CompTIA CompTIA Certifications SY0-501 Questions & Answers

• Question 291:

  A security administrator is investigating a report that a user is receiving suspicious emails. The user's machine has an old functioning modem installed. Which of the following security concerns need to be identified and mitigated? (Choose two.)

  A. Vishing

  B. Whaling

  C. Spear phishing

  D. Pharming

  E. War dialing

  F. Hoaxing

  Correct Answer: EF

• Question 292:

  A technician, who is managing a secure B2B connection, noticed the connection broke last night. All networking equipment and media are functioning as expected, which leads the technician to Question: following should the technician use to validate this assumption? (Choose two.)

  A. PEM

  B. CER

  C. SCEP

  D. CRL

  E. OCSP

  F. PFX

  Correct Answer: DE

• Question 293:

  An organization wishes to allow its users to select devices for business use but does not want to overwhelm the service desk with requests for too many different device types and models. Which of the following deployment models should the organization use to BEST meet these requirements?

  A. VDI environment

  B. CYOD model

  C. DAC mode

  D. BYOD model

  Correct Answer: B

• Question 294:

  A state-sponsored threat actor has launched several successful attacks against a corporate network. Although the target has a robust patch management program in place, the attacks continue in depth and scope, and the security department has no idea how the attacks are able to gain access. Given that patch management and vulnerability scanners are being used, which of the following would be used to analyze the attack methodology?

  A. Rogue system detection

  B. Honeypots

  C. Next-generation firewall

  D. Penetration test

  Correct Answer: B

• Question 295:

  Given the information below:

  MD5HASH document.doc 049eab40fd36caadlfab10b3cdf4a883

  MD5HASH image.jpg 049eab40fd36caadlfab10b3cdf4a883

  Which of the following concepts are described above? (Choose two.)

  A. Salting

  B. Collision

  C. Steganography

  D. Hashing

  E. Key stretching

  Correct Answer: BD

• Question 296:

  A systems administrator has installed a new UTM that is capable of inspecting SSL/TLS traffic for malicious payloads. All inbound network traffic coming from the Internet and terminating on the company's secure web servers must be inspected. Which of the following configurations would BEST support this requirement?

  A. The web servers' CA full certificate chain must be installed on the UTM.

  B. The UTM certificate pair must be installed on the web servers.

  C. The web servers' private certificate must be installed on the UTM.

  D. The UTM and web servers must use the same certificate authority.

  Correct Answer: A

• Question 297:

  A security administrator receives alerts from the perimeter UTM. Upon checking the logs, the administrator finds the following output: Time: 12/25 0300 From Zone: Untrust To Zone: DMZ Attacker: externalip.com Victim: 172.16.0.20 To Port: 80 Action: Alert Severity: Critical When examining the PCAP associated with the event, the security administrator finds the following information:

  Which of the following actions should the security administrator take?

  A. Upload the PCAP to the IDS in order to generate a blocking signature to block the traffic.

  B. Manually copy the