On which of the following is the live acquisition of data for forensic analysis MOST dependent? (Select TWO).
A. Data accessibility
B. Legal hold
C. Cryptographic or hash algorithm
D. Data retention legislation
E. Value and volatility of data
F. Right-to-audit clauses
Which of the following is the primary reason for implementing layered security measures in a cyber security architecture?
A. it increases the number of controls required to subvert a system.
B. It decreases the tone a CERT has to respond to a security Incident.
C. It alleviates problems associated with EOL equipment replacement.
D. It allows for bandwidth upgrades to be made without user disruption.
An organization is struggling to differentiate threats from normal traffic and access to systems A security engineer has been asked to recommend a system that will aggregate data and provide metrics that will assist in Identifying malicious actors or other anomalous activity throughout the environment. Which of the following solutions should the engineer recommend?
A. Web application firewall
B. SIEM
C. IPS
D. UTM
E. File integrity monitor
A systems administrator wants to replace the process of using a CRL to verify certificate validity. Frequent downloads are becoming problematic. Which of the following would BEST suit the administrator's needs?
A. OCSP
B. CSR
C. Key escrow
D. CA
A network technician needs to monitor and view the websites that are visited by an employee. The employee Is connected to a network switch.
Which of the following would allow the technician to monitor the employee's web traffic?
A. Implement promiscuous mode on the NIC of the employee's computer.
B. Install and configure a transparent proxy server.
C. Run a vulnerability scanner to capture DNS packets on the router.
D. Configure a VPN to forward packets to the technician's computer.
Which of the following control types are alerts sent from a SIEM fulfilling based on vulnerably signatures?
A. Preventive
B. Corrective
C. Compensating
D. Detective
A retail executive recently accepted a job with a major competitor. The following week, a security analyst reviews the security logs and Identifies successful logon attempts to access the departed executive's accounts.
Which of the following security practices would have addressed the issue?
A. A non-disclosure agreement
B. Least privilege
C. An acceptable use policy
D. Off boarding
A company is having Issues with intellectual property being sent to a competitor from its system. The information being sent Is not random but has an identifiable pattern. Which of the following should be implemented in the system to stop the content from being sent?
A. Encryption
B. Hashing
C. IPS
D. DLP
If a current private key is compromised, which of the following would ensure it cannot be used to decrypt all historical data?
A. Perfect forward secrecy
B. Elliptic-curve cryptography
C. Key stretching
D. Homomorphic encryption
Which of the following disaster recovery sites would require the MOST time to get operations beck online?
A. Colocation
B. Cold
C. Hot
D. Warm
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.