CompTIA SY0-501 Online Practice Questions and Exam Preparation

CompTIA SY0-501 Online Questions & Answers

• Question 851:

  A cybersecurity analyst needs to Implement secure authentication to third-party websites without users' passwords Which of the following would be the BEST way to achieve this objective?

  A. OAuth
  B. SSO
  C. SAML
  D. PAP
  B. SSO

• Question 852:

  An in-house penetration tester is using a packet capture device to listen in on network communications. This is an example of:

  A. Passive reconnaissance
  B. Persistence
  C. Escalation of privileges
  D. Exploiting the switch
  D. Exploiting the switch

• Question 853:

  An organization wants to upgrade its enterprise-wide desktop computer solution. The organization currently has 500 PCs active on the network. the Chief Information Security Officer (CISO) suggests that the organization employ desktop imaging technology for such a large scale upgrade. Which of the following is a security benefit of implementing an imaging solution?

  A. it allows for faster deployment
  B. it provides a consistent baseline
  C. It reduces the number of vulnerabilities
  D. It decreases the boot time
  B. it provides a consistent baseline

• Question 854:

  Which of the following is the MAIN disadvantage of using SSO?

  A. The architecture can introduce a single point of failure.
  B. Users need to authenticate for each resource they access.
  C. It requires an organization to configure federation.
  D. The authentication is transparent to the user.
  A. The architecture can introduce a single point of failure.

• Question 855:

  A security, who is analyzing the security of the company's web server, receives the following output:

  

  Which of the following is the issue?

  A. Code signing
  B. Stored procedures
  C. Access violations
  D. Unencrypted credentials
  D. Unencrypted credentials

• Question 856:

  A new security policy in an organization requires that all file transfers within the organization be completed using applications that provide secure transfer. Currently, the organization uses FTP and HTTP to transfer files. Which of the following should the organization implement in order to be compliant with the new policy?

  A. Replace FTP with SFTP and replace HTTP with TLS
  B. Replace FTP with FTPS and replaces HTTP with TFTP
  C. Replace FTP with SFTP and replace HTTP with Telnet
  D. Replace FTP with FTPS and replaces HTTP with IPSec
  A. Replace FTP with SFTP and replace HTTP with TLS

• Question 857:

  An engineer is configuring a wireless network using PEAP for the authentication protocol. Which of the following is required?

  A. 802.11n support on the WAP
  B. X.509 certificate on the server
  C. CCMP support on the network switch
  D. TLS 1.0 support on the client
  B. X.509 certificate on the server

• Question 858:

  A security administrator wants to configure a company's wireless network in a way that will prevent wireless clients from broadcasting the company's SSID. Which of the following should be configured on the company's access points?

  A. Enable ESSID broadcast
  B. Enable protected management frames
  C. Enable wireless encryption
  D. Disable MAC authentication
  E. Disable WPS
  F. Disable SSID broadcast
  F. Disable SSID broadcast

• Question 859:

  Which of the following policies would help an organization identify and mitigate potential single points of failure in the company's IT/security operations?

  A. Least privilege
  B. Awareness training
  C. Separation of duties
  D. Mandatory vacation
  B. Awareness training

• Question 860:

  A security engineer is configuring a wireless network that must support mutual authentication of the wireless client and the authentication server before users provide credentials. The wireless network must also support authentication with usernames and passwords.

  Which of the following authentication protocols MUST the security engineer select?

  A. EAP-FAST
  B. EAP-TLS
  C. PEAP
  D. EAP
  C. PEAP