A security operations learn recently detected a breach of credentials. The team mitigated the risk and followed proper processes lo reduce risk. Which of the following processes would BEST help prevent this issue from happening again?
A. Risk assessment
B. Chain of custody
C. Lessons learned
D. Penetration test
A systems administrator is auditing the company's Active Directory environment. It is quickly noted that the username "company\bsmith" is interactively logged into several desktops across the organization. Which of the following has the systems administrator MOST likely come across?
A. Service account
B. Shared credentials
C. False positive
D. Local account
The Chief Financial Officer (CFO) of an insurance company received an email from Ann, the company's Chief Executive Officer (CEO), requesting a transfer of $10,000 to an account. The email states Ann is on vacation and has lost her purse, containing cash and credit cards. Which of the following social-engineering techniques is the attacker using?
A. Phishing
B. Whaling
C. Typo squatting
D. Pharming
Which of the following is a passive method to test whether transport encryption is implemented?
A. Black box penetration test
B. Port scan
C. Code analysis
D. Banner grabbing
A security administrator suspects there may be unnecessary services running on a server. Which of the following tools will the administrator MOST likely use to confirm the suspicions?
A. Nmap
B. Wireshark
C. Autopsy
D. DNSEnum
A university with remote campuses, which all use different service providers, loses Internet connectivity across all locations. After a few minutes, internet and VoIP services are restored, only to go offline again at random intervals. typically,
within four minutes of services being restored. Outages continue throughout the day. impacting all inbound and outbound connections and services. Services that are limited to the local LAN or WiFi network are not impacted, but all WAN and
VoIP services are affected.
Later that day. the edge-router manufacturer releases a CVE outlining the ability of an attacker to exploit the SIP protocol handling on devices, leading to resource exhaustion and system reloads. Which of the following BEST describe this
type of attack? (Select TWO).
A. DOS
B. SSL Stripping
C. Memory leak
D. Race condition
E. Shimming
F. Refactoring
Which of the following describes the ability of code to target a hypervisor from inside a guest OS?
A. Fog computing
B. VM escape
C. Software-defined networking
D. Image forgery
E. Container breakout
A company has had a BYOD policy in place for many years and now wants to roll out an MDM solution. The company has decided that end users who wish to utilize their personal devices for corporate use must opt in to the MDM solution. End users are voicing concerns about the company having access to their personal devices via the MDM solution. Which of the following should the company implement to ease these concerns?
A. Sideloading
B. Full device encryption
C. Application management
D. Containerization
Which of the following BEST explains the reason why a server administrator would place a document named password.txt on the desktop of an administrator account on a server?
A. The document is a honeyfile and is meant to attract the attention of a cyberintruder.
B. The document is a backup file if the system needs to be recovered
C. The document is a standard file that the OS needs to verify the login credentials.
D. The document is a keylogger that stores all keystrokes should the account be compromised.
Which of the following is the MAIN disadvantage of using SSO?
A. The architecture can introduce a single point of failure.
B. Users need to authenticate for each resource they access.
C. It requires an organization to configure federation.
D. The authentication is transparent to the user.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.