Dumps4cert.com : Latest Dumps with PDF and VCE Files
2018 May CompTIA Official New Released SY0-501
100% Free Download! 100% Pass Guaranteed!

CompTIA Security Certification Exam

Question No: 61

DRAG DROP

A Security administrator wants to implement strong security on the company smart phones and terminal servers located in the data center. Drag and Drop the applicable controls to each asset type.

Instructions:

Controls can be used multiple times and not all placeholders needs to be filled. When you have completed the simulation, Please select Done to submit.

Dumps4Cert 2018 PDF and VCE

Answer:

Dumps4Cert 2018 PDF and VCE

Question No: 62

Which of the following technologies employ the use of SAML? (Select TWO).

  1. Single sign-on

  2. Federation

  3. LDAP

  4. Secure token

  5. RADIUS

Answer: BC

Question No: 63

A database backup schedule consists of weekly full backups performed on Saturday at 12:00 a.m. and daily differential backups also performed at 12:00 a.m. If the database is restored on Tuesday afternoon, which of the following is the number of individual backups that would need to be applied to complete the database recovery?

  1. 1

  2. 2

  3. 3

  4. 4

Answer: A

Question No: 64

Which of the following explains why vendors publish MD5 values when they provide software patches for their customers to download over the Internet?

  1. The recipient can verify integrity of the software patch.

  2. The recipient can verify the authenticity of the site used to download the patch.

  3. The recipient can request future updates to the software using the published MD5 value.

  4. The recipient can successfully activate the new software patch.

Answer: A

Question No: 65

A security administrator is developing controls for creating audit trails and tracking if a PHI data breach is to occur. The administrator has been given the following requirements:

-All access must be correlated to a user account.

-All user accounts must be assigned to a single individual.

-User access to the PHI data must be recorded.

-Anomalies in PHI data access must be reported.

-Logs and records cannot be deleted or modified.

Which of the following should the administrator implement to meet the above requirements? (Select THREE).

  1. Eliminate shared accounts.

  2. Create a standard naming convention for accounts.

  3. Implement usage auditing and review.

  4. Enable account lockout thresholds.

  5. Copy logs in real time to a secured WORM drive.

  6. Implement time-of-day restrictions.

  7. Perform regular permission audits and reviews.

Answer: CDG

Question No: 66

Which of the following attack types BEST describes a client-side attack that is used to mandate an HTML iframe with JavaScript code via web browser?

  1. MITM

  2. xss

  3. SQLi

  4. none of the above

Answer: C

Question No: 67

Which of the fallowing security controls does an iris scanner provide?

  1. Logical

  2. Administrative

  3. Physical

  4. Detective

  5. Deterrent

Answer: D

Question No: 68

A network administrator wants to implement a method of securing internal routing. Which of the following should the administrator implement?

  1. DMZ

  2. NAT

  3. VPN

  4. PAT

Answer: A

Question No: 69

Which of the following types of keys is found in a key escrow?

  1. Public

  2. Private

  3. Shared

  4. Session

Answer: B

Question No: 70

Ann, an employee in the payroll department, has contacted the help desk citing multiple issues with her device, including:

-Slow performance

-Word documents, PDFs, and images no longer opening

-A pop-up

Ann states the issues began after she opened an invoice that a vendor emailed to her. Upon opening the invoice, she had to click several security warnings to view it in her word processor. With which of the following is the device MOST likely infected?

  1. Crypto-malware

  2. Rootkit

  3. Backdoor

  4. none of the above

Answer: C

100% Dumps4cert Free Download!
Download Free Demo:SY0-501 Demo PDF
100% Dumps4cert Pass Guaranteed!
SY0-501 Dumps

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No