CompTIA SY0-501 Dumps Questions Answers

CompTIA SY0-501 Dumps

Dumps4download providing 100% reliable Exam dumps that are verified by experts panel. Our Dumps4download SY0-501 study material are totally unique and exam questions are valid all over the world. By using our SY0-501 dumps we assure you that you will pass your exam on first attempt. You can easily score more than 97%.

100% exam passing Guarantee on your purchased exams.

100% money back guarantee if you will not clear your exam.

CompTIA SY0-501 Practice Test Helps You Turn Dreams To Reality!

IT Professionals from every sector are looking up certifications to boost their careers. CompTIA being the leader certification provider earns the most demand in the industry.

The CompTIA Certification is your short-cut to an ever-growing success. In the process, Dumps4download is your strongest coordinator, providing you with the best SY0-501 Dumps PDF as well as Online Test Engine. Let’s steer your career to a more stable future with interactive and effective SY0-501 Practice Exam Dumps.

Many of our customers are already excelling in their careers after achieving their goals with our help. You can too be a part of that specialized bunch with a little push in the right direction. Let us help you tread the heights of success.

Apply for the SY0-501 Exam right away so you can get certified by using our CompTIA Dumps.

Bulk Exams Package

Dumps4download Leads You To A 100% Success in First Attempt!

Our SY0-501 Dumps PDF is intended to meet the requirements of the most suitable method for exam preparation. We especially hired a team of experts to make sure you get the latest and compliant SY0-501 Practice Test Questions Answers. These questions are been selected according to the most relevance as well as the highest possibility of appearing in the exam. So, you can be sure of your success in the first attempt.

Interactive & Effective SY0-501 Dumps PDF + Online Test Engine

Aside from our CompTIA SY0-501 Dumps PDF, we invest in your best practice through Online Test Engine. They are designed to reflect the actual exam format covering each topic of your exam. Also, with our interactive interface focusing on the exam preparation is easier than ever. With an easy-to-understand, interactive and effective study material assisting you there is nothing that could go wrong. We are 100% sure that our SY0-501 Questions Answers Practice Exam is the best choice you can make to pass the exam with top score.

How Dumps4download Creates Better Opportunities for You!

Dumps4download knows how hard it is for you to beat this tough CompTIA Exam terms and concepts. That is why to ease your preparation we offer the best possible training tactics we know best. Online Test Engine provides you an exam-like environment and PDF helps you take your study guide wherever you are. Best of all, you can download SY0-501 Dumps PDF easily or better print it. For the purpose of getting concepts across as easily as possible, we have used simple language. Adding explanations at the end of the SY0-501 Questions and Answers Practice Test we ensure nothing slips your grasp.

The exam stimulation is 100 times better than any other test material you would encounter. Besides, if you are troubled with anything concerning CompTIA Security+ Exam 2021 Exam or the SY0-501 Dumps PDF, our 24/7 active team is quick to respond. So, leave us a message and your problem will be solved in a few minutes.

Get an Absolutely Free Demo Today!

Dumps4download offers an absolutely free demo version to test the product with sample features before actually buying it. This shows our concern for your best experience. Once you are thoroughly satisfied with the demo you can get the CompTIA Security+ Exam 2021 Practice Test Questions instantly.

24/7 Online Support – Anytime, Anywhere

Have a question? You can contact us anytime, anywhere. Our 24/7 Online Support makes sure you have absolutely no problem accessing or using CompTIA Security+ Exam 2021 Practice Exam Dumps. What’s more, Dumps4download is mobile compatible so you can access the site without having to log in to your Laptop or PC.

Features to use Dumps4download SY0-501 Dumps:

• Thousands of satisfied customers.
• Good grades are 100% guaranteed.
• 100% verified by Experts panel.
• Up to date exam data.
• Dumps4download data is 100% trustworthy.
• Passing ratio more than 99%
• 100% money back guarantee.

CompTIA SY0-501 Frequently Asked Questions

CompTIA SY0-501 Sample Questions

Question # 1

A systems administrator recently issued a public/private key pair that will be used tor the company's DNSSEC implementation Which of the following configurations should the systems administrator implement NEXT? 

A. Create DNSKEY resources with the public key.
B. instant private key using the RRSIG record
C. Point the OS record to the company authoritative servers
D. Add TCP port 443 to the DNS listener

Show Answer

---

Question # 2

Joe a new employee, discovered a thumb drive with the company's logo on it while walking in the parking lot Joe was curious as to the contents of the drive and placed it into his work computer. Shortly after accessing the contents, he noticed the machine was running slower, started to reboot, and displayed new icons on the screen Which of the following types of attacks occurred? 

A. Social engineering
B. Brute force attack
C. MITM
D. DoS

Show Answer

---

Question # 3

A company has users and porters in multiple geographic locations and the printers are locked in common areas of the offices. To preserve the confidentially of PII, a security administrator needs to implement the appropriate controls Which of the following would BEST meet the confidentiality requirements of the data?

A. Enforcing location-based policy restrictions
B. Adding location to the standard naming convention
C. implementing time-of-day restrictions based on location
D. Conducting regular account maintenance at each location

Show Answer

---

Question # 4

An organization is updating its access control standards for SSL VPN login to include multifactor authentication The security administrator assigned to this project has been given the following guidelines to use when selecting a solution• High security• Lowest false acceptance rate• Quick provisioning time for remote users and offshore consultantsWhich of the following solutions will BEST fit this organization's requirements?

A. AES-256 key fobs
B. Software tokens
C. Fingerprint scanners
D. Iris scanners

Show Answer

---

Question # 5

A security analyst is investigating a security breach involving the loss of sensitive data. A user passed the information through social media as vacation photos. Which of the following methods was used to encode the data?

A. Obfuscation 
B. Steganography 
C. Hashing 
D. Elliptic curve

Show Answer

---

Question # 6

Which of the following Is a resiliency strategy that allows a system to automatically adapt to workload changes?

A. Fault tolerance
B. Redundancy
C. Elasticity
D. High availability

Show Answer

---

Question # 7

Which of the following is the main difference between symmetric end asymmetric cryptographic algorithms?

A. The use of PKI in symmetric algorithms
B. HSM-based key generation
C. Only one Key used in symmetric algorithms
D. Random vs pseudo-random key generation

Show Answer

---

Question # 8

As a security measure, an organization has disabled all external media from accessing the network Since some users may have data that needs to be transferred to the network, which of the would BEST assist a security administrator with transferring the data while keeping the internal network secure?

A. Upload the media in the DMZ
B. Upload the data in a separate VLAN
C. Contact the data custodian
D. Use a standalone scanning system

Show Answer

---

Question # 9

Which of the following BEST describes why an air gap is a useful security control?

A. It physically isolates two or more networks, therefore helping prevent cross contamination or accidental data spillage.
B. It requires that files be transferred via USB instead of networks that are potentially vulnerable to hacking, therefore preventing virus infections. 
C. It requires multiple systems administrators with different credentials, therefore providing separation of duties. 
D. It provides physical space between two interlocking doors, therefore providing additional control from unauthorized entry. 

Show Answer

---

Question # 10

A developer is creating a new web application on a public cloud platform and wants to ensure the application can respond to increase in load while minimizing costs during periods of low usage. Which of the following strategies is MOST relevant to the use-case?

A. Elasticity
B. Redundancy
C. High availability
D. Non-persistence

Show Answer

---

Question # 11

A security administrator begins assessing a network with software that checks for available exploits against a known database using both credentials and external scripts A report will be compiled and used to confirm patching levels This is an example of

A. penetration testing
B. fuzzing
C. static code analysis
D. vulnerability scanning

Show Answer

---

Question # 12

The phones at a business are being replaced with VoIP phones that get plugged in-line between the switch and PC The voice and data networks still need to be kept separate. Which of the following would allow for this?

A. NAT
B. Intranet
C. Subnetting
D. VLAN

Show Answer

---

Question # 13

A network administrator was recently terminated. A few weeks later, the new administrator noticed unauthorized changes to several devices that are causing denial of services. Additionally, the administrator noticed an unusual connection from an external IP address to an internal server. Which of the following is the MOST likely cause of the problem?

A. Spyware
B. Virus
C. Ransomware
D. Backdoor 

Show Answer

---

Question # 14

Which of the following should be implemented to stop an attacker from interacting with the hypervisor through another guest?

A. Containers
B. VM escape protection
C. Security broker
D. Virtual Desktop

Show Answer

---

Question # 15

A security analyst needs a solution that can execute potential malware in a restricted and isolated environment for analysis. In which of the following technologies is the analyst interested?

A. Sandboxing
B. Staging
C. DMZ
D. Honeypot

Show Answer

---

Question # 16

A malicious actor compromises a legitimate website, configuring it to deliver malware to visitors of the website. Which of the following attacks does this describe?

A. Whaling
B. Watering hole
C. Impersonation
D. Spoofing

Show Answer

---

Question # 17

The director of information security at a company has recently directed the security engineering team to implement new security technologies aimed at reducing the impact of insider threats. Which of the following tools has the team MOST likely deployed? (Select TWO).

A. DLF
B. UTM
C. SFTP
D. SSH
E. SSL

Show Answer

---

Question # 18

When conducting a penetration test, a pivot is used to describe a scenario in which

A. the penetration tester uses pass-the-hash to gam access to a server via SMB, and then uses this server to SSH to another server 
B. a penetration tester is able to download the Active Directory database after exploiting an unpatched vulnerability on the domain controller 
C. the vulnerability scanner reveals a flaw in SMB signing, which can be used to send a netcat recon tool to one of the servers on the network.
D. the penetration tester is able to access the datacenter or network closet by using a lockpick 

Show Answer

---

Question # 19

A company recently experienced a security breach. The security start determined that the intrusion was due to an out-of-date proprietary software program running on a noncompliant server The server was imaged and copied onto a hardened VM. with the previous connections re-established. Which of the Mowing Is the NEXT step in the incident response process?

A. Recovery
B. Eradication
C. Lessons learned
D. Containment
E. Identification

Show Answer

---

Question # 20

A penetration tester was able to connect to a company's internal network and perform scans and staged attacks for the duration of the testing period without being noticed. The SIEM did not alert the security team to the presence of the penetration tester's devices on the network Which of the following would provide the security team with notification in a timely manner?

A. Implement rogue system detection and sensors.
B. Create a trigger on the IPS and alert the security team when unsuccessful logins occur.
C. Decrease the correlation threshold for alerts on the SIEM.
D. Run a credentialed vulnerability scan

Show Answer

---

Question # 21

A systems administrator wants to enforce me use of HTTPS on a new website. Which of the following should the systems administrator do NEXT after generating the CSR?

A. Install the certificate on the server
B. Provide the public key to the CA
C. Password protect the public key
D. Ensure the new key is not on the CRL

Show Answer

---

Question # 22

A user attempts to send an email to an external domain and quickly receives a bounceback message. The user then contacts the help desk stating the message is important and needs to be delivered immediately. While digging through the email logs, a systems administrator finds the email and bounce-back details:Your email has been rejected because It appears to contain SSN Information. Sending SSN information via email external recipients violates company policy.Which of the following technologies successfully stopped the email from being sent?

A. DLP
B. UTM
C. WAF
D. DEP

Show Answer

---

Question # 23

Which of the following is MOST likely the security impact of continuing to operate end-oflife systems?

A. Higher total cost of ownership due to support costs
B. Denial of service due to patch availability
C. Lack of vendor support for decommissioning
D. Support for legacy protocols

Show Answer

---

Question # 24

An organization uses multifactor authentication to restrict local network access. It requires a PIV and a PIN. Which of the following factors is the organization using?

A. Something you have; something you are
B. Something you know, something you do
C. Something you do, something you are
D. Something you have, something you know

Show Answer

---

Question # 25

An organization uses simulated phishing attacks on its users to better prepare them to recognize actual phishing attacks and get them accustomed to reporting the attacks to the security team. This is an example of: 

A. baselining 
B. user training
C. stress testing
D. continuous monitoring

Show Answer

---

Question # 26

An attacker has gained control of several systems on the Internet and is using them to attach a website, causing it to stop responding to legitimate traffic Which of the following BEST describes the attack?

A. MITM
B. DNS poisoning
C. Buffer overflow
D. DDoS

Show Answer

---

Question # 27

A newly hired Chief Security Officer (CSO) is reviewing the company's IRP and notices the procedures for zero-day malware attacks are being poorly executed, resulting m the CSIRT failing to address and coordinate malware removal from the system. Which of the following phases would BEST address these shortcomings?

A. Identification
B. Lessons learned
C. Recovery
D. Preparation
E. Eradication

Show Answer

---

Question # 28

During certain vulnerability scanning scenarios, It is possible for the target system to react in unexpected ways. This type of scenario is MOST commonly known as:

A. intrusive testing.
B. a butter overflow.
C. a race condition
D. active reconnaissance.

Show Answer

---

Question # 29

Which of the following types of vulnerability scans typically returns more detailed and thorough insights into actual system vulnerabilities?

A. Non-credentialed
B. Intrusive
C. Credentialed
D. Non-Intrusive

Show Answer

---

Question # 30

During a penetration test, Joe, an analyst, contacts the target's service desk Impersonating a user, he attempts to obtain assistance with resetting an email password. Joe claims this needs to be done as soon as possible, as he is the vice president of sales and does not want to contact the Chief Operations Officer (COO) for approval, since the COO is on vacation. When challenged. Joe reaffirms that he needs this done immediately, and threatens to contact the service desk supervisor over the issue. Which of the following social engineering principles is Joe employing in this scenario'? (Select TWO)

A. Intimidation
B. Consensus
C. Familiarity
D. Scarcity
E. Authority

Show Answer

---

Question # 31

Exercising various programming responses for the purpose of gaming insight into a system's security posture without exploiting the system is BEST described as.

A. passive security control testing.
B. control gap analysis
C. peer-conducted code review.
D. non-intrusive scanning

Show Answer

---

Question # 32

Which of the following is the BEST example of a reputation impact identified during a risk assessment?

A. A bad software patch taking down the production systems.
B. A misconfigured firewall exposing intellectual properly to the internet.
C. An attacker defacing the e-commerce portal.
D. Malware collecting credentials for company bank accounts.

Show Answer

---

Question # 33

A security administration a hardening a VPN connection. Recently, company pre-shared keys were hijacked during an MITM attack and reused to breach the VPN connection. Which of the following should the security administrator do to BEST address this issue?

A. Implement PIG
B. Implement IPSec
C. Implement TLS
D. Implement PFS

Show Answer

---

Question # 34

A security team has completed the installation of a new server. The OS and applications have been patched and tested, and the server is ready to be deployed. Which of the following actions should be taken before deploying the new server? 

A. Disable the default accounts.
B. Run a penetration test on the network.
C. Create a DMZ In which to place the server.
D. validate the integrity of the patches.

Show Answer

---

Question # 35

Which of the following controls does a mantrap BEST represent?

A. Deterrent
B. Detective
C. Physical
D. Corrective 

Show Answer

---

Question # 36

A technician is implementing 802 1X with dynamic VLAN assignment based on a user Active Directory group membership Which of the following configurations supports the VLAN definitions?

A. RADIUS attribute 
B. SAML tag
C. LDAP path 
D. Shibboleth IdP 

Show Answer

---

Question # 37

Proprietary information was sent by an employee to a distribution list that included external email addresses. Which of the following BEST describes the incident that occurred and the threat actor in this scenario?

A. Social engineering by a hacktivist
B. MITM attack by a script kiddle
C. Unintentional disclosure by an insider
D. Corporate espionage by a competitor

Show Answer

---

Question # 38

A security analyst has recently deployed an MDM solution that requires biometric authentication for company-issued smartphones As the solution was implemented the help desk has seen a dramatic increase in calls by employees frustrated that company-issued phones take several attempts to unlock using the fingerprint scanner Which of the following should be reviewed to mitigate this problem?

A. Crossover error rate
B. False acceptance rate
C. False rejection rate
D. True rejection rate 

Show Answer

---

Question # 39

A software development company needs to augment staff by hiring consultants for a highstakes project The project has the following requirements:• Consultants will have access to flighty confidential, proprietary data.• Consultants will not be provided with company-owned assets.• Work needs to start Immediately.• Consultants will be provided with Internal email addresses for communications.Which of the following solutions is the BEST method lor controlling data exfiltration during this project? 

A. Require that all consultant activity be restricted to a secure VDI environment. 
B. Require the consultants to sign an agreement stating they will only use the companyprovided email address for communications during the project. 
C. Require updated antivirus. USB blocking, and a host-based firewall on all consultant devices. 
D. Require the consultants to conned to the company VPN when accessing confidential resources. 

Show Answer

---

Question # 40

A company is implementing a remote access portal so employees can work remotely from home. The company wants to implement a solution that would securely integrate with a third party. Which of the following is the BEST solution?

A. SAML
B. RADIUS 
C. Secure token
D. TACACS+

Show Answer

---

Question # 41

An organization prefers to apply account permissions to groups and not individual users, but allows for exceptions that are justified. Some systems require a machine-to-machine data exchange and an associated account to perform this data exchange. One particular system has data in a folder that must be modified by another system. No user requires access to this folder; only the other system needs access to this folder. Which of the following is the BEST account management practice?

A. Create a service account and apply the necessary permissions directly to the service account itself  
B. Create a service account group, place the service account in the group, and apply the permissions on the group 
C. Create a guest account and restrict the permissions to only the folder with the data. 
D. Create a generic account that will only be used for accessing the folder, but disable the account until it is needed for the data exchange 
E. Create a shared account that administrators can use to exchange the data but audit the shared account activity. 

Show Answer

---

Question # 42

A penetration tester is testing passively for vulnerabilities on a company's network. Which of the following tools should the penetration tester use? (Select TWO).

A. Zenmap
B. Wireshark
C. Nmap
D. tcpdump
E. Nikto
F. Snort

Show Answer

---

Question # 43

Buffer overflow can be avoided using proper.

A. memory leak prevention
B. memory reuse
C. input validation
D. implementation of ASLR

Show Answer

---

Question # 44

A company is looking for an all-in-one solution to provide identification authentication, authorization, and accounting services. Which of the following technologies should the company use?

A. Diameter
B. SAML
C. Kerberos
D. CHAP

Show Answer

---

Question # 45

Which of the following should a company require prior to performing a penetration test?

A. NDA
B. CVE score
C. Data classification
D. List of threats

Show Answer

---

Question # 46

Which of the following impacts MOST likely results from poor exception handling?

A. Widespread loss of confidential data
B. Network-wide resource exhaustion
C. Privilege escalation
D. Local disruption of services

Show Answer

---

Question # 47

A technician is installing a new SIEM and is configuring the system to count the number of times an event occurs at a specific logical location before the system takes action. Which of the following BEST describes the feature being configured by the technician? 

A. Correlation
B. Aggregation
C. Event deduplication
D. Flood guard 

Show Answer

---

Question # 48

An organization uses an antivirus scanner from Company A on its firewall, an email system antivirus scanner from Company B. and an endpoint antivirus scanner from Company C. This is an example of: 

A. unified threat management.
B. an OVAL system.
C. vendor diversity.
D. alternate processing sites.

Show Answer

---

Question # 49

The Chief information Officer (CIO) has decided to add two-factor authentication along with the use of passwords when logging on to the network. Which of the following should be implemented to BEST accomplish this requirement?

A Require users to enter a PIN
B Require users to set complex passwords
C. Require users to insert a smart card when logging on
D. Require the system to use a CAPTCHA

Show Answer

---

Question # 50

Which of the following security controls BEST mitigates social engineering attacks?

A. Separation of duties
B. Least privilege
C. User awareness training
D. Mandatory vacation

Show Answer

---

Question # 51

A technician wants to implement PKI-based authentication on an enterprise wireless network. Which of the following should configure to enforce the use for client-site certificates?

A. 802.1X with PEAP
B. WPA2-PSK
C. EAP-TLS
D. RADIUS Federation

Show Answer

---

Question # 52

When choosing a hashing algorithm for storing passwords in a web server database, which of the following is the BEST explanation for choosing HMAC-MD5 over simple MD5?

A. HMAC provides hardware acceleration thus speeding up authentication
B. HMAC adds a transport layer handshake which improves authentication
C. HMAC-MD5 can be decrypted taster speeding up performance
D. HMAC-M05 is more resistant to brute forcing

Show Answer

---

Question # 53

An organization has created a review process to determine how to best handle data with different sensitivity levels. The process includes the following requirements:• Soft copy Pll must be encrypted.• Hard copy Pll must be placed In a locked container.• Soft copy PHI must be encrypted and audited monthly. • Hard copy PHI must be placed in a locked container and inventoried monthly.Locked containers must be approved and designated for document storage. Any violations must be reported to the Chief Security Officer {CSO}.While searching for coffee in the kitchen, an employee unlocks a cabinet and discovers a list of customer names and phone numbers. Which of the following actions should the employee take?

A. Put the document back in the cabinet, lock the cabinet, and report the incident to the CSO. 
B. Take custody of the document, secure it at a desk, and report the incident to the CSO.
C. Take custody of the document and immediately report the incident to the CSO.
D. Put the document back in the cabinet, inventory the contents, lock the cabinet, and report the incident to the CSO.

Show Answer

---

Question # 54

An administrator is setting up automated remote file transfers to another organization. The other organization has the following requirements for the connection protocol.• Encryption in transit is required• Mutual authentication must be used.• Certificate authentication must be used {no passwords).Which of the following should the administrator choose?

A. SNMPv3
B. SFTP
C. TLS
D. LDAPS
E. SRTP

Show Answer

---

Question # 55

An auditor is requiring an organization to perform real-time validation of SSL certificates Which of the following should the organization implement?

A. OCSP
B. CRL
C. CSR
D. KDC

Show Answer

---

Question # 56

A pass-the-hash attack is commonly used to:

A. modify DNS records to point to a different domains.
B. modify the IP address of the targeted computer.
C. execute java script to capture user credentials.
D. laterally move across the network. 

Show Answer

---

Question # 57

A security analyst is asked to check the configuration of the company's DNS service on the server. Which of the following command line tools should the analyst use to perform the Initial assessment?

A. nslookup/dlg
B. traced
C. ipconfig/ifconfig
D. tcpdump

Show Answer

---

Question # 58

An organization's Chief Information Officer (CIO) read an article that identified leading hacker trends and attacks, one of which is the alteration of URLs to IP addresses resulting in users being redirected to malicious websites. To reduce the chance of this happening in the organization, which of the following secire protocols should be implemented?

A. DNSSEC
B. IPSec
C. LDAPS
D. HTTPS

Show Answer

---

Question # 59

Which of the following are disadvantages of full backups? (Select THREE) 

A. They rely on other backups tor recovery
B. They require the most storage.
C. They demand the most bandwidth.
D. They have the slowest recovery time
E. They are impossible in virtual environments
F. They require on-site storage.
G. They are time-consuming to complete.

Show Answer

---

Question # 60

A security administrator has been conducting an account permissions review that has identified several users who belong to functional groups and groups responsible for auditing the functional groups' actions. Several recent outages have not been able to be traced to any user. Which of the following should the security administrator recommend to preserve future audit tag integrity?

A. Enforcing stricter onboarding workflow policies.
B. Applying least privilege to user group membership.
C. Following standard naming conventions for audit group users.
D. Restricting audit group membership to service accounts.

Show Answer

---

Question # 61

A network administrator is configuring a honeypot in a company's DMZ To provide a method for hackers to access the system easily, the company needs to configure a plaintext authentication method that will send only the username and password to a service in the honeypot. Which of the following protocols should the company use?

A. OAuth
B. PAP
C. RADIUS
D. Shibboleth

Show Answer

---

Question # 62

An analysis of a threat actor, which has been active for several years, reveals the threat actor has high levels of funding, motivation, and sophistication. Which of the following types of threat actors does this BEST describe?

A. Advanced persistent threat
B. Hacktivist
C. Organized crime
D. Insider

Show Answer

---

Question # 63

After a breach, a company has decided to implement a solution to better understand the technique used by the attackers. Which of the following is the BEST solution to be deployed?

A. Network analyzer
B. Protocol analyzer
C. Honeypot network
D. Configuration compliance scanner

Show Answer

---

Question # 64

A security analyst recommends implementing SSL for an existing web service. A technician installs the SSL certificate and successfully tests the connection on the server Soon after, the help desk begins receiving calls from users who are unable to log in After further investigation, it becomes clear that no users have successfully logged in since the certificate installation. Which of the following is MOST likely the issue? 

A. Incorrect firewall rules are blocking HTTPS traffic.
B. Users are still accessing the IP address and not the HTTPS address.
C. Workstations need an updated trusted sites list
D. Users are not using tokens to log on.

Show Answer

---

Question # 65

A technician is evaluating a security appliance solution. The company needs a system that continues to pass traffic if the system crashes. Which of the following appliance feature would BEST meet the company’s needs? 

A. Fall closed.
B. Fall Secure
C. Fall Safe
D. Fall open

Show Answer

---

Question # 66

An administrator is setting up automated remote file transfers to another organization. The other organization has the following requirements for the connection protocol:• Encryption in transit is required.• Mutual authentication must be used.• Certificate authentication must be used (no passwords).Which of the following should the administrator choose? 

A. SNMPv3
B. SFTP
C. TLS
D. LDAPS
E. SRTP

Show Answer

---

Question # 67

Which of the following implements a lossy algorithm?

A. Blowfish
B. ROT13
C. Diffie-Hellman
D. SHA

Show Answer

---

Question # 68

Penetration testing is distinct from vulnerability scanning primarily because penetration testing: 

A. leverages credentials scanning to obtain persistence.
B. involve multiple active exploitation technique
C. relies exclusively on passive exploitation attempts for pivoting
D. relies on misconfiguration of security controls.

Show Answer

---

Question # 69

Which of the following cloud models is used to share resources and information with business partners and like businesses without allowing everyone else access?

A. Public
B. Hybrid
C. Community
D. Private

Show Answer

---

Question # 70

While testing a new application, a developer discovers that the inclusion of an apostrophe in a username cause the application to crash. Which of the following secure coding techniques would be MOST useful to avoid this problem?

A. Input validation 
B. Code signing
C. Obfuscation
D. Encryption

Show Answer

---

Question # 71

Staff members of an organization received an email message from the Chief Executive Officer (CEO) asking them for an urgent meeting in the main conference room. When the staff assembled, they learned the message received was not actually from the CEO. Which of the following BEST represents what happened?

A. Spear phoshing attack
B. Whaling attack
C. Phishing attack
D. Vishing attack

Show Answer

---

Question # 72

An organization is setting up a satellite office and wishes to extend the corporate network to the new site. Which of the following is the BEST solution to allow the users to access corporate resources while focusing on usability and security?

A. Federated services
B. Single sign-on
C. Site-to-site VPN
D. SSL accelerators

Show Answer

---

Question # 73

Which of the following physical security controls is MOST effective when trying to prevent tailgating? 

A. CCTV
B. Mantrap
C. Biometrics
D. RFID badge
E. Motion detection

Show Answer

---

Question # 74

A technician is configuring an intrusion prevention system to improve its ability to find and stop threats In the past, the system did not detect and stop some threats Which of the following BEST describes what the technician is trying to correct with the new configuration?

A. False positives
B. False acceptance rate
C. False negatives
D. Error correction rate
E. False rejection rate

Show Answer

---

Question # 75

A technician wants to configure a wireless router at a small office that manages a familyowned dry cleaning business. The router will support five laptops, potential smartphones, a wireless printer, and occasional guests. Which of the following wireless configuration is BEST implemented in this scenario?

A. Single SSID with WPA2-Enterprise
B. 802.1X with guest VLAN
C. Dual SSID with WPA2-PSK
D. Captive portal with two-factor authentication

Show Answer

---

Question # 76

A restaurant wants to deploy tablets to all waitstaff but does not want to use passwords or manage users to connect the tablets to the network. Which of the following types of authentication would be BEST suited for this scenario?

A. Proximity cards
B. IEEE 802.1x
C. Hardware token
D. Fingerprint reader

Show Answer

---

Question # 77

An attacker has gathered information about a company employee by obtaining publicly available information from the Internet and social networks. Which of the following types of activity is the attacker performing?

A. Pivoting
B. Exfiltration of data
C. Social engineering
D. Passive reconnaissance

Show Answer

---

Question # 78

A company recently implemented a new security system. In the course of configuration, the security administrator adds the following entry:#Whitelist USB\VID_13FE&PID_4127&REV_0100Which of the following security technologies is MOST likely being configured? 

A. Application whitelisting
B. HIDS
C. Data execution prevention
D. Removable media control

Show Answer

---

Question # 79

The Chief Information Officer (CIO) has determined the company’s new PKI will not use OCSP. The purpose of OCSP still needs to be addressed. Which of the following should be implemented?

A. Build an online intermediate CA.
B. Implement a key escrow.
C. Implement stapling.
D. Install a CRL.

Show Answer

---

Question # 80

During a penetration test, the tester performs a preliminary scan for any responsive hosts. Which of the following BEST explains why the tester is doing this?

A. To determine if the network routes are improperly forwarding request packets
B. To identify the total number of hosts and determine if the network can be victimized by a DoS attack
C. To identify servers for subsequent scans and further investigation
D. To identify the unresponsive hosts and determine if those could be used as zombies in a follow-up scan.

Show Answer

---

Question # 81

A security analyst is emailing PII in a spreadsheet file to an audit validator for after-actions related to a security assessment. The analyst must make sure the PII data is protected with the following minimum requirements:* Ensure confidentiality at rest.* Ensure the integrity of the original email message.Which of the following controls would ensure these data security requirements are carried out?

A. Encrypt and sign the email using S/MIME.
B. Encrypt the email and send it using TLS.
C. Hash the email using SHA-1.
D. Sign the email using MD5

Show Answer

---

Question # 82

A company wants to configure its wireless network to require username and password authentication. Which of the following should the systems administrator Implement?

A. WPS
B. PEAP
C .TKIP
D. PKl

Show Answer

---

Question # 83

A security technician has been given the task of preserving emails that are potentially involved in a dispute between a company and a contractor. Which of the following BEST describes this forensic concept?

A. Legal hold
B. Chain of custody
C. Order of volatility
D. Data acquisition

Show Answer

---

Question # 84

Which of the following environments typically hosts the current version configurations and code, compares user-story responses and workflow, and uses a modified version of actual data for testing?

A. Development
B. Staging
C. Production
D. Test

Show Answer

---

Question # 85

A systems administrator is configuring a new network switch for TACACS+ management and authentication.Which of the following must be configured to provide authentication between the switch and the TACACS+ server?

A. 802.1X
B. SSH
C. Shared secret
D. SNMPv3
E. CHAP

Show Answer

---

Question # 86

A technician needs lo document which application versions are listening on open ports. Which of the following is MOST likely to return the information the technician needs? 

A. Banner grabbing
B. Steganography tools
C. Protocol analyzer
D. Wireless scanner

Show Answer

---

Question # 87

After patching computers with the latest application security patches/updates, users are unable to open certain applications. Which of the following will correct the issue?

A. Modifying the security policy for patch management tools
B. Modifying the security policy for HIDS/HIPS
C. Modifying the security policy for DLP
D. Modifying the security policy for media control

Show Answer

---

Question # 88

A security analyst is performing a manual audit of captured data from a packet analyzer. The analyst looks forbase64 encoded strings and applies the filter http.authbasic. Which of the following describes what the analysts looking for? 

A. Unauthorized software
B. Unencrypted credentials
C. SSL certificate issues
D. Authentication tokens

Show Answer

---

Question # 89

Which of the following control types are alerts sent from a SIEM fulfilling based on vulnerably signatures?

A. Preventive
B. Corrective
C. Compensating
D. Detective

Show Answer

---

Question # 90

Which of the following BEST describes the purpose of authorization?

A. Authorization provides logging to a resource and comes after authentication.
B. Authorization provides authentication to a resource and comes after identification.
C. Authorization provides identification to a resource and comes after authentication.
D. Authorization provides permissions to a resource and comes after authentication.

Show Answer

---

Question # 91

A company has purchased a new SaaS application and is in the process of configuring it to meet the company’s needs. The director of security has requested that the SaaS application be integrated into the company’s IAM processes. Which of the following configurations should the security administrator set up in order to complete this request? 

A. LDAP
B. RADIUS
C. SAML
D. NTLM

Show Answer

---

Question # 92

A security analyst is investigating a vulnerability In which a default file permission was set incorrectly. The company uses non-credentialed scanning for vulnerability management. Which of the following tools can the analyst use to verify the permissions?

A. ssh
B. chmod
C. ls
D. setuid
E. nessus
F. nc

Show Answer

---

Question # 93

Which of the following vulnerabilities can lead to unexpected system behavior, including the bypassing of security controls, due to differences between the time of commitment and the time of execution?

A. Buffer overflow
B. DLL injection
C. Pointer dereference
D. Race condition

Show Answer

---

Question # 94

A security operations team recently detected a breach of credentials. The team mitigated the risk and followed proper processes to reduce risk. Which of the following processes would BEST help prevent this issue from happening again?

A. Risk assessment
B. Chain of custody
C .Lessons learned
D. Penetration test

Show Answer

---

Question # 95

A cybersecurity analyst needs to Implement secure authentication to third-party websites without users' passwords Which of the following would be the BEST way to achieve this objective? 

A. OAuth
B. SSO
C. SAML
D. PAP

Show Answer

---

Question # 96

An analyst is concerned about data leaks and wants to restrict access to Internet services to authorized users only. The analyst also wants to control the actions each user can perform on each service Which of the following would be the BEST technology for me analyst to consider implementing?

A. DLP
B. VPC
C. CASB
D. ACL

Show Answer

---

Question # 97

Joe recently assumed the role of data custodian for this organization. While cleaning out an unused storage safe, he discovers several hard drives that are labeled “unclassified” and awaiting destruction. The hard drives are obsolete and cannot be installed in any of his current computing equipment. Which of the following is the BEST method for disposing of the hard drives? 

A. Burning
B. Wiping
C. Purging
D. Pulverizing

Show Answer

---

Question # 98

A security administrator in a bank is required to enforce an access control policy so no single individual is allowed to both initiate and approve financial transactions. Which of the following BEST represents the impact the administrator is deterring?

A. Principle of least privilege
B. External intruder
C. Conflict of Interest
D. Fraud

Show Answer

---

Question # 99

A small enterprise decides to implement a warm site to be available for business continuity in case of a disaster. Which of the following BEST meets its requirements? 

A. A fully operational site that has all the equipment in place and full data backup tapes on site
B. A site used for its data backup storage that houses a full-time network administrator
C. An operational site requiring some equipment to be relocated as well as data transfer to the site
D. A site staffed with personnel requiring both equipment and data to be relocated there in case of disaster

Show Answer

---

Question # 100

After reading a security bulletin, a network security manager Is concerned that a malicious actor may have breached the network using the same software flaw. The exploit code Is publicly available and has been reported as being used against other industries in the same vertical. Which of the following should the network security manager consult FIRST to determine a priority list for forensic review?

A. The vulnerability scan output
B. The IDS logs
C. The full packet capture data
D. The SIEM alerts

Show Answer

---

Question # 101

A security administrator is adding a NAC requirement for all VPN users to ensure the co requirement?

A. Implement a permanent agent.
B. Install antivirus software.
C. Use an agentless implementation.
D. Implement PKI.

Show Answer

---

Question # 102

An Organization wants to separate permissions for individuals who perform system changes from individuals who perform auditing of those system changes. Which of the following access control approaches is BEST suited for this? 

A. Assign administrators and auditors to different groups and restrict permissions on system log files to read-only for the auditor group.
B. Assign administrators and auditors to the same group, but ensure they have different permissions based on the function they perform.
C. Create two groups and ensure each group has representation from both the auditors and the administrators so they can verify any changes that were made.
D. Assign file and folder permissions on an Individual user basis and avoid group assignment altogether.

Show Answer

---

Question # 103

Which of the following methods is used by internal security teams to assess the security of internally developed applications?

A. Active reconnaissance
B .Pivoting
C. White box testing
D. Persistence

Show Answer

---

Question # 104

A highly complex password policy has made it nearly impossible to crack account passwords. Which of the following might a hacker still be able to perform?

A. Pass-the-hash attack
B. ARP poisoning attack
C. Birthday attack
D. Brute-force attack

Show Answer

---

Question # 105

An application developer has neglected to include input validation checks in the design of the company’s new web application. An employee discovers that repeatedly submitting large amounts of data, including custom code, to an application will allow the execution of the custom code at the administrator level. Which of the following BEST identifies this application attack?

A. Cross-site scripting
B. Clickjacking
C. Buffer overflow
D. Replay

Show Answer

---

Question # 106

A company has won an important government contract. Several employees have been transferred from their existing projects to support a new contract. Some of the employees who have transferred will be working long hours and still need access to their project information to transition work to their replacements.Which of the following should be implemented to validate that the appropriate offboarding process has been followed?

A. Separation of duties
B. Time-of-day restrictions
C. Permission auditing
D. Mandatory access control

Show Answer

---

Question # 107

A threat actor motivated by political goals that is active for a short period of time but has virtually unlimited resources is BEST categorized as a: 

A. hacktivist.
B. nation-state
C. script kiddie
D. APT

Show Answer

---

Question # 108

During a security audit of a company's network, unsecure protocols were found to be in use. A network administrator wants to ensure browser-based access to company switches is using the most secure protocol. Which of the following protocols should be implemented? 

A. SSH2
B. TLS12
C. SSL13
D. SNMPv3

Show Answer

---

Question # 109

Which of the following concepts ensure ACL rules on a directory are functioning as expected? (Select TWO).

A. Accounting
B. Authentication
C. Auditing
D. Authorization
E. Non-repudiation

Show Answer

---

Question # 110

A buffer overflow can result in:

A. loss of data caused by unauthorized command execution.
B. privilege escalation caused by TPN override.
C. reduced key strength due to salt manipulation.
D. repeated use of one-time keys.

Show Answer

---

Question # 111

Two companies are enabling TLS on their respective email gateways to secure communications over the Internet. Which of the following cryptography concepts is being implemented? 

A. Perfect forward secrecy
B. Ephemeral keys
C. Domain validation
D. Data in transit

Show Answer

---

Testimonials