This page was exported from Braindump2go Free Exam Dumps with PDF and VCE Collection [ https://www.mcitpdump.com ] Export date:Thu Mar 28 17:49:52 2024 / +0000 GMT ___________________________________________________ Title: [June-2018-New]SY0-501 Dumps VCE and PDF(Full Version)563Q Download in Braindump2go[341-351] --------------------------------------------------- 2018 June Latest CompTIA SY0-501 Exam Dumps with PDF and VCE Just Updated Today! Following are some new SY0-501 Real Exam Questions: 1.|2018 Latest SY0-501 Exam Dumps (PDF & VCE) 563Q Download:https://www.braindump2go.com/sy0-501.html2.|2018 Latest SY0-501 Exam Questions & Answers Download:https://drive.google.com/drive/folders/1Mto9aYkbmrvlHB5IFqCx-MuIqEVJQ9Yu?usp=sharingQUESTION 341A security analyst accesses corporate web pages and inputs random data in the forms. The response received includes the type of database used and SQL commands that the database accepts. Which of the following should the security analyst use to prevent this vulnerability?A. Application fuzzingB. Error handlingC. Input validationD. Pointer dereferenceAnswer: CQUESTION 342Which of the following differentiates a collision attack from a rainbow table attack?A. A rainbow table attack performs a hash lookupB. A rainbow table attack uses the hash as a passwordC. In a collision attack, the hash and the input data are equivalentD. In a collision attack, the same input results in different hashesAnswer: AQUESTION 343A help desk is troubleshooting user reports that the corporate website is presenting untrusted certificate errors to employees and customers when they visit the website. Which of the following is the MOST likely cause of this error, provided the certificate has not expired?A. The certificate was self signed, and the CA was not imported by employees or customersB. The root CA has revoked the certificate of the intermediate CAC. The valid period for the certificate has passed, and a new certificate has not been issuedD. The key escrow server has blocked the certificate from being validatedAnswer: CQUESTION 344A security analyst is investigating a suspected security breach and discovers the following in the logs of the potentially compromised server: Which of the following would be the BEST method for preventing this type of suspected attack in the future?A. Implement password expirationsB. Implement restrictions on shared credentialsC. Implement account lockout settingsD. Implement time-of-day restrictions on this serverAnswer: CQUESTION 345A security administrator wants to implement a logon script that will prevent MITM attacks on the local LAN. Which of the following commands should the security administrator implement within the script to accomplish this task?A. arp - s 192.168.1.1 00-3a-d1-fa-b1-06B. dig - x@192.168.1.1 mypc.comptia.comC. nmap - A - T4 192.168.1.1D. tcpdump - lnv host 192.168.1.1 or either 00:3a:d1:fa:b1:06Answer: AQUESTION 346Which of the following is the BEST reason for salting a password hash before it is stored in a database?A. To prevent duplicate values from being storedB. To make the password retrieval process very slowC. To protect passwords from being saved in readable formatD. To prevent users from using simple passwords for their access credentialsAnswer: AQUESTION 347An actor downloads and runs a program against a corporate login page. The program imports a list of usernames and passwords, looking for a successful attempt. Which of the following terms BEST describes the actor in this situation?A. Script kiddieB. HacktivistC. CryptologistD. Security auditorAnswer: AQUESTION 348An organization wants to utilize a common, Internet-based third-party provider for authorization and authentication. The provider uses a technology based on OAuth 2.0 to provide required services. To which of the following technologies is the provider referring?A. OpenID ConnectB. SAMLC. XACMLD. LDAPAnswer: AQUESTION 349A penetration tester harvests potential usernames from a social networking site. The penetration tester then uses social engineering to attempt to obtain associated passwords to gain unauthorized access to shares on a network server. Which of the following methods is the penetration tester MOST likely using?A. Escalation of privilegeB. SQL injectionC. Active reconnaissanceD. Proxy serverAnswer: CQUESTION 350Which of the following could occur when both strong and weak ciphers are configured on a VPN concentrator? (Select TWO)A. An attacker could potentially perform a downgrade attack.B. The connection is vulnerable to resource exhaustion.C. The integrity of the data could be at risk.D. The VPN concentrator could revert to L2TP.E. The IPSec payload reverted to 16-bit sequence numbers.Answer: AEQUESTION 351Which of the following is the BEST choice for a security control that represents a preventive and corrective logical control at the same time?A. Security awareness trainingB. AntivirusC. FirewallsD. Intrusion detection systemAnswer: B!!!RECOMMEND!!!1.|2018 Latest SY0-501 Exam Dumps (PDF & VCE) 563Q Download:https://www.braindump2go.com/sy0-501.html2.|2018 Latest SY0-501 Study Guide Video: YouTube Video: YouTube.com/watch?v=NVxs6ev6Ww0 --------------------------------------------------- Images: --------------------------------------------------- --------------------------------------------------- Post date: 2018-06-06 01:40:15 Post date GMT: 2018-06-06 01:40:15 Post modified date: 2018-06-06 01:40:15 Post modified date GMT: 2018-06-06 01:40:15 ____________________________________________________________________________________________ Export of Post and Page as text file has been powered by [ Universal Post Manager ] plugin from www.gconverters.com