This page was exported from Braindump2go Free Exam Dumps with PDF and VCE Collection
[
https://www.mcitpdump.com
]
Export date: Fri Mar 29 8:29:29 2024 / +0000 GMT
2019/March Braindump2go SY0-501 Exam Dumps with PDF and VCE New Updated Today! Following are some new SY0-501 Real Exam Questions: 1.|2019 Latest SY0-501 Exam Dumps (PDF & VCE) Instant Download: https://www.braindump2go.com/sy0-501.html 2.|2019 Latest SY0-501 Exam Questions & Answers Instant Download: New Question A. Server001 Answer: B New Question A. Implement SRTP between the phones and the PBX. Answer: D New Question A. Dynamic analysis Answer: B New Question A. Ping Answer: BC New Question A. Secure USB drive Answer: C New Question A. Deterrent Answer: A New Question A. Time-of-day restrictions Answer: B New Question A. Service level agreement Answer: A New Question A. Mandatory access control Answer: B New Question A. Spear phishing Answer: B New Question A. SCP Answer: AF 1.|2019 Latest SY0-501 Exam Dumps (PDF & VCE) Instant Download: https://www.braindump2go.com/sy0-501.html 2.|2019 Latest SY0-501 Study Guide Video Instant Download: YouTube Video: YouTube.com/watch?v=f3ZMNrHtxXc
Audit logs from a small company's vulnerability scanning software show the following findings:
Destinations scanned:
-Server001- Internal human resources payroll server
-Server101- Internet-facing web server
-Server201- SQL server for Server101
-Server301- Jumpbox used by systems administrators accessible from the internal network
Validated vulnerabilities found:
-Server001- Vulnerable to buffer overflow exploit that may allow attackers to install software -Server101- Vulnerable to buffer overflow exploit that may allow attackers to install software -Server201- OS updates not fully current
-Server301- Accessible from internal network without the use of jumpbox
-Server301- Vulnerable to highly publicized exploit that can elevate user privileges
Assuming external attackers who are gaining unauthorized information are of the highest concern, which of the following servers should be addressed FIRST?
B. Server101
C. Server201
D. Server301
A security analyst wants to harden the company's VoIP PBX. The analyst is worried that credentials may be intercepted and compromised when IP phones authenticate with the BPX. Which of the following would best prevent this from occurring?
B. Place the phones and PBX in their own VLAN.
C. Restrict the phone connections to the PBX.
D. Require SIPS on connections to the PBX.
An organization is comparing and contrasting migration from its standard desktop configuration to the newest version of the platform. Before this can happen, the Chief Information Security Officer (CISO) voices the need to evaluate the functionality of the newer desktop platform to ensure interoperability with existing software in use by the organization. In which of the following principles of architecture and design is the CISO engaging?
B. Change management
C. Baselining
D. Waterfalling
A security administrator suspects a MITM attack aimed at impersonating the default gateway is underway. Which of the following tools should the administrator use to detect this attack? (Select two.)
B. Ipconfig
C. Tracert
D. Netstat
E. Dig
F. Nslookup
A user is presented with the following items during the new-hire onboarding process:
- Laptop
- Secure USB drive
- Hardware OTP token
- External high-capacity HDD
- Password complexity policy
- Acceptable use policy
- HASP key
- Cable lock
Which of the following is one component of multifactor authentication?
B. Cable lock
C. Hardware OTP token
D. HASP key
Having adequate lighting on the outside of a building is an example of which of the following security controls?
B. Compensating
C. Detective
D. Preventative
During a recent audit, it was discovered that several user accounts belonging to former employees were still active and had valid VPN permissions. Which of the following would help reduce the amount of risk the organization incurs in this situation in the future?
B. User access reviews
C. Group-based privileges
D. Change management policies
An organization is working with a cloud services provider to transition critical business applications to a hybrid cloud environment. The organization retains sensitive customer data and wants to ensure the provider has sufficient administrative and logical controls in place to protect its data. In which of the following documents would this concern MOST likely be addressed?
B. Interconnection security agreement
C. Non-disclosure agreement
D. Business process analysis
A security administrator wants to implement a company-wide policy to empower data owners to manage and enforce access control rules on various resources. Which of the following should be implemented?
B. Discretionary access control
C. Role based access control
D. Rule-based access control
Which of the following BEST describes an attack where communications between two parties are intercepted and forwarded to each party with neither party being aware of the interception and potential modification to the communications?
B. Main-in-the-middle
C. URL hijacking
D. Transitive access
A security administrator wishes to implement a secure a method of file transfer when communicating with outside organizations.
Which of the following protocols would BEST facilitate secure file transfers? (Select TWO)
B. TFTP
C. SNMP
D. FTP
E. SMTP
F. FTPS
!!!RECOMMEND!!!
Post date: 2019-03-18 06:42:15
Post date GMT: 2019-03-18 06:42:15
Post modified date: 2019-03-18 06:42:15
Post modified date GMT: 2019-03-18 06:42:15
Powered by [ Universal Post Manager ] plugin. MS Word saving format developed by gVectors Team www.gVectors.com