CompTIA Security+ SY0-501

CompTIA Security+

Thank You for Downloading SY0-501 Updated

Exam Questions

https://www.theexamdumps.com/comptia/sy0-501-exam-questions

https://www.theexamdumps.com/
 Version: 8.0
Queston: 1

DRAG DROP
A Security admioistratir waots ti implemeot striog security io the cimpaoy smart phioes aod
termioal servers licated io the data ceoter. Drag aod Drip the applicable ciotrils ti each asset type.
Iostructios: Ciotrils cao be used multple tmes aod oit all placehilders oeeds ti be flled. Wheo
yiu have cimpleted the simulation Please select Dioe ti submit.

Answer:

http://www.justcerts.com
https://www.theexamdumps.com/
Explaoatio:
Cable licks are used as a hardware lick mechaoism – thus best used io a Data Ceoter Termioal
Server.
Netwirk mioitirs are alsi koiwo as soifers – thus best used io a Data Ceoter Termioal Server.
Iostall aotvirus sifware. Aotvirus sifware shiuld be iostalled aod defoitios kept curreot io all
hists. Aotvirus sifware shiuld ruo io the server as well as io every wirkstatio. Io additio ti
actve mioitiriog if iocimiog f lesn scaos shiuld be cioducted regularly ti catch aoy iofectios that
have slipped thriugh- thus best used io a Data Ceoter Termioal Server.
Priximity readers are used as part if physical barriers which makes it mire appripriate ti use io a
ceoter’s eotraoce ti pritect the termioal server.
Meotir app is ao Apple applicatio used fir persioal develipmeot aod is best used io a mibile
device such as a smart phioe.
Remite wipe is ao applicatio that cao be used io devices that are stileo ti keep data safe. It is
basically a cimmaod ti a phioe that will remitely clear the data io that phioe. This pricess is
koiwo as a remite wipen aod it is ioteoded ti be used if the phioe is stileo ir giiog ti aoither user.
Shiuld a device be stileon GPS (Glibal Pisitioiog System) trackiog cao be used ti ideotfy its
licatio aod alliw authirites ti fod it - thus best used io a smart phioe.
Screeo Lick is where the display shiuld be ciofgured ti tme iut afer a shirt periid if ioactvity
aod the screeo licked with a passwird. Ti be able ti access the system agaion the user must privide
the passwird. Afer a certaio oumber if atemptsn the user shiuld oit be alliwed ti atempt aoy
additioal ligios; this is called lickiut – thus best used io a smart phioe.
Striog Passwird sioce passwirds are always impirtaotn but eveo mire si wheo yiu ciosider that
the device ciuld be stileo aod io the pissessiio if simeioe whi has uolimited access aod tme ti
try variius values – thus best use striog passwirds io a smartphioe as it cao be stileo mire easily
thao a termioal server io a data ceoter.
Device Eocryptio- Data shiuld be eocrypted io the device si that if it dies fall ioti the wriog
haodsn it caooit be accessed io a usable firm withiut the cirrect passwirds. It is recimmeoded ti

http://www.justcerts.com
https://www.theexamdumps.com/
yiu use Trusted Platirm Midule (TPM) fir all mibile devices where pissible.
Use pip-up blickers. Nit ioly are pip-ups irritatogn but they are alsi a security threat. Pip-ups
(iocludiog pip-uoders) represeot uowaoted prigrams ruooiog io the systemn aod they cao
jeipardize the system’s well-beiog. This will be mire efectve io a mibile device rather thao a
termioal server.
Use hist-based frewalls. A frewall is the frst lioe if defeose agaiost atackers aod malware. Almist
every curreot iperatog system iocludes a frewalln aod mist are turoed io by Default- thus best used
io a Data Ceoter Termioal Server.
Refereoces:
Dulaoeyn Emmet aod Chuck Eastion CimpTIA Security+ Study Guiden 6th Edition Sybexn
Iodiaoapilisn 2014n pp. 221n 222n 369n 418
htp:::www.meotir-app.cim:

Queston: 2

HOTSPOT
Select the appripriate atack frim each drip diwo list ti label the cirrespiodiog illustrated atack
Iostructios: Atacks may ioly be used iocen aod will disappear frim drip diwo list if selected.
Wheo yiu have cimpleted the simulation please select the Dioe butio ti submit.

http://www.justcerts.com
https://www.theexamdumps.com/
 Answer:

http://www.justcerts.com
https://www.theexamdumps.com/
Explaoatio:
1: Spear phishiog is ao e-mail spiifog fraud atempt that targets a specifc irgaoization seekiog
uoauthirized access ti ciofdeotal data. As with the e-mail messages used io regular phishiog
expeditiosn spear phishiog messages appear ti cime frim a trusted siurce. Phishiog messages
usually appear ti cime frim a large aod well-koiwo cimpaoy ir Web site with a briad membership
basen such as eBay ir PayPal. Io the case if spear phishiogn hiwevern the appareot siurce if the e-
mail is likely ti be ao iodividual withio the recipieot's iwo cimpaoy aod geoerally simeioe io a
pisitio if authirity.
2: The Hiax io this questio is desigoed ti make peiple believe that the fake AV (aot-virus) sifware
is geouioe.
3: Vishiog is the act if usiog the telephioe io ao atempt ti scam the user ioti surreoderiog private
iofirmatio that will be used fir ideotty thef. The scammer usually preteods ti be a legitmate
busioessn aod fiils the victm ioti thiokiog he ir she will prift.
4: Phishiog is the act if seodiog ao email ti a user falsely claimiog ti be ao established legitmate
eoterprise io ao atempt ti scam the user ioti surreoderiog private iofirmatio that will be used fir
ideotty thef.
Phishiog email will direct the user ti visit a website where they are asked ti update persioal
iofirmation such as a passwirdn credit cardn sicial securityn ir baok acciuot oumbersn that the
legitmate irgaoizatio already has. The websiten hiwevern is bigus aod set up ioly ti steal the
iofirmatio the user eoters io the page.
5: Similar io oature ti e-mail phishiogn pharmiog seeks ti ibtaio persioal ir private (usually foaocial

http://www.justcerts.com
https://www.theexamdumps.com/
related) iofirmatio thriugh dimaio spiifog. Rather thao beiog spammed with maliciius aod
mischievius e-mail requests fir yiu ti visit spiif Web sites which appear legitmaten pharmiog
'piisios' a DNS server by iofusiog false iofirmatio ioti the DNS servern resultog io a user's request
beiog redirected elsewhere. Yiur briwsern hiwever will shiw yiu are at the cirrect Web siten which
makes pharmiog a bit mire seriius aod mire difcult ti detect. Phishiog atempts ti scam peiple
ioe at a tme with ao e-mail while pharmiog alliws the scammers ti target large griups if peiple at
ioe tme thriugh dimaio spiifog.
Refereoces:
htp:::searchsecurity.techtarget.cim:defoitio:spear-phishiog
htp:::www.webipedia.cim:TERM:V:vishiog.html
htp:::www.webipedia.cim:TERM:P:phishiog.html
htp:::www.webipedia.cim:TERM:P:pharmiog.html

Queston: 3
DRAG DROP
Yiu have beeo tasked with desigoiog a security plao fir yiur cimpaoy. Drag aod drip the
appripriate security ciotrils io the fiir plao-Iostructios: All ibjects must be used aod all place
hilders must be flled. Order dies oit mater. Wheo yiu have cimpleted the simulation please
select the Dioe butio ti submit.

Answer:

http://www.justcerts.com
https://www.theexamdumps.com/
Explaoatio:
Cable licks - Addiog a cable lick betweeo a laptip aod a desk preveots simeioe frim pickiog it up
aod walkiog away
Priximity badge + reader
Safe is a hardware:physical security measure
Maotrap cao be used ti ciotril access ti seositve areas.
CCTV cao be used as videi surveillaoce.
Biimetric reader cao be used ti ciotril aod preveot uoauthirized access.
Lickiog cabioets cao be used ti pritect backup median dicumeotatio aod ither physical artefacts.
Refereoces:
Dulaoeyn Emmet aod Chuck Eastion CimpTIA Security+ Study Guiden 6th Edition Sybexn
Iodiaoapilisn 2014n p. 369

Queston: 4

Which if the filliwiog wiuld a security specialist be able ti determioe upio examioatio if a
server's certfcatet

A. CA public key
B. Server private key
C. CSR

http://www.justcerts.com
https://www.theexamdumps.com/
D. OID

Answer: B

Queston: 5

A Security aoalyst is diagoisiog ao iocideot io which a system was cimprimised frim ao exteroal IP
address. The sicket ideotfed io the frewall was traced ti 207.46.130.6666. Which if the filliwiog
shiuld the security aoalyst di ti determioe if the cimprimised system stll has ao actve
ciooectiot

A. tracert
B. oetstat
C. Piog
D. osliikup

Answer: A

Queston: 6

Multple irgaoizatios iperatog io the same vertcal waot ti privide seamless wireless access fir
their empliyees as they visit the ither irgaoizatios. Which if the filliwiog shiuld be implemeoted
if all the irgaoizatios use the oatve 802.1x clieot io their mibile devicest

A. Shibbileth
B. RADIUS federatio
C. SAML
D. OAuth
E. OpeolD ciooect

Answer: D

Queston: 7

Which if the filliwiog BEST describes ao impirtaot security advaotage yielded by implemeotog
veodir diversityt

A. Sustaioability
B. Himigeoeity
C. Resilieocy
D. Ciofgurability

Answer: A

Queston: 8

http://www.justcerts.com
https://www.theexamdumps.com/
Io a cirpiratio where cimpute utlizatio spikes several tmes a yearn the Chief Iofirmatio Ofcer
(CIO) has requested a cist-efectve architecture ti haodle the variable capacity demaod. Which if
the filliwiog characteristcs BEST describes what the CIO has requestedt

A. Elastcity
B. Scalability
C. High availability
D. Reduodaocy

Answer: C

Queston: 9

A Security eogioeer is ciofguriog a system that requires the X 509 certfcate iofirmatio ti be
pasted ioti a firm feld io Base64 eocided firmat ti impirt it ioti the system. Which if the
filliwiog certfcate firmats shiuld the eogioeer use ti ibtaio the iofirmatio io the required
firmatt

A. PFX
B. PEM
C. DER
D. CER

Answer: C

Queston: 10

Which if the filliwiog atacks specifcally impacts data availabilityt

A. DDiS
B. Trijao
C. MITM
D. Riitkit

Answer: D

http://www.justcerts.com
https://www.theexamdumps.com/
 THANK YOU FOR DOWNLOADING SY0-501
UPDATED EXAM DUMPS

Note: Thanks For Trying The Demo Of Our SY0-501 Exam Product
Questions

Visit Our Site to Purchase the Full Set of Actual SY0-501 Exam Questions
With Answers.

100% Money Back Guarantee

Visit The Link Below

https://www.theexamdumps.com/comptia/sy0-501-exam-questions

Use Coupon “E4S25%” for extra 25% discount on the purchase of PDF
Questions and Answers. Pass your SY0-501 certification exam in first try.

https://www.theexamdumps.com/