CompTIA CompTIA Certifications SY0-501 Questions & Answers

• Question 691:

  A network administrator has been alerted that web pages are experiencing long load times. After determining it is not a routing or DNS issue, the administrator logs in to the router, runs a command, and receives the following output:

  

  Which of the following is the router experiencing?

  A. DDoS attack

  B. Memory leak

  C. Buffer overflow

  D. Resource exhaustion

  Correct Answer: D

• Question 692:

  While reviewing the wireless router, the systems administrator of a small business determines someone is spoofing the MAC address of an authorized device. Given the table below:

  

  Which of the following should be the administrator's NEXT step to detect if there is a rogue system without impacting availability?

  A. Conduct a ping sweep.

  B. Physically check each system.

  C. Deny Internet access to the "UNKNOWN" hostname.

  D. Apply MAC filtering.

  Correct Answer: A

• Question 693:

  Company engineers regularly participate in a public Internet forum with other engineers throughout the industry. Which of the following tactics would an attacker MOST likely use in this scenario?

  A. Watering-hole attack

  B. Credential harvesting

  C. Hybrid warfare

  D. Pharming

  Correct Answer: A

• Question 694:

  A threat actor motivated by political goals that is active for a short period of time but has virtually unlimited resources is BEST categorized as a:

  A. hacktivist.

  B. nation-state

  C. script kiddie

  D. APT

  Correct Answer: B

  Nation-State Actors Actors sponsored by nation-states are characterized by a high level of sophistication and resources. They're capable of carrying out large-scale attacks as well as advanced persistent threats (APTs), which are stealthy attacks whose purpose is to maintain a presence in the network for an extensive period of time, typically to collect targeted types of data. APTs can move laterally through a network and blend in with regular traffic -- one of the reasons they can go undetected for months and years and inflict a high degree of damage to an organization. Nation-state actors focus on several attack vectors simultaneously and exploit a number of vulnerabilities. In recent years, many high-profile attacks have been attributed to nation-state actors. Some countries use these sophisticated players to fund their regime. But more typically, nation-state actors are not motivated by direct financial gain. Their reasons may lie in national security, political espionage, military intelligence and even attempts to influence another nation's political process. They may also after intellectual property data that could ultimately give the sponsoring nation a competitive advantage on the international

  market.

  This category of attackers is well-funded and operates within an extensive support infrastructure that includes multiple hacker networks. Researchers have also been observing international collaboration between different groups of state-

  sponsored actors.

• Question 695:

  A systems administrator wants to configure an enterprise wireless solution that supports authentication over HTTPS and wireless encryption using AES. Which of the following should the administrator configure to support these requirements? (Select TWO).

  A. 802.1X

  B. RADIUS federation

  C. WPS

  D. Captive portal

  E. WPA2

  F. WDS

  Correct Answer: AE

• Question 696:

  The SOC is reviewing processes and procedures after a recent incident. The review indicates it took more than 30 minutes to determine that quarantining an infected host was the best course of action. This allowed the malware to spread to additional hosts before it was contained. Which of the following would be BEST to improve the incident response process?

  A. Updating the playbooks with better decision points

  B. Dividing the network into trusted and untrusted zones

  C. Providing additional end-user training on acceptable use

  D. Implementing manual quarantining of infected hosts

  Correct Answer: C

• Question 697:

  An IT manager is estimating the mobile device budget for the upcoming year. Over the last five years, the number of devices that were replaced due to loss, damage, or theft steadily increased by 10%. Which of the following would BEST describe the estimated number of devices to be replaced next year?

  A. ALE

  B. ARO

  C. RPO

  D. SLE

  Correct Answer: D

• Question 698:

  A company that processes sensitive information has implemented a BYOD policy and an MDM solution to secure sensitive data that is processed by corporate and personally owned mobile devices. Which of the following should the company implement to prevent sensitive data from being stored on mobile devices?

  A. VDI

  B. Storage segmentation

  C. Containerization

  D. USB OTG

  E. Geofencing

  Correct Answer: B

  Storage segmentation: Storage segmentation offers a special feature whereby the user can artificially categorize different types of data on a mobile device's storage media. By default, a device uses storage segmentation to divide the device's preinstalled apps and operating system from the user data and user-installed apps.

• Question 699:

  A hospital has received reports from multiple patients that their PHI was stolen after completing forms on the hospital's website. Upon investigation, the hospital finds a packet analyzer was used to steal data Which of the following protocols would prevent this attack from reoccurring?

  A. SFTP

  B. HTTPS

  C. FTPS

  D. SRTP

  Correct Answer: A

  FTPS (also known FTP-SSL, and FTP Secure) is an extension to the commonly used File Transfer Protocol (FTP) that adds support for the Transport Layer Security (TLS) and, formerly, the Secure Sockets Layer (SSL, which is now prohibited by RFC7568) cryptographic protocols. HTTPS (Hypertext Transfer Protocol Secure) is a secure version of the HTTP protocol that uses the SSL/TLS protocol for encryption and authentication. HTTPS is specified by RFC 2818 (May 2000) and uses port 443 by default instead of HTTP's port 80.

  The HTTPS protocol makes it possible for website users to transmit sensitive data such as credit card numbers, banking information, and login credentials securely over the internet. For this reason, HTTPS is especially important for securing online activities such as shopping, banking, and remote work. However, HTTPS is quickly becoming the standard protocol for all websites, whether or not they exchange sensitive data with users.

  SFTP (SSH File Transfer Protocol) is a secure file transfer protocol. It runs over the SSH protocol. It supports the full security and authentication functionality of SSH. SFTP has pretty much replaced legacy FTP as a file transfer protocol, and is quickly replacing FTP/S. SRTP (Secure Real-Time Transport Protocol or Secure RTP) is an extension to RTP (Real-Time Transport Protocol) that incorporates enhanced security features. Like RTP, it is intended particularly for VoIP (Voice over IP) communications.

• Question 700:

  A coffee company has hired an IT consultant to set up a WiFi network that will provide Internet access to customers who visit the company's chain of cafes. The coffee company has provided no requirements other than that customers should be granted access after registering via a web form and accepting the terms of service. Which of the following is the MINIMUM acceptable configuration to meet this single requirement?

  A. Captive portal

  B. WPA with PSK

  C. Open WiFi

  D. WPS

  Correct Answer: A

  A captive portal is a web page accessed with a web browser that is displayed to newly connected users of a Wi-Fi or wired network before they are granted broader access to network resources.