[Free] 2019(Oct) EnsurePass CompTIA SY0-501 Dumps with VCE and PDF 51-60

Get Full Version of the Exam
http://www.EnsurePass.com/SY0-501.html

Question No.51

An organization is using a tool to perform a source code review. Which of the following describes the case in which the tool incorrectly identifies the vulnerability?

  1. False negative

  2. True negative

  3. False positive

  4. True positive

Correct Answer: C

Question No.52

Multiple employees receive an email with a malicious attachment that begins to encrypt their hard drives and mapped shares on their devices when it is opened. The network and security teams perform the following actions:

image

Shut down all network shares.

image

image

Run an email search identifying all employees who received the malicious message. Reimage all devices belonging to users who opened the attachment.

Next, the teams want to re-enable the network shares. Which of the following BEST describes this phase of the incident response process?

  1. Eradication

  2. Containment

  3. Recovery

  4. Lessons learned

Correct Answer: C

Question No.53

As part of a new industry regulation, companies are required to utilize secure, standardized OS settings. A technical must ensure the OS settings are hardened. Which of the following is the BEST way to do this?

  1. Use a vulnerability scanner.

  2. Use a configuration compliance scanner.

  3. Use a passive, in-line scanner.

  4. Use a protocol analyzer.

Correct Answer: B

Question No.54

A security analyst is reviewing the following output from an IPS:

image

Given this output, which of the following can be concluded? (Select two.)

  1. The source IP of the attack is coming from 250.19.18.22.

  2. The source IP of the attack is coming from 250.19.18.71.

  3. The attacker sent a malformed IGAP packet, triggering the alert.

  4. The attacker sent a malformed TCP packet, triggering the alert.

  5. The TTL value is outside of the expected range, triggering the alert.

Correct Answer: BC

Question No.55

DRAG DROP

A security administrator is given the security and availability profiles for servers that are being deployed.

Match each RAID type with the correct configuration and MINIMUM number of drives.

Review the server profiles and match them with the appropriate RAID type based on integrity, availability, I/O, storage requirements.

Instructions:

All drive definitions can be dragged as many times as necessary. Not all placeholders may be filled in the RAID configuration boxes.

If parity is required, please select the appropriate number of parity checkboxes. Server profiles may be dragged only once.

Instructions:

If at any time you would like to bring back the initial state of the simul-ation, please select the Reset button. When you have completed the simul-ation, please select the Done button to submit. Once the simul-ation is submitted, please select the Next button to continue.

image

Correct Answer:

image

Question No.56

An organization has determined it can tolerate a maximum of three hours of downtime. Which of the following has been specified?

  1. RTO

  2. RPO

  3. MTBF

  4. MTTR

Correct Answer: A

Question No.57

A security consultant discovers that an organization is using the PCL protocol to print documents, utilizing the default driver and print settings. Which of the following is the MOST likely risk in this situation?

  1. An attacker can access and change the printer configuration.

  2. SNMP data leaving the printer will not be properly encrypted.

  3. An MITM attack can reveal sensitive information.

  4. An attacker can easily inject malicious code into the printer firmware.

  5. Attackers can use the PCL protocol to bypass the firewall of client computers.

Correct Answer: B

Which of the following attacks specifically impact data availability?

  1. DDoS

  2. Trojan

  3. MITM

  4. Rootkit

Correct Answer: A

Question No.58

A manager wants to distribute a report to several other managers within the company. Some of them reside in remote locations that are not connected to the domain but have a local server. Because there is sensitive data within the report and the size of the report is beyond the limit of the email attachment size, emailing the report is not an option. Which of the following protocols should be implemented to distribute the report securely? (Select three.)

  1. S/MIME

  2. SSH

  3. SNMPv3

  4. FTPS

  5. SRTP

  6. HTTPS

  7. LDAPS

Correct Answer: BDF

Question No.59

Which of the following is an important step to take BEFORE moving any installation packages from a test environment to production?

  1. Roll back changes in the test environment

  2. Verify the hashes of files

  3. Archive and compress the files

  4. Update the secure baseline

Correct Answer: B

Question No.60

An auditor wants to test the security posture of an organization by running a tool that will display the following:

image

Which of the following commands should be used?

  1. nbtstat

  2. nc

  3. arp

  4. ipconfig

Correct Answer: A

Get Full Version of the Exam
SY0-501 Dumps
SY0-501 VCE and PDF

Leave a Reply

Your email address will not be published. Required fields are marked *