CompTIA CompTIA Certifications SY0-501 Questions & Answers

• Question 951:

  An organization was recently compromised by an attacker who used a server certificate with the company's domain issued by an irrefutable ca. Which of the following should be used to mitigate this risk in the future?

  A. OCSP

  B. DNSSEC

  C. Corticated pinning

  D. Key escrow

  Correct Answer: B

• Question 952:

  A security engineer needs to obtain a recurring log of changes to system files. The engineer is most concerned with detecting unauthorized changes to system data Which of the following tools can be used to fulfill the requirements that were established by the engineer?

  A. TPM

  B. Trusted operating system

  C. File integrity monitor

  D. UEFI

  E. FDE

  Correct Answer: C

• Question 953:

  The Chief Information Officer (CIO) has heard concerns from the business and the help desk about frequent user account lockouts Which of the following account management practices should be modified to ease the burden?

  A. Password complexity

  B. Account disablement

  C. False-rejection rate

  D. Time-of-day restrictions

  Correct Answer: A

• Question 954:

  A Chief Information Officer (CIO) wants to eliminate the number of calls help desk is receiving for password resets when users log on to internal portals. Which of the following is the BEST solution?

  A. Increase password length

  B. Implement a self-service portal

  C. Decrease lockout threshold

  D. Deploy mandatory access control

  Correct Answer: D

• Question 955:

  Given the following output:

  [Missing the output]

  Which of the following BEST describes the scanned environment?

  A. A host was identified as a web server that is hosting multiple domains.

  B. A host was scanned, and web-based vulnerabilities were found.

  C. A connection was established to a domain, and several redirect connections were identified.

  D. A web shell was planted in company corn's content management system.

  Correct Answer: B

• Question 956:

  An analysis of a threat actor, which has been active for several years, reveals the threat actor has high levels of funding, motivation, and sophistication. Which of the following types of threat actors does this BEST describe?

  A. Advanced persistent threat

  B. Hacktivist

  C. Organized crime

  D. Insider

  Correct Answer: A

• Question 957:

  A technician is implementing 802 1X with dynamic VLAN assignment based on a user Active Directory group membership. Which of the following configurations supports the VLAN definitions?

  A. RADIUS attribute

  B. SAML tag

  C. LDAP path

  D. Shibboleth IdP

  Correct Answer: B

• Question 958:

  When conducting a penetration test, a pivot is used to describe a scenario in which?

  A. the penetration tester uses pass-the-hash to gam access to a server via SMB, and then uses this server to SSH to another server

  B. a penetration tester is able to download the Active Directory database after exploiting an unpatched vulnerability on the domain controller

  C. the vulnerability scanner reveals a flaw in SMB signing, which can be used to send a netcat recon tool to one of the servers on the network.

  D. the penetration tester is able to access the datacenter or network closet by using a lockpick

  Correct Answer: A

• Question 959:

  A security administrator is reviewing the following information from a file that was found on a compromised host:

  

  Which of the following types of malware is MOST likely installed on the compromised host?

  A. Keylogger

  B. Spyware

  C. Trojan

  D. Backdoor

  E. Rootkit

  Correct Answer: C

• Question 960:

  Which of the following has the potential to create a DoS attack on a system?

  A. A server room WiFi thermostat with default credentials

  B. A surveillance camera that has been replaced and is not plugged in

  C. A disabled user account that has not been deleted

  D. A wireless access point with WPA2 connected to the network

  Correct Answer: C