CompTIA SY0-501 Online Practice Questions and Exam Preparation

CompTIA SY0-501 Online Questions & Answers

• Question 971:

  Which of the following BEST distinguishes Agile development from other methodologies in terms of vulnerability management?

  A. Cross-functional teams
  B. Rapid deployments
  C. Daily standups
  D. Peer review
  E. Creating user stories
  C. Daily standups

• Question 972:

  A systems administrator just issued the ssh-keygen rsa command on a Linux terminal. Which of the following BEST describes what the rsa portion of the command represents?

  A. A key generation algorithm
  B. A hashing algorithm
  C. A public key infrastructure type
  D. A certificate authority type
  A. A key generation algorithm

• Question 973:

  A web server, which is configured to use TLS with AES-GCM-256, SHA-384, and ECDSA, recently suffered an information loss breach. Which of the following is MOST likely the cause?

  A. Insufficient key bit length
  B. Weak cipher suite
  C. Unauthenticated encryption method
  D. Poor implementation
  D. Poor implementation

• Question 974:

  Which of the following disaster recovery sites would require the MOST time to get operations beck online?

  A. Colocation
  B. Cold
  C. Hot
  D. Warm
  B. Cold

• Question 975:

  A security engineer is concerned about susceptibility to HTTP downgrade attacks because the current customer portal redirects users from port 80 to the secure site on port 443. Which of the following would be MOST appropriate to mitigate the attack?

  A. DNSSEC
  B. HSTS
  C. Certificate pinning
  D. OCSP
  B. HSTS

• Question 976:

  A home invasion occurred recently in which an intruder compromised a home network and accessed a WiFIenabled baby monitor while the baby's parents were sleeping. Which of the following BEST describes how the intruder accessed the monitor?

  A. Outdated antivirus
  B. WiFi signal strength
  C. Social engineering
  D. Default configuration
  D. Default configuration

• Question 977:

  A systems administrator is reviewing the following information from a compromised server:

  

  Given the above information, which of the following processes was MOST likely exploited via a remote buffer overflow attack?

  A. Apache
  B. LSASS
  C. MySQL
  D. TFTP
  A. Apache

• Question 978:

  Which of the following is an example of resource exhaustion?

  A. A penetration tester requests every available IP address from a DHCP server.
  B. An SQL injection attack returns confidential data back to the browser.
  C. Server CPU utilization peaks at 100% during the reboot process.
  D. System requirements for a new software package recommend having 12GB of RAM, but only BGB are available.
  A. A penetration tester requests every available IP address from a DHCP server.

• Question 979:

  A security engineer wants to implement a site-to-site VPN that will require SSL certificates for mutual authentication. Which of the following should the engineer implement if the design requires client MAC address to be visible across the tunnel?

  A. Tunnel mode IPSec
  B. Transport mode VPN IPSec
  C. L2TP
  D. SSL VPN
  D. SSL VPN

• Question 980:

  A security administrator has been assigned to review the security posture of the standard corporate system image for virtual machines. The security administrator conducts a thorough review of the system logs, installation procedures, and

  network configuration of the VM image. Upon reviewing the access logs and user accounts, the security administrator determines that several accounts will not be used in production.

  Which of the following would correct the deficiencies?

  A. Mandatory access controls
  B. Disable remote login
  C. Host hardening
  D. Disabling services
  C. Host hardening