20 03 2018
[2018-March-New]Free Downloading for Braindump2go SY0-501 Dumps PDF[216-226]
2018 March Latest CompTIA SY0-501 Exam Dumps with PDF and VCE Free Updated Today! Following are some new SY0-501 Real Exam Questions:
1.|2018 Latest SY0-501 Exam Dumps (PDF & VCE) 250Q&As Download:
https://www.braindump2go.com/sy0-501.html
2.|2018 Latest SY0-501 Exam Questions & Answers Download:
https://drive.google.com/drive/folders/1QYBwvoau8PlTQ3bugQuy0pES-zrLrRB1?usp=sharing
QUESTION 216
As part of the SDLC, a third party is hired to perform a penetration test. The third party will have access to the source code, integration tests, and network diagrams. Which of the following BEST describes the assessment being performed?
A. Black box
B. Regression
C. White box
D. Fuzzing
Answer: C
QUESTION 217
A dumpster diver recovers several hard drives from a company and is able to obtain confidential data from one of the hard drives. The company then discovers its information is posted online. Which of the following methods would have MOST likely prevented the data from being exposed?
A. Removing the hard drive from its enclosure
B. Using software to repeatedly rewrite over the disk space
C. Using Blowfish encryption on the hard drives
D. Using magnetic fields to erase the data
Answer: D
QUESTION 218
Which of the following are methods to implement HA in a web application server environment? (Select two.)
A. Load balancers
B. Application layer firewalls
C. Reverse proxies
D. VPN concentrators
E. Routers
Answer: AB
QUESTION 219
An application developer is designing an application involving secure transports from one service to another that will pass over port 80 for a request.
Which of the following secure protocols is the developer MOST likely to use?
A. FTPS
B. SFTP
C. SSL
D. LDAPS
Answer: C
QUESTION 220
Which of the following precautions MINIMIZES the risk from network attacks directed at multifunction printers, as well as the impact on functionality at the same time?
A. Isolating the systems using VLANs
B. Installing a software-based IPS on all devices
C. Enabling full disk encryption
D. Implementing a unique user PIN access functions
Answer: A
QUESTION 221
After an identified security breach, an analyst is tasked to initiate the IR process. Which of the following is the NEXT step the analyst should take?
A. Recovery
B. Identification
C. Preparation
D. Documentation
E. Escalation
Answer: B
QUESTION 222
A company was recently audited by a third party. The audit revealed the company’s network devices were transferring files in the clear. Which of the following protocols should the company use to transfer files?
A. HTTPS
B. LDAPS
C. SCP
D. SNMP3
Answer: C
QUESTION 223
During a monthly vulnerability scan, a server was flagged for being vulnerable to an Apache Struts exploit. Upon further investigation, the developer responsible for the server informs the security team that Apache Struts is not installed on the server. Which of the following BEST describes how the security team should reach to this incident?
A. The finding is a false positive and can be disregarded
B. The Struts module needs to be hardened on the server
C. The Apache software on the server needs to be patched and updated
D. The server has been compromised by malware and needs to be quarantined.
Answer: D
QUESTION 224
A systems administrator wants to protect data stored on mobile devices that are used to scan and record assets in a warehouse. The control must automatically destroy the secure container of mobile devices if they leave the warehouse. Which of the following should the administrator implement? (Select two.)
A. Geofencing
B. Remote wipe
C. Near-field communication
D. Push notification services
E. Containerization
Answer: AE
QUESTION 225
A security analyst is performing a quantitative risk analysis. The risk analysis should show the potential monetary loss each time a threat or event occurs. Given this requirement, which of the following concepts would assist the analyst in determining this value? (Select two.)
A. ALE
B. AV
C. ARO
D. EF
E. ROI
Answer: BD
QUESTION 226
Which of the following AES modes of operation provide authentication? (Select two.)
A. CCM
B. CBC
C. GCM
D. DSA
E. CFB
Answer: AC
!!!RECOMMEND!!!
1.|2018 Latest SY0-501 Exam Dumps (PDF & VCE) 250Q&As Download:
https://www.braindump2go.com/sy0-501.html
2.|2018 Latest SY0-501 Study Guide Video:
https://youtu.be/d7_Sx-zuFKI
[2018-March-New]Exam SY0-501 VCE and SY0-501 PDF 250Q Free Offered by Braindump2go[205-215] [2018-March-New]Free 250Q Braindump2go SY0-501 Exam PDF Download[227-237]
Comments are currently closed.