SY0-501 Real Exam Dumps Questions and answers 91-100

Get Full Version of the Exam

Question No.91

A Chief Executive Officer (CEO) suspects someone in the lab testing environment is stealing confidential information after working hours when no one else is around. Which of the following actions can help to prevent this specific threat?

  1. Implement time-of-day restrictions.

  2. Audit file access times.

  3. Secretly install a hidden surveillance camera

  4. Require swipe-card access to enter the lab

Correct Answer: D

Question No.92

A security administrator receives an alert from a third-party vendor that indicates a certificate that was installed in the browser has been hijacked at the root of a small public CA. The security administrator knows there are at least four different browsers in use on more than a thousand computers in the domain worldwide. Which of the following solution would be BEST for the security administrator to implement to most efficiently assist with this issue?

  1. SSL

  2. CRL

  3. PKI

  4. ACL

Correct Answer: B

Question No.93

A network technician is setting up a segmented network that will utilize a separate ISP to provide wireless access to the public area for a company. Which of the following wireless security methods should the technician implement to provide basic accountability for access to the public network?

  1. Pre-shared key

  2. Enterprise

  3. Wi-Fi Protected Setup

  4. Captive Portal

Correct Answer: D

Question No.94

The compute resource center issued smartphones to all first-level and above managers. The managers have the ability to install mobile tools. Which of the following tools should be implemented to control the types of tools the managers install?

  1. Download manager

  2. Content manager

  3. Segmentation manager

  4. Application manager

Correct Answer: D

Question No.95

A security administrator is reviewing the following network capture: -gt;

POST quot;

https://www.banksite.comlt;ENTERgt;JoeUsrlt;BackSPACEgt;erPasswordlt;ENTERgt;quot; Which of the following malware is MOST likely to generate the above information?

  1. Keylogger

  2. Ransomware

  3. Logic bomb

  4. adware

Correct Answer: A

Question No.96

A security analyst captures forensic evidence from a potentially compromised system for further investigation. The evidence is documented and securely stored to FIRST:

  1. maintain the chain of custody

  2. preserve the data

  3. obtain a legal hold

  4. recover data at a later time

Correct Answer: B

Question No.97

Which of the following BEST describes a network-based attack that can allow an attacker to take full control of a vulnerable host?

  1. Remote exploit

  2. Amplification

  3. Sniffing

  4. Man-in-the-middle

Correct Answer: A

Question No.98

A security analyst receives a notification from the IDS after working hours, indicating a spike in network traffic. Which of the following BEST describes this type of IDS?

  1. Anomly-based

  2. Stateful

  3. Host-based

  4. Signature-based

Correct Answer: D

Question No.99

A security analyst reviews the following output:


The analyst loads the hash into the SIEM to discover if this hash is seen in other parts of the network. After inspecting a large number of files, the SIEM reports the following.

File hash: E289F21CD33E4F57890DDEA5CF267ED2

File found: somestuff.xls, somefile.pdf, nofile.doc

Which of the following is the MOST likely cause of the hash being found in other areas?

  1. Jan Smith is an insider threat.

  2. There are MD5 has collisions

  3. The file is encrypted.

  4. Shadow copies are present.

Correct Answer: B

Question No.100

A company#39;s loss control department identifies theft as a recurring loss type over the past year. Based on the department#39;s report, the Chief information Office (CIO) wants to detect theft of datacenter equipment. Which of the following controls should be implemented?

  1. Biometrics

  2. Cameras

  3. Motion detectors

  4. Mantraps

Correct Answer: C

Get Full Version of SY0-501 Dumps