A System Administrator Is Reviewing the Following Information From a Compromised Server
The latest CompTIA Security+ (SY0-501) certification actual real practice test question and answer (Q&A) dumps are bachelor free, which are helpful for you to pass the CompTIA Security+ (SY0-501) exam and earn CompTIA Security+ (SY0-501) certification.
Exam Question 861
The Main Executive Officeholder (CEO) of an organization would like staff members to have the flexibility to work from home anytime during business organization hours, including during a pandemic or crisis. However, the CEO is concerned that some staff members may take advantage of the flexibility and piece of work from high-risk countries while on holiday or outsource work to a tertiary-party organisation in another country. The Chief Information Officer (CIO) believes the company can implement some basic controls to mitigate the bulk of the risk.
Which of the following would be BEST to mitigate the CEO's concerns? (Choose two.)
A. Geolocation
B. Time-of-day restrictions
C. Certificates
D. Tokens
E. Geotagging
F. Office-based access controls
Correct Respond:
A. Geolocation
B. Time-of-day restrictions
Exam Question 862
Which of the following scenarios would make a DNS sinkhole effective in thwarting an set on?
A. An attacker is sniffing traffic to port 53, and the server is managed using unencrypted usernames and passwords.
B. An organization is experiencing excessive traffic on port 53 and suspects an attacker is trying to DoS the domain name server.
C. Malware is trying to resolve an unregistered domain name to determine if information technology is running in an isolated sandbox.
D. DNS routing tables have been compromised, and an attacker is rerouting traffic to malicious websites.
Right Answer:
D. DNS routing tables accept been compromised, and an attacker is rerouting traffic to malicious websites.
Exam Question 863
While reviewing the wireless router, the systems administrator of a pocket-sized business organization determines someone is spoofing the MAC address of an authorized device. Given the table below:
Which of the following should be the ambassador'south Next step to notice if there is a rogue system without impacting availability?
A. Deport a ping sweep.
B. Physically bank check each system.
C. Deny Internet access to the "UNKNOWN" hostname.
D. Apply MAC filtering.
Correct Respond:
A. Conduct a ping sweep.
Exam Question 864
A academy is opening a facility in a location where there is an elevated take chances of theft. The academy wants to protect the desktops in its classrooms and labs. Which of the following should the university apply to BEST protect these assets deployed in the facility?
A. Visitor logs
B. Cable locks
C. Guards
D. Disk encryption
E. Motion detection
Correct Answer:
B. Cable locks
Exam Question 865
Which of the following is the primary reason for implementing layered security measures in a cybersecurity architecture?
A. It increases the number of controls required to subvert a organization
B. It decreases the time a CERT has to answer to a security incident.
C. It alleviates problems associated with EOL equipment replacement.
D. It allows for bandwidth upgrades to be made without user disruption.
Correct Answer:
A. It increases the number of controls required to subvert a system
Test Question 866
Which of the post-obit explains why a vulnerability scan might return a simulated positive?
A. The scan is performed at a time of day when the vulnerability does not exist.
B. The test is performed confronting the incorrect host.
C. The signature matches the product merely not the version information.
D. The hosts are evaluated based on an OS-specific profile.
Correct Answer:
A. The scan is performed at a time of day when the vulnerability does not exist.
Examination Question 867
Which of the following policies would help an organization identify and mitigate potential single points of failure in the company's IT/security operations?
A. Least privilege
B. Awareness training
C. Separation of duties
D. Mandatory holiday
Correct Answer:
C. Separation of duties
Test Question 868
Which of the following may indicate a configuration item has reached end-of-life?
A. The device will no longer turn on and indicated an fault.
B. The vendor has non published security patches recently.
C. The object has been removed from the Active Directory.
D. Logs show a performance deposition of the component.
Correct Answer:
B. The vendor has not published security patches recently.
Examination Question 869
Using an ROT13 cipher to protect confidential information for unauthorized access is known every bit:
A. steganography.
B. obfuscation.
C. non-repudiation.
D. diffusion.
Correct Respond:
B. obfuscation.
Exam Question 870
A company is implementing a tool to mask all PII when moving data from a production server to a testing server. Which of the following security techniques is the company applying?
A. Data wiping
B. Steganography
C. Data obfuscation
D. Information sanitization
Correct Answer:
C. Information obfuscation
Source: https://pupuweb.com/comptia-security-sy0-501-actual-exam-question-answer-dumps-9/7/
0 Response to "A System Administrator Is Reviewing the Following Information From a Compromised Server"
Post a Comment