CompTIA SY0-501 Online Practice Questions and Exam Preparation

CompTIA SY0-501 Online Questions & Answers

• Question 861:

  A security consultant is setting up a new electronic messaging platform and wants to ensure the platform supports message integrity validation. Which of the following protocols should the consultant recommend?

  A. S/MIME
  B. DNSSEC
  C. RADIUS
  D. 802.11x
  A. S/MIME

• Question 862:

  An organization wants to ensure network access is granted only after a user or device has been authenticated. Which of the following should be used to achieve this objective for both wired and wireless networks?

  A. CCMP
  B. PKCS#12
  C. IEEE 802.1X
  D. OCSP
  C. IEEE 802.1X

• Question 863:

  The concept of connecting a user account across the systems of multiple enterprises is BEST known as:

  A. federation.
  B. a remote access policy.
  C. multifactor authentication.
  D. single sign-on.
  A. federation.

• Question 864:

  A security team has completed the installation of a new server. The OS and applications have been patched and tested, and the server is ready to be deployed. Which of the following actions should be taken before deploying the new server?

  A. Disable the default accounts.
  B. Run a penetration test on the network.
  C. Create a DMZ In which to place the server.
  D. validate the integrity of the patches.
  A. Disable the default accounts.

• Question 865:

  Ann, a user, reports she is unable to access an application from her desktop. A security analyst verifies Ann's access and checks the SIEM for any errors. The security analyst reviews the log file from Ann's system and notices the following output:

  

  Which of the following is MOST likely preventing Ann from accessing the application from the desktop?

  A. Web application firewall
  B. DLP
  C. Host-based firewall
  D. UTM
  E. Network-based firewall
  C. Host-based firewall

• Question 866:

  A security engineer at an offline government facility is concerned about the validity of an SSL certificate. The engineer wants to perform the fastest check with the least delay to determine if the certificate has been revoked. Which of the following would BEST meet these requirements?

  A. RA
  B. OCSP
  C. CRI
  D. CSR
  B. OCSP

• Question 867:

  Which of the following is the BEST use of a WAF?

  A. To protect sites on web servers that are publicly accessible
  B. To allow access to web services of internal users of the organization
  C. To maintain connection status of all HTTP requests
  D. To deny access to all websites with certain contents
  A. To protect sites on web servers that are publicly accessible

• Question 868:

  A company employee recently retired, and there was a schedule delay because no one was capable of filling the employee's position. Which of the following practices would BEST help to prevent this situation in the future?

  A. Mandatory vacation
  B. Separation of duties
  C. Job rotation
  D. Exit interviews
  B. Separation of duties

• Question 869:

  A security administrator needs to address the following audit recommendations for a public-facing SFTP server:

  Users should be restricted to upload and download files to their own home directories only. Users should not be allowed to use interactive shell login. Which of the following configuration parameters should be implemented? (Select TWO).

  A. PermitTunnel
  B. ChrootDirectory
  C. PermitTTY
  D. AllowTcpForwarding
  E. IgnoreRhosts
  B. ChrootDirectory
  C. PermitTTY

• Question 870:

  A systems administrator wants to enforce me use of HTTPS on a new website. Which of the following should the systems administrator do NEXT after generating the CSR?

  A. Install the certificate on the server
  B. Provide the public key to the CA
  C. Password protect the public key
  D. Ensure the new key is not on the CRL
  B. Provide the public key to the CA