• Home
  • Articles
  • New 2021 Guaranteed Success with ValidVCE SY0-501 Dumps CompTIA PDF Questions [Q349-Q364]

New 2021 Guaranteed Success with ValidVCE SY0-501 Dumps CompTIA PDF Questions [Q349-Q364]

Share

New 2021 Guaranteed Success with ValidVCE SY0-501 Dumps CompTIA PDF Questions

Exceptional Practice To CompTIA Security+ Certification Exam Pass the First Time

NEW QUESTION 349

  • A. CRL
  • B. PKI
  • C. ACL
  • D. SSL
  • E. The security administrator knows there are at least four different browsers in use on more than a thousand computers in the domain worldwide. Which of the following solution would be BEST for the security administrator to implement to most efficiently assist with this issue?

Answer: D,E

 

NEW QUESTION 350
An accountant is attempting to log in to the internal accounting system and receives a message that the website's certificate is fraudulent. The accountant finds instructions for manually installing the new trusted root onto the local machine. Which of the following would be the company's BEST option for this situation in the future?

  • A. Use a stronger cipher suite.
  • B. Ensure access to KMS.
  • C. Utilize a central CRL.
  • D. Implement certificate management.

Answer: D

Explanation:
Explanation
The Certificate Management System for generation, distribution, storage and verification of certificates for use in a variety of security enhanced applications. The structure of a certificate is defined in the X.509 standard.

 

NEW QUESTION 351
A security analyst has recently deployed an MDM solution that requires biometric authentication for company-issued smartphones As the solution was implemented the help desk has seen a dramatic increase in calls by employees frustrated that company-issued phones take several attempts to unlock using the fingerprint scanner Which of the following should be reviewed to mitigate this problem?

  • A. False acceptance rate
  • B. True rejection rate
  • C. False rejection rate
  • D. Crossover error rate

Answer: D

 

NEW QUESTION 352
A company determines that it is prohibitively expensive to become compliant with new credit card regulations. Instead, the company decides to purchase insurance to cover the cost of any potential loss. Which of the following is the company doing?

  • A. Avoiding the risk
  • B. Accepting the risk
  • C. Mitigating the risk
  • D. Transferring the risk

Answer: D

 

NEW QUESTION 353
Drag and drop the correct protocol to its default port.

Answer:

Explanation:

Explanation:
FTP uses TCP port 21. Telnet uses port 23.
SSH uses TCP port 22.
All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22. Secure Copy Protocol (SCP) is a secure file-transfer facility based on SSH and Remote Copy Protocol (RCP).
Secure FTP (SFTP) is a secured alternative to standard File Transfer Protocol (FTP). SMTP uses TCP port 25.
Port 69 is used by TFTP.
SNMP makes use of UDP ports 161 and 162. http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

 

NEW QUESTION 354
A Security Officer on a military base needs to encrypt several smart phones that will be going into the field. Which of the following encryption solutions should be deployed in this situation?

  • A. Elliptic curve
  • B. 3DES
  • C. AES-256
  • D. One-time pad

Answer: C

 

NEW QUESTION 355
Before an infection was detected, several of the infected devices attempted to access a URL that was
similar to the company name but with two letters transposed. Which of the following BEST describes the
attack vector used to infect the devices?

  • A. Typo squatting
  • B. Cross-site scripting
  • C. URL hijacking
  • D. DNS poisoning

Answer: A

 

NEW QUESTION 356
A developer has just finished coding a custom web application and would like to test it for bugs by automatically injecting malformed data into it. Which of the following is the developer looking to perform?

  • A. Stress testing
  • B. Normalization
  • C. Fuzzing
  • D. Sandboxing

Answer: C

 

NEW QUESTION 357
An application developer has neglected input validation checks in the design of the company's new web application. An employee discovers that repeatedly submitting large amounts of data, including custom code, to an application will allow the execution of the custom code at the administrator level. Which of the following BEST identifies this application attack?

  • A. Buffer overflow
  • B. Cross-site scripting
  • C. Replay
  • D. Clickjacking

Answer: A

 

NEW QUESTION 358
You have just received some room and WiFi access control recommendations from a security consulting company. Click on each building to bring up available security controls. Please implement the following requirements:
The Chief Executive Officer's (CEO) office had multiple redundant security measures installed on the door to the office. Remove unnecessary redundancies to deploy three-factor authentication, while retaining the expensive iris render.
The Public Cafe has wireless available to customers. You need to secure the WAP with WPA and place a passphrase on the customer receipts.
In the Data Center you need to include authentication from the "something you know" category and take advantage of the existing smartcard reader on the door.
In the Help Desk Office, you need to require single factor authentication through the use of physical tokens given to guests by the receptionist.
The PII Office has redundant security measures in place. You need to eliminate the redundancy while maintaining three-factor authentication and retaining the more expensive controls.

Instructions: The original security controls for each office can be reset at any time by selecting the Reset button. Once you have met the above requirements for each office, select the Save button. When you have completed the entire simulation, please select the Done button to submit. Once the simulation is submitted, please select the Next button to continue.

Answer:

Explanation:

 

NEW QUESTION 359
An organization discovers that unauthorized applications have been installed on company-provided mobile phones. The organization issues these devices, but some users have managed to bypass the security controls.
Which of the following Is the MOST likely issue, and how can the organization BEST prevent this from happening?

  • A. Some advanced users are upgrading the devices' OS and installing the applications. The organization should create an AUP that prohibits this activity.
  • B. Some advanced users are jailbreaking the OS and bypassing the controls. Implement an MDM solution to control access to company resources.
  • C. The mobile phones have been compromised by an APT and can no longer be trusted. Scan the devices for the unauthorized software, recall any compromised devices, and issue completely new ones.
  • D. The mobile phones are being infected Willi malware that covertly installs the applications. Implement full disk encryption and integrity-checking software.

Answer: B

 

NEW QUESTION 360
Which of the following techniques can be bypass a user or computer's web browser privacy settings?
(Select Two)

  • A. LDAP injection
  • B. Locally shared objects
  • C. Session hijacking
  • D. Cross-site scripting
  • E. SQL injection

Answer: C,D

 

NEW QUESTION 361
An organization's Chief Information Officer (CIO) read an article that identified leading hacker trends and attacks, one of which is the alteration of URLs to IP addresses resulting in users being redirected to malicious websites. To reduce the chance of this happening in the organization, which of the following secire protocols should be implemented?

  • A. HTTPS
  • B. LDAPS
  • C. DNSSEC
  • D. IPSec

Answer: C

 

NEW QUESTION 362
A penetration tester has written an application that performs a bit-by-bit XOR 0xFF operation on binaries prior to transmission over untrusted media.
Which of the following BEST describes the action performed by this type of application?

  • A. Key exchange
  • B. Hashing
  • C. Encryption
  • D. Obfusication

Answer: D

 

NEW QUESTION 363
Drag and drop the correct protocol to its default port.

Answer:

Explanation:

Explanation:
FTP uses TCP port 21. Telnet uses port 23.
SSH uses TCP port 22.
All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22. Secure Copy Protocol (SCP) is a secure file-transfer facility based on SSH and Remote Copy Protocol (RCP).
Secure FTP (SFTP) is a secured alternative to standard file Transfer Protocol (FTP). SMTP uses TCP port 25.
Port 69 is used by TFTP.
SNMP makes use of UDP ports 161 and 162. http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

 

NEW QUESTION 364
......

SY0-501 EXAM DUMPS WITH GUARANTEED SUCCESS: https://www.validvce.com/SY0-501-exam-collection.html

Related Articles

more
CompTIA SY0-501 Certification Practice Exam

We are dedicated in providing the most reliable and latest vce dumps for certification exam, our valid dumps and free vce files will guarantee you pass test 100%.

Latest VCE Dumps

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 ValidVCE NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy