[Aug-2021] Pass CompTIA SYO-501 Exam in First Attempt Guaranteed! [Q376-Q393]

Share

[Aug-2021] Pass CompTIA SYO-501 Exam in First Attempt Guaranteed!

Full SYO-501 Practice Test and 715 unique questions with explanations waiting just for you, get it now!

NEW QUESTION 376
A company's AUP requires:
Passwords must meet complexity requirements.

Passwords are changed at least once every six months.

Passwords must be at least eight characters long.

An auditor is reviewing the following report:

Which of the following controls should the auditor recommend to enforce the AUP?

  • A. Account lockout thresholds
  • B. Account recovery
  • C. Password expiration
  • D. Prohibit password reuse

Answer: C

 

NEW QUESTION 377
In an effort to reduce data storage requirements, some company devices to hash every file and eliminate duplicates. The data processing routines are time sensitive so the hashing algorithm is fast and supported on a wide range of systems. Which of the following algorithms is BEST suited for this purpose?

  • A. SHA
  • B. AES
  • C. RIPEMD
  • D. MD5

Answer: A

 

NEW QUESTION 378
Joe a user visited a banking website from a saved bookmark and logged in with his credentials After logging in. Joe discovered he could not access any resources and none of his account information would display The next day, the bank called to report his account had been compromised Which of the following MOST likely would have prevented this from occurring?

  • A. LDAPS
  • B. DNSSEC
  • C. SSH
  • D. TLS

Answer: D

 

NEW QUESTION 379
A systems administrator is configuring a new network switch for TACACS+ management and authentication.
Which of the following must be configured to provide authentication between the switch and the TACACS+ server?

  • A. CHAP
  • B. SSH
  • C. Shared secret
  • D. SNMPv3
  • E. 802.1X

Answer: C

Explanation:
Explanation/Reference:

 

NEW QUESTION 380
Company engineers regularly participate in a public Internet forum with other engineers throughout the industry. Which of the following tactics would an attacker MOST likely use in this scenario?

  • A. Pharming
  • B. Credential harvesting
  • C. Watering-hole attack
  • D. Hybrid warfare

Answer: C

 

NEW QUESTION 381
A security analyst is performing a quantitative risk analysis. The risk analysis should show the potential monetary loss each time a threat or event occurs. Given this requirement, which of the following concepts would assist the analyst in determining this value? (Select two.)

  • A. ARO
  • B. EF
  • C. ROI
  • D. AV
  • E. ALE

Answer: B,D

 

NEW QUESTION 382
Drag and drop the correct protocol to its default port.

Answer:

Explanation:

Explanation

FTP uses TCP port 21. Telnet uses port 23.
SSH uses TCP port 22.
All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22.
Secure Copy Protocol (SCP) is a secure file-transfer facility based on SSH and Remote Copy Protocol (RCP).
Secure FTP (SFTP) is a secured alternative to standard File Transfer Protocol (FTP). SMTP uses TCP port 25.
Port 69 is used by TFTP.
SNMP
makes use of UDP ports 161 and 162. http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

 

NEW QUESTION 383
A supervisor in your organization was demoted on Friday afternoon. The supervisor had the ability to
modify the contents of a confidential database, as well as other managerial permissions. On Monday
morning, the database administrator reported that log files indicated that several records were missing
from the database.
Which of the following risk mitigation strategies should have been implemented when the supervisor was
demoted?

  • A. Routine auditing
  • B. IT governance
  • C. Incident management
  • D. Monthly user rights reviews

Answer: A

 

NEW QUESTION 384
A company just implemented a new telework policy that allows employees to use personal devices for official email and file sharing while working from home. Some of the requirements are:
* Employees must provide an alternate work location (i.e., a home address).
* Employees must install software on the device that will prevent the loss of proprietary data but will not restrict any other software from being installed.
Which of the following BEST describes the MDM options the company is using?

  • A. Remote wipe, geolocation, screen locks, storage segmentation, and full-device encryption
  • B. Geofencing, content management, remote wipe, containerization, and storage segmentation
  • C. Application management, remote wipe, geofencing, context-aware authentication, and containerization
  • D. Content management, remote wipe, geolocation, context-aware authentication, and containerization

Answer: C

Explanation:

 

NEW QUESTION 385
The chief security officer (CS0) has issued a new policy that requires that all internal websites be configured for HTTPS traffic only. The network administrator has been tasked to update all internal sites without incurring additional costs.
Which of the following is the best solution for the network administrator to secure each internal website?

  • A. Use a self-signed certificate on each internal server
  • B. Use a signing certificate as a wild card certificate
  • C. Use certificates signed by the company CA
  • D. Use certificates signed by a public ca

Answer: C

Explanation:
This is a way to update all internal sites without incurring additional costs?
To be a CA (Certificate Authority), you need an infrastructure that consists of considerable operational elements, hardware, software, policy frameworks and practice statements, auditing, security infrastructure and personnel.

 

NEW QUESTION 386
A newly purchased corporate WAP needs to be configured in the MOST secure manner possible.
INSTRUCTIONS
Please click on the below items on the network diagram and configure them accordingly:
* WAP
* DHCP Server
* AAA Server
* Wireless Controller
* LDAP Server
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Answer:

Explanation:

 

NEW QUESTION 387
A security analyst is checking log files and finds the following entries:

Which of the following is MOST likely happening?

  • A. A server is experiencing a DoS, and the request is timing out.
  • B. A potential hacker could be banner grabbing to determine what architecture is being used.
  • C. The DNS is misconfigured for the server's IP address.
  • D. A hacker attempted to pivot using the web server interface.

Answer: D

 

NEW QUESTION 388
Which of the following is the summary of loss for a given year?

  • A. ARO
  • B. SLA
  • C. MTBF
  • D. ALE

Answer: D

Explanation:
Explanation

 

NEW QUESTION 389
An administrator is replacing a wireless router. The configuration of the old wireless router was not documented before it stopped functioning. The equipment connecting to the wireless network uses older legacy equipment that was manufactured prior to the release of the 802.11i standard. Which of the following configuration options should the administrator select for the new wireless router?

  • A. WPA2+TKIP
  • B. WPA+CCMP
  • C. WPA+TKIP
  • D. WPA2+CCMP

Answer: A

 

NEW QUESTION 390
A security analyst has received several reports of an issue on an internal web application. Users state they are having to provide their credentials twice to log in. The analyst checks with the application team and notes this is not an expected behavior. After looking at several logs, the analyst decides to run some commands on the gateway and obtains the following output:

Which of the following BEST describes the attack the company is experiencing?

  • A. ARP poisoning
  • B. URL redirection
  • C. MAC flooding
  • D. DNS hijacking

Answer: A

Explanation:
Explanation
ARP Poisoning (also known as ARP Spoofing) is a type of cyber attack carried out over a Local Area Network (LAN) that involves sending malicious packets to a default gateway on a LAN in order to change the pairings in its IP to MAC address table. Protocol translates IP addresses into MAC addresses.

 

NEW QUESTION 391
Multiple employees receive an email with a malicious attachment that begins to encrypt their hard drives and mapped shares on their devices when it is opened.
The network and security teams perform the following actions:
* Shut down all network shares.
* Run an email search identifying all employees who received the
malicious message.
* Reimage all devices belonging to users who opened the attachment.
Next, the teams want to re-enable the network shares. Which of the following BEST describes this phase of the incident response process?

  • A. Lessons learned
  • B. Containment
  • C. Recovery
  • D. Eradication

Answer: C

 

NEW QUESTION 392
A security administrator receives notice that a third-party certificate authority has been compromised, and
new certificates will need to be issued.
Which of the following should the administrator submit to receive a new certificate?

  • A. CRL
  • B. PFX
  • C. OSCP
  • D. CSR
  • E. CA

Answer: D

 

NEW QUESTION 393
......

Prepare for your CompTIA certification with the updated Free4Torrent SYO-501 exam questions: https://drive.google.com/open?id=1hjb9s4GpYdvpzS0iMBhU-XHCmGns7fsQ

Get Latest SYO-501 Dumps Exam Questions in here: https://www.free4torrent.com/SYO-501-braindumps-torrent.html