SYO-501 Archives - Premium VCE Dumps

NEW QUESTION 24
As part of the SDLC, a third party is hired to perform a penetration test. The third party will have access to
the source code, integration tests, and network diagrams. Which of the following BEST describes the
assessment being performed?

Black box

Regression

White box

Fuzzing

NEW QUESTION 25
A security manager received reports of several laptops containing confidential data stolen out of a lab environment. The lab is not a high security area and is secured with physical key locks. The security manager has no information to provide investigators related to who may have stolen the laptops. Which of the following should the security manager implement to improve legal and criminal investigations in the future?

Motion sensors

Mobile device management

CCTV

Cable locks

Full-disk encryption

NEW QUESTION 26
Which of the following technologies would be MOST appropriate to utilize when testing a new software patch before a company-wide deployment?

Cloud computing

Virtualization

Redundancy

Application control

NEW QUESTION 27
To help prevent one job role from having sufficient access to create, modify, and approve payroll data, which of the following practices should be employed?

Least privilege

Job rotation

Background checks

Separation of duties

NEW QUESTION 28
The security administrator has installed a new firewall which implements an implicit DENY policy by default.
INSTRUCTIONS:
Click on the firewall and configure it to allow ONLY the following communication.
1. The Accounting workstation can ONLY access the web server on the public network over the default HTTPS port. The accounting workstation should not access other networks.
2. The HR workstation should be restricted to communicate with the Financial server ONLY, over the default SCP port
3. The Admin workstation should ONLY be able to access the servers on the secure network over the default TFTP port.
Instructions: The firewall will process the rules in a top-down manner in order as a first match The port number must be typed in and only one port number can be entered per rule Type ANY for all ports. The original firewall configuration can be reset at any time by pressing the reset button. Once you have met the simulation requirements, click save and then Done to submit.

Hot Area:

Section: Network Security

NEW QUESTION 29
A company needs to implement a system that only lets a visitor use the company’s network infrastructure if the visitor acceps the AUP. Which of the following should the company use?

WiFi-protected setup

Password authentication protocol

Captive portal

RADIUS

NEW QUESTION 30
A new Chief Information Officer (CIO) has been reviewing the badging procedures and decides to write a policy that all employees must have their badges rekeyed at least annually. Which of the following controls BEST describes this policy?

Physical

Corrective

Technical

Administrative

NEW QUESTION 31
For each of the given items, select the appropriate authentication category from the dropdown choices.
Instructions: When you have completed the simulation, please select the Done button to submit.

NEW QUESTION 32
For each of the given items, select the appropriate authentication category from the dropdown choices.
Instructions: When you have completed the simulation, please select the Done button to submit.

NEW QUESTION 33
Which of the following agreement types is a non-contractual agreement between two or more parties and outlines each party’s requirements and responsibilities?

BPA

SLA

MOU

ISA

NEW QUESTION 34
A network administrator at a small office wants to simplify the configuration of mobile clients connecting to an encrypted wireless network. Which of the following should be implemented in the administrator does not want to provide the wireless password or he certificate to the employees?

WPS

802.1x

WPA2-PSK

TKIP

NEW QUESTION 35
A user is presented with the following items during the new-hire onboarding process:
-Laptop
-Secure USB drive
-Hardware OTP token
-External high-capacity HDD
-Password complexity policy
-Acceptable use policy
-HASP key
-Cable lock
Which of the following is one component of multifactor authentication?

Secure USB drive

Cable lock

Hardware OTP token

HASP key

NEW QUESTION 36
A help desk is troubleshooting user reports that the corporate website is presenting untrusted certificate errors to employees and customers when they visit the website. Which of the following is the MOST likely cause of this error, provided the certificate has not expired?

The certificate was self signed, and the CA was not imported by employees or customers

The root CA has revoked the certificate of the intermediate CA

The valid period for the certificate has passed, and a new certificate has not been issued

The key escrow server has blocked the certificate from being validated

NEW QUESTION 37
Lab Sim – Configure the Firewall
Task: Configure the firewall (fill out the table) to allow these four rules:
– Only allow the Accounting computer to have HTTPS access to the
Administrative server.
– Only allow the HR computer to be able to communicate with the Server
2 System over SCP.
– Allow the IT computer to have access to both the Administrative
Server 1 and Administrative Server 2

Use the following answer for this simulation task.
Below table has all the answers required for this question.

Explanation:
Firewall rules act like ACLs, and they are used to dictate what traffic can pass between the firewall and the internal network. Three possible actions can be taken based on the rule’s criteria:
Block the connection
Allow the connection
Allow the connection only if it is secured
TCP is responsible for providing a reliable, one-to-one, connection-oriented session.
TCP establishes a connection and ensures that the other end receives any packets sent.
Two hosts communicate packet results with each other. TCP also ensures that packets are decoded and sequenced properly. This connection is persistent during the session.
When the session ends, the connection is torn down.
UDP provides an unreliable connectionless communication method between hosts.
UDP is considered a best-effort protocol, but it’s considerably faster than TCP.
The sessions don’t establish a synchronized session like the kind used in TCP, and UDP doesn’t guarantee error-free communications.
The primary purpose of UDP is to send small packets of information.
The application is responsible for acknowledging the correct reception of the data.
Port 22 is used by both SSH and SCP with UDP.
Port 443 is used for secure web connections ?HTTPS and is a TCP port.
Thus to make sure only the Accounting computer has HTTPS access to the Administrative server you should use TCP port 443 and set the rule to allow communication between 10.4.255.10/24 (Accounting) and 10.4.255.101 (Administrative server1) Thus to make sure that only the HR computer has access to Server2 over SCP you need use of TCP port 22 and set the rule to allow communication between 10.4.255.10/23 (HR) and 10.4.255.2 (server2) Thus to make sure that the IT computer can access both the Administrative servers you need to use a port and accompanying port number and set the rule to allow communication between:
10.4.255.10.25 (IT computer) and 10.4.255.101 (Administrative server1)
10.4.255.10.25 (IT computer) and 10.4.255.102 (Administrative server2)

NEW QUESTION 38
A security administrator is investigating many recent incidents of credential theft for users accessing the company’s website, despite the hosting web server requiring HTTPS for access. The server’s logs show the website leverages the HTTP POST method for carrying user authentication details.
Which of the following is the MOST likely reason for compromise?

The HTTP POST method is not protected by HTTPS.

The web server is running a vulnerable SSL configuration.

The HTTP response is susceptible to sniffing.

The company doesn’t support DNSSEC.

NEW QUESTION 39
An incident response analyst in a corporate security operations center receives a phone call from an SOC analyst. The SOC analyst explains the help desk recently reimaged a workstation that was suspected of being infected with an unknown type of malware; however, even after reimaging, the host continued to generate SIEM alerts. Which of the following types of malware is MOST likely responsible for producing the SIEM alerts?

Ransomware

Logic bomb

Rootkit

Adware

NEW QUESTION 40
The data backup window has expanded into the morning hours and has begun to affect production users. The main bottleneck in the process is the time it takes to replicate the backups to separate severs at the offsite data center.
Which of the following uses of deduplication could be implemented to reduce the backup window?

Implement deduplication at the network level between the two locations

Implement deduplication on the storage array to reduce the amount of drive space needed

Implement deduplication on the server storage to reduce the data backed up

Implement deduplication on both the local and remote servers

NEW QUESTION 41
A user suspects someone has been accessing a home network without permission by spoofing the MAC address of an authorized system While attempting to determine if an unauthorized user is togged into the home network, the user reviews the wireless router, which shows the following table for systems that are currently on the home network.

Which of the following should be the NEXT step to determine if there is an unauthorized user on the network?

Apply MAC filtering and see if the router drops any of the systems.

Physically check each of the authorized systems to determine if they are togged onto the network.

Deny the “unknown” host because the hostname is not known and MAC filtering is not applied to this host.

Conduct a ping sweep of each of the authorized systems and see if an echo response is received.

NEW QUESTION 42
An attack has occurred against a company.
INSTRUCTIONS
You have been tasked to do the following:
Identify the type of attack that is occurring on the network by clicking on the attacker’s tablet and reviewing the output. (Answer Area 1) Identify which compensating controls should be implemented on the assets, in order to reduce the effectiveness of future attacks by dragging them to the correct server. (Answer area 2) All objects will be used, but not all placeholders may be filled. Objects may only be used once.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

NEW QUESTION 43
An organization plans to transition the intrusion detection and prevention techniques on a critical subnet to an anomaly-based system. Which of the following does the organization need to determine for this to be successful?

The baseline

The endpoint configurations

The adversary behavior profiles

The IPS signatures

Premium VCE Dumps

Premium VCE Dumps

Category Archives: SYO-501

GET Real CompTIA SYO-501 Exam Questions With 100% Refund Guarantee Nov 29, 2022 [Q24-Q43]