSS
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.