[Q65-Q88] Use Real SYO-501 - 100% Cover Real Exam Questions [Sep-2021]

Use Real SYO-501 - 100% Cover Real Exam Questions [Sep-2021]

Dumps Brief Outline Of The SYO-501 Exam - Pass4suresVCE

NEW QUESTION 65
As part of a new industry regulation, companies are required to utilize secure, standardized OS settings. A technical must ensure the OS settings are hardened. Which of the following is the BEST way to do this?

A. Use a protocol analyzer.
B. Use a configuration compliance scanner.
C. Use a passive, in-line scanner.
D. Use a vulnerability scanner.

Answer: D

NEW QUESTION 66
Joe, an employee, wants to show his colleagues how much he knows about smartphones.
Joe demonstrates a free movie application that he installed from a third party on his corporate smartphone. Joe's colleagues were unable to find the application in the app stores. Which of the following allowed Joe to install the application? (Select two.)

A. Sideloading
B. Rooting/jailbreaking
C. Tethering
D. Near-field communication.
E. Ad-hoc connections

Answer: B,D

NEW QUESTION 67
A law office has been leasing dark fiber from a local telecommunications company to connect a remote office to company headquarters. The telecommunications company has decided to discontinue its dark fiber product and is offering an MPLS connection, which the law office feels is too expensive. Which of the following is the BEST solution for the law office?

A. VLAN
B. VPN concentrator
C. Remote access VPN
D. Site-to-site VPN

Answer: D

NEW QUESTION 68
A technician has installed new vulnerability scanner software on a server that is joined to the company domain.
The vulnerability scanner is able to provide visibility over the patch posture of all company's clients.
Which of the following is being used?

A. Passive scan
B. Credentialed scan
C. Bypassing security controls
D. Gray box vulnerability testing

Answer: B

NEW QUESTION 69
A security administrator wants to implement strong security on the company smart phones and terminal servers located in the data center.
Drag and drop the applicable controls to each asset types?
Instructions: Controls can be used multiple times and not all placeholders need to be filled. When you have completed the simulation, please select the Done button to submit.

Answer:

Explanation:

Explanation

NEW QUESTION 70
A security analyst is testing both Windows and Linux systems for unauthorized DNS zone transfers within a LAN on comptia.org from example.org. Which of the following commands should the security analyst use?
(Select two.)

A. Option F
B. Option A
C. Option D
D. Option C
E. Option B
F. Option E

Answer: B,D

NEW QUESTION 71
A security administrator is creating a risk assessment on BYOD. One of the requirements of the risk assessment is to address the following
*Centrally managing mobile devices
*Data loss prevention
Which of the following recommendations should the administrator include in the assessment? (Select TWO).

A. implement encryption.
B. implement hashing.
C. implement a VPN with secure connection in webmail.
D. implement an MDM with mobile device hardening.
E. implement and allow cloud storage features on the network.

Answer: D,E

NEW QUESTION 72
A systems administrator needs to configure an SSL remote access VPN according to the following organizational guidelines
* The VPN must support encryption of header and payload.
* The VPN must route all traffic through the company's gateway.
Which of the following should be configured on the VPN concentrator?

A. Transport mode
B. IPSec
C. Tunnel mode
D. Full tunnel

Answer: D

NEW QUESTION 73
A penetration tester is checking to see if an internal system is vulnerable to an attack using a remote listener.
Which of the following commands should the penetration tester use to verify if this vulnerability exists? (Choose two.)

A. nmap
B. tcpdump
C. nc
D. tracert
E. tail
F. nslookup

Answer: A,C

NEW QUESTION 74
A security administrator suspects that data on a server has been exhilarated as a result of un- authorized remote access.
Which of the following would assist the administrator in con-firming the suspicions? (Select TWO)

A. Networking access control
B. File integrity monitoring
C. Host firewall rules
D. DLP alerts
E. Log analysis

Answer: D,E

NEW QUESTION 75
An analyst is reviewing a simple program for potential security vulnerabilities before being deployed to a Windows server. Given the following code:

Which of the following vulnerabilities is present?

A. Backdoor
B. Integer overflow
C. Buffer overflow
D. Bad memory pointer

Answer: C

NEW QUESTION 76
An organization's IRP prioritizes containment over eradication. An incident has been discovered where an attacker outside of the organization has installed cryptocurrency mining software on the organization's web servers. Given the organization's stated priorities, which of the following would be the NEXT step?

A. Remove the affected servers from the network.
B. Identify and apply any missing operating system and software patches.
C. Review firewall and IDS logs to identify possible source IPs.
D. Delete the malicious software and determine if the servers must be reimaged.

Answer: A

Explanation:
Now, since the organization top priority is more of containment over eradication, an outbreak code that is hostile as a can be suppressed effectively by removing the web server completely from the overall network facilities or infrastructure. Also, if the affected servers are not removed, it might affect the integrity, confidentiality of sensitive materials or documents which will be exposed to the outside world by the attacker.
Read more on Brainly.com - https://brainly.com/question/16835492#readmore

NEW QUESTION 77
Which of the following specifically describes the exploitation of an interactive process to access otherwise restricted areas of the OS?

A. Process affinity
B. Buffer overflow
C. Privilege escalation
D. Pivoting

Answer: B

NEW QUESTION 78
As part of a new industry regulation, companies are required to utilize secure, standardized OS settings.
A technical must ensure the OS settings are hardened. Which of the following is the BEST way to do this?

A. Use a protocol analyzer.
B. Use a configuration compliance scanner.
C. Use a vulnerability scanner.
D. Use a passive, in-line scanner.

Answer: B

NEW QUESTION 79
While troubleshooting a client application connecting to the network, the security administrator notices the following error: Certificate is not valid.
Which of the following is the BEST way to check if the digital certificate is valid?

A. CRL
B. PKI
C. IPSec
D. CSR

Answer: A

NEW QUESTION 80
A technician, who is managing a secure B2B connection, noticed the connection broke last night. All networking equipment and media are functioning as expected, which leads the technician to technician use to validate this assumption? (Choose two.)

A. CRL
B. OCSP
C. PFX
D. CER
E. SCEP
F. PEM

Answer: A,B

NEW QUESTION 81
An instructor is teaching a hands-on wireless security class and needs to configure a test access point to show students an attack on a weak protocol. Which of the following configurations should the instructor implement?

A. EAP
B. WPA2
C. WEP
D. WPA

Answer: C

NEW QUESTION 82
In a lessons learned report, it is suspected that a well-organized, well-funded, and extremely sophisticated group of attackers may have been responsible for a breach at a nuclear facility.
Which of the following describes the type of actors that may have been implicated?

A. Nation state
B. Hacktivist
C. Insider
D. Competitor

Answer: A

NEW QUESTION 83
A security administrator receives alerts from the perimeter UTM. Upon checking the logs, the administrator finds the following output:
Time: 12/25 0300
From Zone: Untrust
To Zone: DMZ
Attacker: externalip.com
Victim: 172.16.0.20
To Port: 80
Action: Alert
Severity: Critical
When examining the PCAP associated with the event, the security administrator finds the following information:
<script> alert ("Click
here for important information regarding your account! http://externalip.com/account.php
"); </script>
Which of the following actions should the security administrator take?

A. Upload the PCAP to the IDS in order to generate a blocking signature to block the traffic.
B. Submit a change request to modify the XSS vulnerability signature to TCP reset on future attempts.
C. Manually copy the <script> data from the PCAP file and generate a blocking signature in the HIDS to block the traffic for future events.
D. Implement a host-based firewall rule to block future events of this type from occurring.

Answer: C

NEW QUESTION 84
An organization's Chief Executive Officer (CEO) directs a newly hired computer technician to install an OS on the CEO's: personal laptop. The technician performs the installation, and a software audit later in the month indicates a violallon of the EULA occurred as a result. Which of the following would address this violation going forward?

A. Separation of duties
B. Security conguration baselinn
C. NDA
D. AUP

Answer: D

NEW QUESTION 85
A security administrator has been asked to implement a VPN that will support remote access over IPSEC. Which of the following is an encryption algorithm that would meet this requirement?

A. PKI
B. AES
C. MD5
D. UDP

Answer: B

NEW QUESTION 86
A systems administrator is increasing the security settings on a virtual host to ensure users on one VM cannot access information from another VM. Which of the following is the administrator protecting against?

A. VM sprawl
B. VM sandboxing
C. VM migration
D. VM escape

Answer: D

Explanation:
Explanation/Reference:

NEW QUESTION 87
You have just received some room and WiFi access control recommendations from a security consulting company. Click on each building to bring up available security controls. Please implement the following requirements:
The Chief Executive Officer's (CEO) office had multiple redundant security measures installed on the door to the office. Remove unnecessary redundancies to deploy three-factor authentication, while retaining the expensive iris render.
The Public Cafe has wireless available to customers. You need to secure the WAP with WPA and place a passphrase on the customer receipts.
In the Data Center you need to include authentication from the "something you know" category and take advantage of the existing smartcard reader on the door.
In the Help Desk Office, you need to require single factor authentication through the use of physical tokens given to guests by the receptionist.
The PII Office has redundant security measures in place. You need to eliminate the redundancy while maintaining three-factor authentication and retaining the more expensive controls.

Instructions: The original security controls for each office can be reset at any time by selecting the Reset button. Once you have met the above requirements for each office, select the Save button. When you have completed the entire simulation, please select the Done button to submit. Once the simulation is submitted, please select the Next button to continue.