[2018-3-19] Latest Lead2pass SY0-501 Exam Free SY0-501 Dumps Download (183-200)
Free Share SY0-501 PDF Dumps With Lead2pass Updated Exam Questions.v.2018-3-19.250q:
https://www.lead2pass.com/sy0-501.html
QUESTION 183
A system administrator wants to provide balance between the security of a wireless network and usability. The administrator is concerned with wireless encryption compatibility of older devices used by some employees. Which of the following would provide strong security and backward compatibility when accessing the wireless network?
A. Open wireless network and SSL VPN
B. WPA using a preshared key
C. WPA2 using a RADIUS back-end for 802.1x authentication
D. WEP with a 40-bit key
Answer: C
QUESTION 184
An information security specialist is reviewing the following output from a Linux server.
Based on the above information, which of the following types of malware was installed on the server? / local/
A. Logic bomb
B. Trojan
C. Backdoor
D. Ransomware
E. Rootkit
Answer: C
QUESTION 185
In terms of encrypting data, which of the following is BEST described as a way to safeguard password data by adding random data to it in storage?
A. Using salt
B. Using hash algorithms
C. Implementing elliptical curve
D. Implementing PKI
Answer: A
QUESTION 186
A system administrator wants to provide for and enforce wireless access accountability during events where external speakers are invited to make presentations to a mixed audience of employees and non-employees. Which of the following should the administrator implement?
A. Shared accounts
B. Preshared passwords
C. Least privilege
D. Sponsored guest
Answer: D
QUESTION 187
Which of the following would MOST likely appear in an uncredentialed vulnerability scan?
A. Self-signed certificates
B. Missing patches
C. Auditing parameters
D. Inactive local accounts
Answer: D
QUESTION 188
A security analyst observes the following events in the logs of an employee workstation:
Given the information provided, which of the following MOST likely occurred on the workstation?
A. Application whitelisting controls blocked an exploit payload from executing.
B. Antivirus software found and quarantined three malware files.
C. Automatic updates were initiated but failed because they had not been approved.
D. The SIEM log agent was not turned properly and reported a false positive.
Answer: A
QUESTION 189
When identifying a company’s most valuable assets as part of a BIA, which of the following should be the FIRST priority?
A. Life
B. Intellectual property
C. Sensitive data
D. Public reputation
Answer: A
QUESTION 190
An organization needs to implement a large PKI. Network engineers are concerned that repeated transmission of the OCSP will impact network performance. Which of the following should the security analyst recommend is lieu of an OCSP?
A. CSR
B. CRL
C. CA
D. OID
Answer: B
QUESTION 191
When considering a third-party cloud service provider, which of the following criteria would be the BEST to include in the security assessment process? (Select two.)
A. Use of performance analytics
B. Adherence to regulatory compliance
C. Data retention policies
D. Size of the corporation
E. Breadth of applications support
Answer: BC
QUESTION 192
Which of the following occurs when the security of a web application relies on JavaScript for input validation?
A. The integrity of the data is at risk.
B. The security of the application relies on antivirus.
C. A host-based firewall is required.
D. The application is vulnerable to race conditions.
Answer: A
QUESTION 193
An analyst is reviewing a simple program for potential security vulnerabilities before being deployed to a Windows server. Given the following code:
Which of the following vulnerabilities is present?
A. Bad memory pointer
B. Buffer overflow
C. Integer overflow
D. Backdoor
Answer: B
QUESTION 194
An organization’s file server has been virtualized to reduce costs. Which of the following types of backups would be MOST appropriate for the particular file server?
A. Snapshot
B. Full
C. Incremental
D. Differential
Answer: C
QUESTION 195
A wireless network uses a RADIUS server that is connected to an authenticator, which in turn connects to a supplicant. Which of the following represents the authentication architecture in use?
A. Open systems authentication
B. Captive portal
C. RADIUS federation
D. 802.1x
Answer: D
QUESTION 196
An employer requires that employees use a key-generating app on their smartphones to log into corporate applications. In terms of authentication of an individual, this type of access policy is BEST defined as:
A. Something you have.
B. Something you know.
C. Something you do.
D. Something you are.
Answer: A
QUESTION 197
Adhering to a layered security approach, a controlled access facility employs security guards who verify the authorization of all personnel entering the facility. Which of the following terms BEST describes the security control being employed?
A. Administrative
B. Corrective
C. Deterrent
D. Compensating
Answer: A
QUESTION 198
A security analyst is hardening a web server, which should allow a secure certificate-based session using the organization’s PKI infrastructure. The web server should also utilize the latest security techniques and standards. Given this set of requirements, which of the following techniques should the analyst implement to BEST meet these requirements? (Select two.)
A. Install an X- 509-compliant certificate.
B. Implement a CRL using an authorized CA.
C. Enable and configure TLS on the server.
D. Install a certificate signed by a public CA.
E. Configure the web server to use a host header.
Answer: AC
QUESTION 199
A manager wants to distribute a report to several other managers within the company. Some of them reside in remote locations that are not connected to the domain but have a local server. Because there is sensitive data within the report and the size of the report is beyond the limit of the email attachment size, emailing the report is not an option. Which of the following protocols should be implemented to distribute the report securely? (Select three.)
A. S/MIME
B. SSH
C. SNMPv3
D. FTPS
E. SRTP
F. HTTPS
G. LDAPS
Answer: BDF
QUESTION 200
An auditor is reviewing the following output from a password-cracking tool:
User:1: Password1
User2: Recovery!
User3: Alaskan10
User4: 4Private
User5: PerForMance2
Which of the following methods did the author MOST likely use?
A. Hybrid
B. Dictionary
C. Brute force
D. Rainbow table
Answer: A
SY0-501 dumps full version (PDF&VCE): https://www.lead2pass.com/sy0-501.html
Large amount of free SY0-501 exam questions on Google Drive: https://drive.google.com/open?id=1Hm6GQHDVOsEnyhNf3EHqIGEtor5IUsfu
You may also need:
SY0-401 exam dumps: https://drive.google.com/open?id=0B3Syig5i8gpDLXZsWm9MWmh0a0E