[2018-March-New]SY0-501 Exam Questions PDF Free Download from Braindump2go[227-237]

2018 March Latest CompTIA SY0-501 Exam Dumps with PDF and VCE Free Updated Today! Following are some new SY0-501 Real Exam Questions:

1.|2018 Latest SY0-501 Exam Dumps (PDF & VCE) 250Q&As Download:
https://www.braindump2go.com/sy0-501.html

2.|2018 Latest SY0-501 Exam Questions & Answers Download:
https://drive.google.com/drive/folders/1QYBwvoau8PlTQ3bugQuy0pES-zrLrRB1?usp=sharing

QUESTION 227
An audit takes place after company-wide restricting, in which several employees changed roles. The following deficiencies are found during the audit regarding access to confidential data:

Which of the following would be the BEST method to prevent similar audit findings in the future?

A. Implement separation of duties for the payroll department.
B. Implement a DLP solution on the payroll and human resources servers.
C. Implement rule-based access controls on the human resources server.
D. Implement regular permission auditing and reviews.

Answer: A

QUESTION 228
A security engineer is configuring a wireless network that must support mutual authentication of the wireless client and the authentication server before users provide credentials. The wireless network must also support authentication with usernames and passwords. Which of the following authentication protocols MUST the security engineer select?

A. EAP-FAST
B. EAP-TLS
C. PEAP
D. EAP

Answer: C

QUESTION 229
A system’s administrator has finished configuring firewall ACL to allow access to a new web answer.
PERMIT TCP from: ANY to: 192.168.1.10:80
PERMIT TCP from: ANY to: 192.168.1.10:443
DENY TCP from: ANY to: ANY
The security administrator confirms form the following packet capture that there is network traffic from the internet to the web server:
TCP 10.23.243.2:2000->192.168.1.10:80 POST/default’s
TCP 172.16.4.100:1934->192.168.1.10:80 GET/session.aspx?user_1_sessionid= a12ad8741d8f7e7ac723847aa8231a
The company’s internal auditor issues a security finding and requests that immediate action be taken. With which of the following is the auditor MOST concerned?

A. Misconfigured firewall
B. Clear text credentials
C. Implicit deny
D. Default configuration

Answer: B

QUESTION 230
Which of the following vulnerability types would the type of hacker known as a script kiddie be MOST dangerous against?

A. Passwords written on the bottom of a keyboard
B. Unpatched exploitable Internet-facing services
C. Unencrypted backup tapes
D. Misplaced hardware token

Answer: B

QUESTION 231
A company hired a third-party firm to conduct as assessment of vulnerabilities exposed to the Internet. The firm informs the company that an exploit exists for an FTP server that has a version installed from eight years ago. The company has decided to keep the system online anyway, as no upgrade exists from the vendor. Which of the following BEST describes the reason why the vulnerability exists?

A. Default configuration
B. End-of-life
C. Weak cipher suite
D. Zero-day threats

Answer: B

QUESTION 232
An in-house penetration tester is using a packet capture device to listen in on network communications.
This is an example of:

A. Passive reconnaissance
B. Persistence
C. Escalation of privileges
D. Exploiting the switch

Answer: D

QUESTION 233
A black hat hacker is enumerating a network and wants to remain convert during the process. The hacker initiates a vulnerability scan. Given the task at hand the requirement of being convert, which of the following statements BEST indicates that the vulnerability scan meets these requirements?

A. The vulnerability scanner is performing an authenticated scan.
B. The vulnerability scanner is performing local file integrity checks.
C. The vulnerability scanner is performing in network sniffer mode.
D. The vulnerability scanner is performing banner grabbing.

Answer: C

QUESTION 234
A development team has adopted a new approach to projects in which feedback is iterative and multiple iterations of deployments are provided within an application’s full life cycle. Which of the following software development methodologies is the development team using?

A. Waterfall
B. Agile
C. Rapid
D. Extreme

Answer: B

QUESTION 235
A Chief Executive Officer (CEO) suspects someone in the lab testing environment is stealing confidential information after working hours when no one else is around. Which of the following actions can help to prevent this specific threat?

A. Implement time-of-day restrictions.
B. Audit file access times.
C. Secretly install a hidden surveillance camera.
D. Require swipe-card access to enter the lab.

Answer: A

QUESTION 236
A company hires a third-party firm to conduct an assessment of vulnerabilities exposed to the Internet. The firm informs the company that an exploit exists for an FTP server that had a version installed from eight years ago. The company has decided to keep the system online anyway, as no upgrade exists form the vendor. Which of the following BEST describes the reason why the vulnerability exists?

A. Default configuration
B. End-of-life system
C. Weak cipher suite
D. Zero-day threats

Answer: B

QUESTION 237
An organization uses SSO authentication for employee access to network resources. When an employee resigns, as per the organization’s security policy, the employee’s access to all network resources is terminated immediately. Two weeks later, the former employee sends an email to the help desk for a password reset to access payroll information from the human resources server. Which of the following represents the BEST course of action?

A. Approve the former employee’s request, as a password reset would give the former employee access to only the human resources server.
B. Deny the former employee’s request, since the password reset request came from an external email address.
C. Deny the former employee’s request, as a password reset would give the employee access to all network resources.
D. Approve the former employee’s request, as there would not be a security issue with the former employee gaining access to network.

Answer: C


!!!RECOMMEND!!!
1.|2018 Latest SY0-501 Exam Dumps (PDF & VCE) 250Q&As Download:
https://www.braindump2go.com/sy0-501.html

2.|2018 Latest SY0-501 Study Guide Video:
https://youtu.be/d7_Sx-zuFKI