[2017-Nov-NEW]SY0-501 VCE and PDF Dumps 166Q&As Free Share[ 135-144]

Discussion in 'CompTIA Certifications General' started by Archie Praed, Nov 7, 2017.

  1. Archie Praed

    Archie Praed Member
    Member

    Joined:
    Mar 28, 2016
    Messages:
    147
    Likes Received:
    19
    Hello Everyone, CompTIA Exam SY0-501 Questions Free Released Today! Following are some new questions:

    QUESTION 135
    A company wants to host a publicly available server that performs the following functions:
    Evaluates MX record lookup
    Can perform authenticated requests for A and AAA records
    Uses RRSIG
    Which of the following should the company use to fulfill the above requirements?

    A. DNSSEC
    B. SFTP
    C. nslookup
    D. dig

    Answer: C

    QUESTION 136
    Which of the following attack types BEST describes a client-side attack that is used to mandate an HTML iframe with JavaScript code via web browser?

    A. MITM
    B. xss
    C. SQLi

    Answer: B

    QUESTION 137
    A company has a data classification system with definitions for "Private" and public." The company's security policy outlines how data should be protected based on type. The company recently added the data type "Proprietary" Which of the following is the MOST likely reason the company added this data type?

    A. Reduced cost
    B. More searchable data
    C. Better data classification
    D. Expanded authority of the privacy officer

    Answer: B

    QUESTION 138
    A security administrator is developing training for corporate users on basic security principles for personal email accounts.
    Which of the following should be mentioned as the MOST secure way for password recovery?

    A. Utilizing a single Qfor password recovery
    B. Sending a PIN to a smartphone through text message
    C. Utilizing CAPTCHA to avoid brute force attacks
    D. Use a different e-mail address to recover password

    Answer: B

    QUESTION 139
    A company researched the root cause of a recent vulnerability in its software. It was determined that the vulnerability was the result of two updates made in the last release. Each update alone would not have resulted in the vulnerability.
    In order to prevent similar situations in the future, the company should improve which of the following?

    A. Change management procedures
    B. Job rotation policies
    C. Incident response management
    D. Least privilege access controls

    Answer: A

    QUESTION 140
    A computer on a company network was infected with a zero-day exploit after an employee accidently opened an email that contained malicious content. The employee recognized the email as malicious and was attempting to delete it, but accidently opened it.
    Which of the following should be done to prevent this scenario from occurring again in the future?

    A. Install host-based firewalls on all computers that have an email client installed
    B. Set the email program default to open messages in plain text
    C. Install end-point protection on all computers that access web email
    D. Create new email spam filters to delete all messages from that sender

    Answer: C

    QUESTION 141
    A company wants to ensure that the validity of publicly trusted certificates used by its web server can be determined even during an extended internet outage.
    Which of the following should be implemented?

    A. Recovery agent
    B. Ocsp
    C. Crl
    D. Key escrow

    Answer: B

    QUESTION 142
    An administrator intends to configure an IPSec solution that provides ESP with integrity protection, but not confidentiality protection.
    Which of the following AES modes of operation would meet this integrity-only requirement?

    A. HMAC
    B. PCBC
    C. CBC
    D. GCM
    E. CFB

    Answer: A

    QUESTION 143
    The chief security officer (CS0) has issued a new policy that requires that all internal websites be configured for HTTPS traffic only. The network administrator has been tasked to update all internal sites without incurring additional costs.
    Which of the following is the best solution for the network administrator to secure each internal website?

    A. Use certificates signed by the company CA
    B. Use a signing certificate as a wild card certificate
    C. Use certificates signed by a public ca
    D. Use a self-signed certificate on each internal server

    Answer: D
    Explanation:
    This is a way to update all internal sites without incurring additional costs?
    To be a CA (Certificate Authority), you need an infrastructure that consists of considerable operational elements, hardware, software, policy frameworks and practice statements, auditing, security infrastructure and personnel.

    QUESTION 144
    A security program manager wants to actively test the security posture of a system.
    The system is not yet in production and has no uptime requirement or active user base.
    Which of the following methods will produce a report which shows vulnerabilities that were actually exploited?

    A. Peer review
    B. Component testing
    C. Penetration testing
    D. Vulnerability testing

    Answer: C
    Explanation:
    A penetration test, or pen test, is an attempt to evaluate the security of an IT infrastructure by safely trying to exploit vulnerabilities.


    New 400-101 VCE Dumps:

    Dear visitor, you need to Register or Login to view links on Certify Chat.

     
  2. finbalor

    finbalor Member
    Member

    Joined:
    Jul 28, 2017
    Messages:
    95
    Likes Received:
    0
    Here, Dumps4download SY0-501 exam materials will help you pass your

    Dear visitor, you need to Register or Login to view links on Certify Chat.

    certification exam and get SY0-501 certification certificate. Our exam materials are written to the highest standards of technical accuracy. And

    Dear visitor, you need to Register or Login to view links on Certify Chat.

    pdf questions and answers are edited by experienced IT experts and have a 99.9% hit rate.
     
  3. candusmisheel

    candusmisheel Member
    Member

    Joined:
    Feb 12, 2018
    Messages:
    172
    Likes Received:
    0
    Validate your SY0-501 Exam learning and preparation with our most updated SY0-501 dumps. (Dumpspdf.com) has experienced IT experts who gather and approve a huge range of CompTIA SY0-501 Questions Answers for Certification seekers. Practicing our 100% updated SY0-501 Practice Tests is a guaranteed way towards your success in CompTIA

    Dear visitor, you need to Register or Login to view links on Certify Chat.

    .
     
    #3 candusmisheel, Mar 12, 2018
    Last edited: Mar 12, 2018
  4. just_imagine12

    Member

    Joined:
    Mar 11, 2018
    Messages:
    8
    Likes Received:
    0
    can you please share downloaded file
     

Share This Page