Lead2pass 2017 November New CompTIA SY0-501 Exam Dumps!
100% Free Download! 100% Pass Guaranteed!
CompTIA SY0-501 exam is very popular in CompTIA field, many CompTIA candidates choose this exam to add their credentials. There are many resource online to offering CompTIA SY0-501 exam questions, through many good feedbacks, we conclude that Lead2pass can help you pass your test easily with CompTIA SY0-501 exam questions. Choose Lead2pass to get your CompTIA SY0-501 certification.
Following questions and answers are all new published by CompTIA Official Exam Center: https://www.lead2pass.com/sy0-501.html
QUESTION 31
Which of the following characteristics differentiate a rainbow table attack from a brute force attack? (Select TWO).
A. Rainbow table attacks greatly reduce compute cycles at attack time.
B. Rainbow tables must include precompiled hashes.
C. Rainbow table attacks do not require access to hashed passwords.
D. Rainbow table attacks must be performed on the network.
E. Rainbow table attacks bypass maximum failed login restrictions.
Answer: BD
QUESTION 32
Which of the following BEST describes a routine in which semicolons, dashes, quotes, and commas are removed from a string?
A. Error handling to protect against program exploitation
B. Exception handling to protect against XSRF attacks
C. Input validation to protect against SQL injection
D. Padding to protect against string buffer overflows
Answer: C
QUESTION 33
Which of the following is an important step to take BEFORE moving any installation packages from a test environment to production?
A. Verify the hashes of files
B. Archive and compress the files
C. Update the secure baseline
Answer: A
QUESTION 34
Which of the following cryptographic attacks would salting of passwords render ineffective?
A. Dictionary
B. Rainbow tables
C. Birthday
Answer: A
QUESTION 35
A network administrator wants to implement a method of securing internal routing.
Which of the following should the administrator implement?
A. DMZ
B. NAT
C. VPN
D. PAT
Answer: A
QUESTION 36
Which of the following types of keys is found in a key escrow?
A. Public
B. Private
C. Shared
D. Session
Answer: B
QUESTION 37
A senior incident response manager receives a call about some external IPs communicating with internal computers during off hours. Which of the following types of malware is MOST likely causing this issue?
A. Botnet
B. Ransomware
C. Polymorphic malware
D. Armored virus
Answer: A
QUESTION 38
A company is currently using the following configuration:
* IAS server with certificate-based EAP-PEAP and MSCHAP
* Unencrypted authentication via PAP
A security administrator needs to configure a new wireless setup with the following configurations:
* PAP authentication method
* PEAP and EAP provide two-factor authentication
Which of the following forms of authentication are being used? (Select TWO).
A. PAP
B. PEAP
C. MSCHAP
D. PEAP-MSCHAP
E. EAP
F. EAP-PEAP
Answer: EF
QUESTION 39
A security administrator is trying to encrypt communication. For which of the following reasons should administrator take advantage of the Subject Alternative Name (SAM) attribute of a certificate?
A. It can protect multiple domains
B. It provides extended site validation
C. It does not require a trusted certificate authority
D. It protects unlimited subdomains
Answer: B
QUESTION 40
After a merger between two companies a security analyst has been asked to ensure that the organization’s systems are secured against infiltration by any former employees that were terminated during the transition.
Which of the following actions are MOST appropriate to harden applications against infiltration by former employees? (Select TWO)
A. Monitor VPN client access
B. Reduce failed login out settings
C. Develop and implement updated access control policies
D. Review and address invalid login attempts
E. Increase password complexity requirements
F. Assess and eliminate inactive accounts
Answer: CF
More free Lead2pass SY0-501 exam new questions on Google Drive: https://drive.google.com/open?id=1Hm6GQHDVOsEnyhNf3EHqIGEtor5IUsfu
CompTIA SY0-501 exam questions are available in PDF and VCE format. This makes it very convenient for you to follow the course and study the exam whenever and wherever you want. The CompTIA SY0-501 exam questions follow the exact paper pattern and question type of the actual SY0-501 certification exam, it lets you recreate the exact exam scenario, so you are armed with the correct information for the SY0-501 certification exam.
2017 CompTIA SY0-501 (All 166 Q&As) exam dumps (PDF&VCE) from Lead2pass:
https://www.lead2pass.com/sy0-501.html [100% Exam Pass Guaranteed]