A company utilizes 802.11 for all client connectivity within a facility. Users in one part of the building are reporting they are unable to access company resources when connected to the company SSID. Which of the following should the security administrator use to assess connectivity?
A. Sniffer
B. Honeypot
C. Routing tables
D. Wireless scanner
A manager makes an unannounced visit to the marketing department and performs a walk-through of the office. The manager observes unclaimed documents on printers. A closer look at these documents reveals employee names, addresses ages, birth dates, marital/dependent statuses, and favorite ice cream flavors. The manager brings this to the attention of the marketing department head. The manager believes this information to be Pll, but the marketing head does not agree. Having reached a stalemate, which of the following is the most appropriate action to take NEXT?
A. Elevate to the Chief Executive Officer (CEO) for redress, change from the top down usually succeeds.
B. Find the privacy officer in the organization and let the officer act as the arbiter.
C. Notify employees whose names are on these files that their personal infor-mation is being compromised.
D. To maintain a working relationship with marketing, quietly record the incident in the risk register.
Which of the following is unique to a stream cipher?
A. It encrypts 128 bytes at a time.
B. It uses AES encryption
C. It performs bit-level encryption
D. It is used in HTTPS
A security engineer is analyzing the following line of JavaScript code that was found in a comment field on a web forum, which was recently involved in a security breach:
Given the line of code above, which of the following BEST represents the attack performed during the breach?
A. CSRF
B. DDoS
C. Dos
D. XSS
A security administrator is configuring a RADIUS server for wireless authentication. The configuration must ensure client credentials are encrypted end-to-end between the client and the authenticator. Which of the following protocols should be configured on the RADIUS server? (Select TWO).
A. PAP
B. MSCHAP
C. PEAP
D. NTLM
E. SAML
A buffer overflow can result in:
A. loss of data caused by unauthorized command execution
B. privilege escalation caused by TPM override.
C. reduced key strength due to salt manipulation
D. repeated use of one-time keys.
A company network is currently under attack. Although security controls are in place to stop the attack, the security administrator needs more information about the types of attacks being used. Which of the following network types would BEST help the administrator gather this information?
A. DMZ
B. Guest network
C. Ad hoc
D. Honeynet
After patching computers with the latest application security patches/updates, users are unable to open certain applications. Which of the following will correct the issue?
A. Modifying the security policy for patch management tools
B. Modifying the security policy for HIDS/HIPS
C. Modifying the security policy for DLP
D. Modifying the security policy for media control
Which of the following is an example of resource exhaustion?
A. A penetration tester requests every available IP address from a DHCP server.
B. A SQL injection attack returns confidential data back to the browser.
C. Server CPU utilization peaks at 100% during the reboot process
D. System requirements for a new software package recommend having 12GB of RAM, but only 8GB are available.
A Chief Information Security Officer (CISO) asks the security architect to design a method for contractors to access the company's internal wiki, corporate directory, and email services securely without allowing access to systems beyond the scope of their project. Which of the following methods would BEST fit the needs of the CISO?
A. VPN
B. PaaS
C. laaS
D. VDI
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.