sy0-501

which of the following is an important step to take before moving any installation packages from a test environment to production

management is looking for a solution to reduce the number of account lockouts the improve security, what is the best solution for organization

malicious traffic from an internal network has been detected on an unauthorized port on an application server. Which of the following network based security controls should the engineer considered implementing?

despite having implemented password policies, users continue to set the same weak passwords and reuse old passwords. what would help prevent these policy violations

a user has attempted to access data at a higher classification level that the users account is currently authorized. Which of the following access control models has been applied to this users account?

An organization has determined it can tolerate a maximum of three hours of downtime. Which of the following has been specified?

When connected to a secure WAP, which of the following encryption technologies is MOST likely to be configured when connecting to WPA2-PSK?

A penetration tester is crawling a target website that is available to the public. Which of the following represents the actions the penetration tester is performing?

Which of the following cryptographic attacks would salting of passwords render ineffective?

Ann's device has slow performance-word documents not opening-a pop up- 
it started after she opened an invoice what is the likely infection.

Which of the following types of keys is found in a key escrow?

Which of the following types of cloud infrastructures would allow several organizations with similar structures and interest to realize the benefits of shared storage and resources?

Which of the following specifically describes the exploitation of an interactive process to access otherwise restricted area of the OS?

an incident responded relieves a call from a user who reports a computer is exhibiting symptoms consistent with a malware infection. Which of the following steps should the responded perform NEXT?

A security analyst is hardening a server with the directory services roles installed. The analyst must ensure LDAP traffic can be monitored or sniffed and maintains compatibility with LDAP clients. what do you need to implement these requirements.

A systems administrator is attempting to recover from a catastrophic failure in the data center. To recover the domain controller the systems administrator needs to provide the domain administrator credentials. Which of the following account types is the systems administrator using.

replacing a wireless router the old router was not documented before it stopped working.which of the following configuration options should the administrator select for the new wireless router

An attacker compromises a public CA and issues unautherized X.509 certificates for Comapny.com. in the future company.com wants to mitigate the impact of similar incidents. Which of the following would assist Company.com with its goal?

When systems, hardware, or software are not supported by the original vendor, it is a vulnerability known as:

Which of the following would  a security specialist be able to determine upon examination of a servers certificate?

application team is performing a load-balancing test for a critical application during off hours. they dont want to have to administrator on call.  The security analyst is hesitant to give application team full access what is the best solution for security analyst to process the request

which of the following attacks specifically impact data availability

A company has a data system with definitions for "private" and "public" the companys security policy outlines how data should be protected based on type. the company recently added the data type "proprietary". Which of the following is the MOST likely reason the company added this data type?

As part of a new industry regulation, companies are required to utilize secure, standardized OS settings. A technical must ensure the OS settings are hardened. Which of the following is the BEST way to do this?

In a corporation where compute utilization spikes several times a year, the Chief Information Officer (CIO) has requested a cost effective architecture to handle the variable capacity demand. Which of the following characteristics BEST describes what the CIO has requested?

A security analyst is diagnosing an incident in which a system was compromised from an IP address. The socket identified on the firewall was traced to 207.46.130.0:6666. Which of the following should the security analyst do to determine if the compromised system still has an active connection?

An organization wishes to provide better security for its name resources services. Which of the following technologies BEST supports the deployment of DNSSEC at the organization?

A database backup schedule consists of weekly full backups performed on Saturday at 12:00am. If the database is restored on Tuesday afternoon, which of the following is the number of individual backups that would need to be applied to complete the database recovery?

Which of the Following security controls does an iris scanner provide?

Which of the following implements two-factor authentication?

An auditor wants to test the security posture of an organization by running a tool that will display the following:

JIMS <00> UNIQUE Registered
WORKGROUP <00> GROUP Registered
JIMS <00> UNIQUE Registered

A botnet has hit a popular website with a massive number GRE-encapsulated packets to perform a DDoS attack. News outlets discovered a certain type of refrigerator was exploited and used to send outbound packets to the to the website that crashed. To which of the following categories does the refrigerator belong.

A company hires a consulting firm to crawl its Active Directory network with a non-domain account looking for unpatched systems. Actively taking control of systems is out of scope, as is the creation of new administrator accounts, For which of the following is the company hiring the consulting firm?

Which of the following BEST describes an important security advantage yielded by implementing vendor diversity?

A company is terminating an employee for misbehavior. Which of the following steps is MOST important in the process of disengagement from this employee?

A security consultant discovers that an organization is using the PCL protocol to print documents, utilizing the default driver and print settings. Which of the following is the MOST likely risk is this situation?

Attacker gains confidential company information ceo board members -SPEAR PHISHING

Attacker post link to fake AV software broad set of victims- HOAX

Attacker collecting credit card details by phone- VISHING

Attacker mass-mails product information to parties that have already opted out of receiving advertisement. broad set of recipients-PHISHING

Attacker redirects name resolution entries from legitimate site to fraudulent site.- PHARMING

when tring to log onto a companys new ticketing system, some employees recieve the following message: Access denied: too many concurrent sessions. The ticketing system ws recently installed on a small VM with only the recommended hardware specifications. Which of the follwoing is the MOST likely cause for this error message?

Which of the following explains why vendors publish MD5 values when they provide software patches for their customers to download over the internet?

joe downloads a third party app his colleges can not find to download - Which of the following allowed joe to install the app?

Which of the following attack types BEST describes a client-side attack that is used to manipulate an HTML iframe with JaveScript code via a web browser?

Which of the following characteristics differentiate a rainbow table attack from a brute force attack?

two users need to send each other emails over unsecured channels. The systmes should support the principle of non-repudiation. Which of the following should be used to sign the users certificates?

Which of the following encryption methods does PKI typically use to securely project keys?

A user clicked an email link that led to a website that infected the workstation with a virus. the virus encrypted all the network shares that the user had access too. which of the following describes what occurred?

which of the following threat actors is MOST likely to steal a company proprietary information to gain a market edge and reduce time to market?

A company is developing a new secure technology and requires computers being used for development to be isolated. Which of the following should be implemented to provide the MOST secure environment?

department head resigned on the first day of spring semester-and also deleted numerous files and directories from the server based home directory while campus was closed. Which of the following policies could have prevented this from occurring?

company has 3 divisions and wants to make its secure web portal accessible to all employees utilizing their existing usernames and passwords- Administrator wants to use SAML-what will happen when the users try to authenticate to the portal?

which of the following network vulnerability scan indicators BEST validates a successful, active scan?

Security engineer is configuring a system that requires the X.509 certificate information to be passed into a form field in Base64 encoded format to import it into the system. Which of the following certificate formats should the engineer to obtain the information in the required format?

a senior incident response manager receives a call about some external IPs communicating with internal computers during off hours. Which of the following types of malware is MOST likely causing this issue?

to secure an FTP server while using the same port and protocol what would best accomplish this

a company wants to host a publicity available server that performs the following functions.

-evaluates MX record lookup
-can perform authenticated request for A and AAA records
-uses RRSIG

which of the following should the company use to fulfill the above requirements?

Which of the following technologies emply the use of SAML

security administrator developing controls for creating audit trails and tracking if a PHI data breach. 
-All access must be correlated to a user account
-All user accounts must be assigned to a single individual
-user access to the PHI data must be recorded
-Anomalies in PHI data access must be reported
-Logs and records cannot be deleted or modified

what to implement to meet the requirements?

what is the specs of a company managed smart phone, and a data center terminal server

An analyst wants to implement a more secure wireless authentication for office access points. Which of the following technologies allows for encrypted authentication of wireless clients over TLS?

An organization is using a tool to perform a source code review. Which of the following describes the case in which the tool incorrectly identifies the vulnerability?

A company determines that it is prohibitively expensive to become compliant with new credit card regulations. Instead the company decides to purchase insurance to cover the cost of any potential loss. Which of the following is the company doing?

A high-security defense installation recently begun utilizing large guard dogs that bark very loudly and excitedly at the slightest provocation. Which of the following types of controls does this BEST describe?

A security analyst is hardening an authentication server. One of the primary requirements is to ensure there is a mutual authentication and delegation. Given these requirements, which of the following technologies should the analyst recommended and configure?

Which of the following best describes routine in which semicolons, dashes, quotes, and commas are removed from a string?

help desk notices a user repeatedly locked out over the course of a workweek. after contacting the user help desk discovers user is on vacation. what is MOST likely occurring?

When configuring settings in a mandatory access control environment, which of the following specifies the subjects that can access specific data objects?

Which of the following can be provided to an AAA system for the identification phase?

A network administrator at a small office wants to simplify the configuration of mobile clients connecting to an encrypted wireless network. Which of the following should be implemented in the administrator does not want to provide the wireless password or he certificate to the employees?

Multiple organizations operating in the same vertical wants to provide seamless wireless access for their employees as they visit the other organizations. Which of the following should be implemented if all the organizations use the native 802.1x client on their mobile device?

a user suspects someone has been accessing a home network without permission by spoofing the MAC address of an authorized system. 
What should be the NEXT step if there is an unauthorized user on the network.

A network administrator wants to implement a method of securing internal routing. Which of the following should the administrator implement?

multiple employees receive an email with a malicious attachment that begins to encrypt their hard drives and mapped shares on their devices with it is opened.

when performing data acquisition on a workstation, which of the following should be captured based on memory volatility?

a company using a mobile device deployment model in which employees use their personal devices for work at their own discretion. ..... which of the following is a deployment model that would help the company overcome these problems?

Users report the following message appears when browsing to the company's secure sit: This website cannot be trusted. Which of the following actions should a security analyst take to resolve these messages?