Which of the following BEST describes the concept of perfect forward secrecy?
A. Using quantum random number generation to make decryption effectively impossible
B. Preventing cryptographic reuse so a compromise of one operation does not affect other operations
C. Implementing elliptic curve cryptographic algorithms with true random numbers
D. The use of NDAs and policy controls to prevent disclosure of company secrets
Which of the following attacks is used to capture the WPA2 handshake?
A. Replay
B. IV
C. Evil twin
D. Disassociation
A network administrator is setting up wireless access points in all the conference rooms and wants to authenticate devices using PKI. Which of the following should the administrator configure?
A. A captive portal
B. PSK
C. 802.1X
D. WPS
A government agency with sensitive information wants to virtualize its infrastructure. Which of the following cloud deployment models BEST fits the agency's needs?
A. Public
B. Community
C. Private
D. Hybrid
The CSIRT is reviewing the lessons learned from a recent incident A worm was able to spread unhindered throughout the network and infect a large number of computers and servers. Which of the following recommendations would be BEST to mitigate the impacts of a similar incident in the future?
A. Install a NIDS device at the boundary.
B. Segment the network with firewalls
C. Update all antivirus signatures daily
D. Implement application blacklisting.
A public relations team will be taking a group of guests on a tour through the facility of a large e- commerce company. The day before the tour, the company sends out an email to employees to ensure all whiteboards are cleaned and all desks are cleared. The company is MOST likely trying to protect against.
A. loss of proprietary information
B. damage to the company's reputation
C. social engineering
D. credential exposure
A company needs to fix some audit findings related to its physical security. A key finding was that multiple people could physically enter a location at the same time. Which of the following is the BEST control to address this audit finding?
A. Faraday cage
B. Mantrap
C. Biometrics
D. Proximity cards
Which of the following types of security testing is the MOST cost-effective approach used to analyze existing code and identity areas that require patching?
A. Black box
B. Gray box
C. White box
D. Red team
E. Blue team
An organization has hired a security analyst to perform a penetration test. The analyst captures 1GB worth of inbound network traffic to the server and transfers the pcap back to the machine for analysis. Which of the following tools should the analyst use to future review the pcap?
A. Nmap
B. cURL
C. Netcat
D. Wireshark
A technician is recommending preventive physical security controls for a server room. Which of the technician MOST likely recommend? (Select Two).
A. Geofencing
B. Video Surveillance
C. Protected cabinets
D. Mantrap
E. Key exchange
F. Authorized personnel signage
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.