CompTIA CompTIA Certifications SY0-501 Questions & Answers

• Question 391:

  After surfing the Internet, Joe, a user, woke up to find all his files were corrupted. His wallpaper was replaced by a message stating the files were encrypted and he needed to transfer money to a foreign country to recover them. Joe is a victim of:

  A. a keylogger

  B. spyware

  C. ransomware

  D. a logic bomb

  Correct Answer: C

• Question 392:

  Security administrators attempted corrective action after a phishing attack. Users are still experiencing trouble logging in, as well as an increase in account lockouts. Users' email contacts are complaining of an increase in spam and social networking requests. Due to the large number of affected accounts, remediation must be accomplished quickly. Which of the following actions should be taken FIRST? (Select TWO)

  A. Disable the compromised accounts

  B. Update WAF rules to block social networks

  C. Remove the compromised accounts with all AD groups

  D. Change the compromised accounts' passwords

  E. Disable the open relay on the email server

  F. Enable sender policy framework

  Correct Answer: EF

  Sender Policy Framework (SPF) is a simple email-validation system designed to detect email spoofing by providing a mechanism to allow receiving mail exchangers to check that incoming mail from a domain comes from a host authorized by that domain's administrators. n a Small Business Server environment, you may have to prevent your Microsoft Exchange Server-based server from being used as an open relay SMTP server for unsolicited commercial e-mail messages, or spam. You may also have to clean up the Exchange server's SMTP queues to delete the unsolicited commercial email messages. If your Exchange server is being used as an open SMTP relay, you may experience one or more of the following symptoms: The Exchange server cannot deliver outbound SMTP mail to a growing list of e-mail domains. Internet browsing is slow from the server and from local area network (LAN) clients. Free disk space on the Exchange server in the location of the Exchange information store databases or the Exchange information store transaction logs is reduced more rapidly than you expect. The Microsoft Exchange information store databases spontaneously dismount. You may be able to

  manually mount the stores by using Exchange System Manager, but the stores may dismount on their own after they run for a short time. For more information, click the following article number to view the article in the Microsoft Knowledge Base.

• Question 393:

  A wireless network has the following design requirements:

  Authentication must not be dependent on enterprise directory service It must allow background reconnection for mobile users It must not depend on user certificates Which of the following should be used in the design to meet the

  requirements? (Choose two.)

  A. PEAP

  B. PSK

  C. Open systems authentication

  D. EAP-TLS

  E. Captive portals

  Correct Answer: BE

• Question 394:

  Which of the following strategies should a systems architect use to minimize availability risks due to insufficient storage capacity?

  A. High availability

  B. Scalability

  C. Distributive allocation

  D. Load balancing

  Correct Answer: B

• Question 395:

  A security engineer wants to implement a site-to-site VPN that will require SSL certificates for mutual authentication. Which of the following should the engineer implement if the design requires client MAC address to be visible across the tunnel?

  A. Tunnel mode IPSec

  B. Transport mode VPN IPSec

  C. L2TP

  D. SSL VPN

  Correct Answer: D

• Question 396:

  A security administrator wants to configure a company's wireless network in a way that will prevent wireless clients from broadcasting the company's SSID. Which of the following should be configured on the company's access points?

  A. Enable ESSID broadcast

  B. Enable protected management frames

  C. Enable wireless encryption

  D. Disable MAC authentication

  E. Disable WPS

  F. Disable SSID broadcast

  Correct Answer: F

• Question 397:

  A security auditor is putting together a report for the Chief Executive Officer (CEO) on personnel security and its impact on the security posture of the whole organization. Which of the following would be the MOST important factor to consider when it comes to personnel security?

  A. Insider threats

  B. Privilege escalation

  C. Hacktivist

  D. Phishing through social media

  E. Corporate espionage

  Correct Answer: A

• Question 398:

  Which of the following BEST describes a network-based attack that can allow an attacker to take full control of a vulnerable host?

  A. Remote exploit

  B. Amplification

  C. Sniffing

  D. Man-in-the-middle

  Correct Answer: A

• Question 399:

  The computer resource center issued smartphones to all first-level and above managers. The managers have the ability to install mobile tools. Which of the following tools should be implemented to control the types of tools the managers install?

  A. Download manager

  B. Content manager

  C. Segmentation manager

  D. Application manager

  Correct Answer: D

• Question 400:

  Which of the following would allow for the QUICKEST restoration of a server into a warm recovery site in a case in which server data mirroring is not enabled?

  A. Full backup

  B. Incremental backup

  C. Differential backup

  D. Snapshot

  Correct Answer: C