[2017-New-Exams]Full Version SY0-501 VCE 166Q for Free Download[111-120]
2017 November New CompTIA SY0-501 Exam Dumps with PDF and VCE Free Released Today! Following are some New SY0-501 Questions:
1.|2017 New SY0-501 Exam Dumps (PDF & VCE) 166Q&As Download:
https://www.braindump2go.com/sy0-501.html
2.|2017 New SY0-501 Exam Questions & Answers Download:
https://drive.google.com/drive/folders/1QYBwvoau8PlTQ3bugQuy0pES-zrLrRB1?usp=sharing
QUESTION 111
Anne, the Chief Executive Officer (CEO), has reported that she is getting multiple telephone calls from someone claiming to be from the helpdesk. The caller is asking to verify her network authentication credentials because her computer is broadcasting across the network. This is MOST likely which of the following types of attacks?
A. Vishing
B. Impersonation
C. Spim
D. Scareware
Answer: A
QUESTION 112
An administrator discovers the following log entry on a server:
Nov 12 2013 00:23:45 httpd[2342]: GET
/app2/prod/proc/process.php?input=change;cd%20../../../etc;cat%20shadow
Which of the following attacks is being attempted?
A. Command injection
B. Password attack
C. Buffer overflow
D. Cross-site scripting
Answer: B
QUESTION 113
A security team wants to establish an Incident Response plan. The team has never experienced an incident. Which of the following would BEST help them establish plans and procedures?
A. Table top exercises
B. Lessons learned
C. Escalation procedures
D. Recovery procedures
Answer: D
QUESTION 114
Which of the following would verify that a threat does exist and security controls can easily be bypassed without actively testing an application?
A. Protocol analyzer
B. Vulnerability scan
C. Penetration test
D. Port scanner
Answer: B
Explanation:
A vulnerability scan is the automated process of proactively identifying security vulnerabilities of computing systems in a network in order to determine if and where a system can be exploited and/or threatened. While public servers are important for communication and data transfer over the Internet, they open the door to potential security breaches by threat agents, such as malicious hackers.
Vulnerability scanning employs software that seeks out security flaws based on a database of known flaws, testing systems for the occurrence of these flaws and generating a report of the findings that an individual or an enterprise can use to tighten the network’s security.
Vulnerability scanning typically refers to the scanning of systems that are connected to the Internet but can also refer to system audits on internal networks that are not connected to the Internet in order to assess the threat of rogue software or malicious employees in an enterprise.
QUESTION 115
Which of the following technologies would be MOST appropriate to utilize when testing a new software patch before a company-wide deployment?
A. Cloud computing
B. Virtualization
C. Redundancy
D. Application control
Answer: B
Explanation:
Virtualization is used to host one or more operating systems in the memory of a single host computer and allows multiple operating systems to run simultaneously on the same hardware, reducing costs. Virtualization offers the flexibility of quickly and easily making backups of entire virtual systems, and quickly recovering the virtual system when errors occur. Furthermore, malicious code compromises of virtual systems rarely affect the host system, which allows for safer testing and experimentation.
QUESTION 116
A system administrator needs to implement 802.1x whereby when a user logs into the network, the authentication server communicates to the network switch and assigns the user to the proper VLAN.
Which of the following protocols should be used?
A. RADIUS
B. Kerberos
C. LDAP
D. MSCHAP
Answer: A
QUESTION 117
Which of the following types of cloud Infrastructures would allow several organizations with similar structures and interests to realize shared storage and resources?
A. Private
B. Hybrid
C. Public
D. Community
Answer: A
QUESTION 118
A security administrator has found a hash m the environment known to belong to malware. The administrator then finds this file to be in the preupdate area of the OS, which indicates it was pushed from the central patch system.
![image_thumb[4]](http://examgod.com/bdimages/2017-New-Exams111-120_E806/image_thumb4.png "image_thumb[4]")
The administrator pulls a report from the patch management system with the following output:
![image_thumb[3]](http://examgod.com/bdimages/2017-New-Exams111-120_E806/image_thumb3.png "image_thumb[3]"){kind=small}
Given the above outputs, which of the following MOST likely happened?
A. The file was corrupted after it left the patch system
B. The file was infected when the patch manager downloaded it.
C. The file was not approved in the application whitelist system
C. The fee was embedded with a logic bomb to evade detection
Answer:
QUESTION 119
Which of the following implements two-factor authentication?
A. A phone system requiring a PIN to make a call
B. An ATM requiring a credit card and PIN
C. A computer requiring username and password
D. A datacenter mantrap requiring fingerprint and iris scan
Answer: D
QUESTION 120
A company is terminating an employee for misbehavior. Which of the following steps is MOST important in the process of disengagement from this employee?
A. Obtain a list of passwords used by the employee.
B. Generate a report on outstanding projects the employee handled
C. Have the employee surrender company identification.
D. Have the employee sign an NDA before departing
Answer: A
!!!RECOMMEND!!!
1.|2017 New SY0-501 Exam Dumps (PDF & VCE) 166Q&As Download:
https://www.braindump2go.com/sy0-501.html
2.|2017 New SY0-501 Study Guide Video:
https://youtu.be/UBQZ5wOajbk
Post Author: mavis
