CompTIA SY0-501 Practice Exam Questions

You cannot waste time while preparing the CompTIA Security Certification exam and Dumps4it saves your time by offering CompTIA SY0-501 exam dumps. You can prepare the exam topics from any place with PDF questions. CompTIA SY0-501 exam dumps of Dumps4it provide the real exam environment.

Try it Latest Dumps4it SY0-501 Braindumps. Get Full File: (745 As Dumps)

Download the Dumps4it SY0-501 Dumps from Google Drive: (FREE VERSION!!!)

Question No. 1

A manager wants to distribute a report to several other managers within the company. Some of them reside in remote locations that are not connected to the domain but have a local server. Because there is sensitive data within the report and the size of the report is beyond the limit of the email attachment size, emailing the report is not an option. Which of the following protocols should be implemented to distribute the report securely? (Select three.)

Answer: B, D, F

Question No. 2

A senior incident response manager receives a call about some external IPs communicating with internal computers during off hours. Which of the following types of malware is MOST likely causing this issue?

Answer: A

Question No. 3

A bank is experiencing a DoS attack against an application designed to handle 500 IP-based sessions. in addition, the perimeter router can only handle 1Gbps of traffic.

Which of the following should be implemented to prevent a DoS attacks in the future?

Answer: D

Question No. 4

A new Chief Information Officer (CIO) has been reviewing the badging and decides to write a policy that all employees must have their badges rekeyed at least annually. Which of the following controls BEST describes this policy?

Answer: D

Question No. 5

As part of a new industry regulation, companies are required to utilize secure, standardized OS settings. A technical must ensure the OS settings are hardened. Which of the following is the BEST way to do this?

Answer: B

Question No. 6

Anne, the Chief Executive Officer (CEO), has reported that she is getting multiple telephone calls from someone claiming to be from the helpdesk. The caller is asking to verify her network authentication credentials because her computer is broadcasting across the network. This is MOST likely which of the following types of attacks?

Answer: A

Question No. 7

While reviewing the security controls in place for a web-based application, a security controls assessor notices that there are no password strength requirements in place. Because of this vulnerability, passwords might be easily discovered using a brute force attack. Which of the following password requirements will MOST effectively improve the security posture of the application against these attacks? (Select two)

Answer: A, D

Question No. 8

A security analyst is reviewing patches on servers. One of the servers is reporting the following error message in the WSUS management console:

The computer has not reported status in 30 days.

Given this scenario, which of the following statements BEST represents the issue with the output above?

Answer: D

Question No. 9

A security analyst is mitigating a pass-the-hash vulnerability on a Windows infrastructure. Given the requirement, which of the following should the security analyst do to MINIMIZE the risk?

Answer: B

Question No. 10

Multiple employees receive an email with a malicious attachment that begins to encrypt their hard drives and mapped shares on their devices when it is opened. The network and security teams perform the following actions:

*Shut down all network shares.

*Run an email search identifying all employees who received the malicious message.

*Reimage all devices belonging to users who opened the attachment.

Next, the teams want to re-enable the network shares. Which of the following BEST describes this phase of the incident response process?

Answer: C

SY0-501 Dumps Google Drive: (Limited Version!!!)