Update CompTIA Security+ SY0-501 Dumps with VCE and PDF for Free (Question 61 – Question 75)

PassLeader released the NEWEST CompTIA SY0-501 exam dumps recently! Both SY0-501 VCE dumps and SY0-501 PDF dumps are available on PassLeader, either SY0-501 VCE dumps or SY0-501 PDF dumps have the NEWEST SY0-501 exam questions in it, they will help you passing CompTIA SY0-501 exam easily! You can download the valid SY0-501 dumps VCE and PDF from PassLeader here: https://www.passleader.com/sy0-501.html (182 Q&As Dumps –> 250 Q&As Dumps –> 594 Q&As Dumps –> 694 Q&As Dumps) (Wrong Answers Have Been Corrected!!!)

Also, previewing the NEWEST PassLeader SY0-501 dumps online for free on Google Drive: https://drive.google.com/open?id=1Ei1CtZKTLawI_2jpkecHaVbM_kXPMZAu

QUESTION 61
The Chief Security Officer (CSO) at a multinational banking corporation is reviewing a plan to upgrade the entire corporate IT infrastructure. The architecture consists of a centralized cloud environment hosting the majority of data, small server clusters at each corporate location to handle the majority of customer transaction processing, ATMs, and a new mobile banking application accessible from smartphones, tablets, and the Internet via HTTP. The corporation does business having varying data retention and privacy laws. Which of the following technical modifications to the architecture and corresponding security controls should be implemented to provide the MOST complete protection of data?

A.    Revoke exiting root certificates, re-issue new customer certificates, and ensure all transactions are digitally signed to minimize fraud, implement encryption for data in-transit between data centers.
B.    Ensure all data is encryption according to the most stringent regulatory guidance applicable, implement encryption for data in-transit between data centers, increase data availability by replicating all data, transaction data, logs between each corporate location.
C.    Store customer data based on national borders, ensure end-to end encryption between ATMs, end users, and servers, test redundancy and COOP plans to ensure data is not inadvertently shifted from one legal jurisdiction to another with more stringent regulations.
D.    Install redundant servers to handle corporate customer processing, encrypt all customer data to ease the transfer from one country to another, implement end-to-end encryption between mobile applications and the cloud.

Answer: C

QUESTION 62
While reviewing the monthly internet usage it is noted that there is a large spike in traffic classified as “unknown” and does not appear to be within the bounds of the organizations Acceptable Use Policy. Which of the following tool or technology would work BEST for obtaining more information on this traffic?

A.    Firewall logs
B.    IDS logs
C.    Increased spam filtering
D.    Protocol analyzer

Answer: B

QUESTION 63
A network administrator wants to ensure that users do not connect any unauthorized devices to the company network. Each desk needs to connect a VoIP phone and computer. Which of the following is the BEST way to accomplish this?

A.    Enforce authentication for network devices.
B.    Configure the phones on one VLAN, and computers on another.
C.    Enable and configure port channels.
D.    Make users sign an Acceptable use Agreement.

Answer: A

QUESTION 64
An administrator has concerns regarding the traveling sales team who works primarily from smart phones. Given the sensitive nature of their work, which of the following would BEST prevent access to the data in case of loss or theft?

A.    Enable screensaver locks when the phones are not in use to prevent unauthorized access.
B.    Configure the smart phones so that the stored data can be destroyed from a centralized location.
C.    Configure the smart phones so that all data is saved to removable media and kept separate from the device.
D.    Enable GPS tracking on all smart phones so that they can be quickly located and recovered.

Answer: B

QUESTION 65
A user of the wireless network is unable to gain access to the network. The symptoms are:
– Unable to connect to both internal and Internet resources.
– The wireless icon shows connectivity but has no network access.
The wireless network is WPA2 Enterprise and users must be a member of the wireless security group to authenticate. Which of the following is the MOST likely cause of the connectivity issues?

A.    The wireless signal is not strong enough.
B.    A remote DDoS attack against the RADIUS server is taking place.
C.    The user’s laptop only supports WPA and WEP.
D.    The DHCP scope is full.
E.    The dynamic encryption key did not update while the user was offline.

Answer: A

QUESTION 66
A Chief Financial Officer (CFO) has asked the Chief Information Officer (CIO) to provide responses to a recent audit report detailing deficiencies in the organization security controls. The CFO would like to know ways in which the organization can improve its authorization controls. Given the request by the CFO, which of the following controls should the CIO focus on in the report? (Select THREE.)

A.    Password complexity policies
B.    Hardware tokens
C.    Biometric systems
D.    Role-based permissions
E.    One time passwords
F.    Separation of duties
G.    Multifactor authentication
H.    Single sign-on
I.    Lease privilege

Answer: DFI

QUESTION 67
A mobile device user is concerned about geographic positioning information being included in messages sent between users on a popular social network platform. The user turns off the functionality in the application, but wants to ensure the application cannot re-enable the setting without the knowledge of the user. Which of the following mobile device capabilities should the user disable to achieve the stated goal?

A.    Device access control
B.    Location based services
C.    Application control
D.    GEO-Tagging

Answer: D

QUESTION 68
Joe, a member of a digital forensics team, Joe arrives at a crime scene and is preparing to collect system data. Before powering the system off, Joe knows that he must collect the most volatile date first. Which of the following is the correct order in which Joe should collect the data?

A.    CPU cache, paging/swap files, RAM, remote logging data
B.    RAM, CPU cache, Remote logging data, paging/swap files
C.    Paging/swap files, CPU cache, RAM, remote logging data
D.    CPU cache, RAM, paging/swap files, remote logging data

Answer: D

QUESTION 69
An organization has hired a penetration tester to test the security of its ten web servers. The penetration tester is able to gain root/administrative access in several servers by exploiting vulnerabilities associated with the implementation of SMTP, POP, DNS, FTP, Telnet, and IMAP. Which of the following recommendations should the penetration tester provide to the organization to better protect their web servers in the future?

A.    Use a honeypot
B.    Disable unnecessary services
C.    Implement transport layer security
D.    Increase application event logging

Answer: B

QUESTION 70
A security engineer is faced with competing requirements from the networking group and database administrators. The database administrators would like ten application servers on the same subnet for ease of administration, whereas the networking group would like to segment all applications from one another. Which of the following should the security administrator do to rectify this issue?

A.    Recommend performing a security assessment on each application, and only segment the applications with the most vulnerability.
B.    Recommend classifying each application into like security groups and segmenting the groups from one another.
C.    Recommend segmenting each application, as it is the most secure approach.
D.    Recommend that only applications with minimal security features should be segmented to protect them.

Answer: B

QUESTION 71
A security analyst has been asked to perform a review of an organization’s software development lifecycle. The analyst reports that the lifecycle does not contain a phase in which team members evaluate and provide critical feedback of another developer’s code. Which of the following assessment techniques is BEST described in the analyst’s report?

A.    Architecture evaluation
B.    Baseline reporting
C.    Whitebox testing
D.    Peer review

Answer: D

QUESTION 72
An attacker wearing a building maintenance uniform approached a company’s receptionist asking for access to a secure area. The receptionist asks for identification, a building access badge and checks the company’s list approved maintenance personnel prior to granting physical access to the secure are. The controls used by the receptionist are in place to prevent which of the following types of attacks?

A.    Tailgating
B.    Shoulder surfing
C.    Impersonation
D.    Hoax

Answer: C

QUESTION 73
A security administrator is tasked with conducting an assessment made to establish the baseline security posture of the corporate IT infrastructure. The assessment must report actual flaws and weaknesses in the infrastructure. Due to the expense of hiring outside consultants, the testing must be performed using in-house or cheaply available resource. There cannot be a possibility of any requirement being damaged in the test. Which of the following has the administrator been tasked to perform?

A.    Risk transference
B.    Penetration test
C.    Threat assessment
D.    Vulnerability assessment

Answer: D

QUESTION 74
A network administrator is attempting to troubleshoot an issue regarding certificates on a secure website. During the troubleshooting process, the network administrator notices that the web gateway proxy on the local network has signed all of the certificates on the local machine. Which of the following describes the type of attack the proxy has been legitimately programmed to perform?

A.    Transitive access
B.    Spoofing
C.    Man-in-the-middle
D.    Replay

Answer: C

QUESTION 75
Which of the following use the SSH protocol?

A.    Stelnet
B.    SCP
C.    SNMP
D.    FTPS
E.    SSL
F.    SFTP

Answer: BF


Welcome to choose PassLeader SY0-501 dumps for 100% passing CompTIA SY0-501 exam: https://www.passleader.com/sy0-501.html (182 Q&As VCE Dumps and PDF Dumps –> 250 Q&As Now! –> 594 Q&As Now! –> 694 Q&As Now!) (Wrong Answers Have Been Corrected!!!)

Also, previewing the NEWEST PassLeader SY0-501 dumps online for free on Google Drive: https://drive.google.com/open?id=1Ei1CtZKTLawI_2jpkecHaVbM_kXPMZAu