Uploaded by fmz50994

CompTIA-SY0-501

advertisement
CompTIA
SY0-501
CompTIA Security+ Certification Exam
Web: www.exactinside.com
Version: Demo
Email: support@exactinside.com
[ Total Questions: 10]
IMPORTANT NOTICE
Feedback
We have developed quality product and state-of-art service to ensure our customers interest. If you have any
suggestions, please feel free to contact us at feedback@exactinside.com
Support
If you have any questions about our product, please provide the following items:
exam code
screenshot of the question
login id/email
please contact us at support@exactinside.com and our technical experts will provide support within 24 hours.
Copyright
The product of each order has its own encryption code, so you should use it independently. Any unauthorized
changes will inflict legal punishment. We reserve the right of final explanation for this statement.
Exact Questions
CompTIA - SY0-501
Exam Topic Breakdown
Exam Topic
Number of Questions
Topic 2 : Exam Pool B
4
Topic 3 : Simulations
4
Topic 1 : Exam Pool A
2
TOTAL
10
Find Everything , Exactly in your Exam
1 of 16
Exact Questions
CompTIA - SY0-501
Topic 2, Exam Pool B
Question #:1 - (Exam Topic 2)
A system in the network is used to store proprietary secrets and needs the highest level of security possible.
Which of the following should a security administrator implement to ensure the system cannot be reached
from the Internet?
A. VLAN
B. Air gap
C. NAT
D. Firewall
Answer: B
Explanation
An air gap, air wall or air gapping is a network security measure employed on one or more computers to
ensure that a secure computer network is physically isolated from unsecured networks, such as the public
Internet or an unsecured local area network.
Question #:2 - (Exam Topic 2)
An organization is struggling to differentiate threats from normal traffic and access to systems A security
engineer has been asked to recommend a system that will aggregate data and provide metrics that will assist in
Identifying malicious actors or other anomalous activity throughout the environment. Which of the following
solutions should the engineer recommend?
A. Web application firewall
B. SIEM
C. IPS
D. UTM
E. File integrity monitor
Answer: B
Find Everything , Exactly in your Exam
2 of 16
Exact Questions
CompTIA - SY0-501
Question #:3 - (Exam Topic 2)
A large Industrial system's smart generator monitors the system status and sends alerts to third-party
maintenance personnel when critical failures occur. While reviewing the network logs, the company's security
manager notices the generator's IP is sending packets to an internal file server's IP. Which of the following
mitigations would be BEST for the security manager to implement while maintaining alerting capabilities?
A. Segmentation
B. Firewall whitelisting
C. Containment
D. Isolation
Answer: B
Question #:4 - (Exam Topic 2)
An analyst is concerned about data leaks and wants to restrict access to Internet services to authorized users
only. The analyst also wants to control the actions each user can perform on each service Which of the
following would be the BEST technology for me analyst to consider implementing?
A. DLP
B. VPC
C. CASB
D. ACL
Answer: A
Find Everything , Exactly in your Exam
3 of 16
Exact Questions
CompTIA - SY0-501
Topic 3, Simulations
Question #:5 - (Exam Topic 3)
Leveraging the information supplied below, complete the CSR for the server to set up TLS (HTTPS)
• Hostname: ws01
• Domain: comptia.org
• IPv4: 10.1.9.50
• IPV4: 10.2.10.50
• Root: home.aspx
• DNS CNAME:homesite.
Instructions:
Drag the various data points to the correct locations within the CSR. Extension criteria belong in the let hand
column and values belong in the corresponding row in the right hand column.
Answer:
Find Everything , Exactly in your Exam
4 of 16
Exact Questions
CompTIA - SY0-501
Explanation
Question #:6 - (Exam Topic 3)
Drag and drop the correct protocol to its default port.
Find Everything , Exactly in your Exam
5 of 16
Exact Questions
CompTIA - SY0-501
Answer:
Find Everything , Exactly in your Exam
6 of 16
Exact Questions
CompTIA - SY0-501
Explanation
Find Everything , Exactly in your Exam
7 of 16
Exact Questions
CompTIA - SY0-501
FTP uses TCP port 21. Telnet uses port 23.
SSH uses TCP port 22.
All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22.
Secure Copy Protocol (SCP) is a secure file-transfer facility based on SSH and Remote Copy Protocol (RCP).
Secure FTP (SFTP) is a secured alternative to standard File Transfer Protocol (FTP). SMTP uses TCP port 25.
Port 69 is used by TFTP.
SNMP
makes use of UDP ports 161 and 162. http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
Question #:7 - (Exam Topic 3)
Find Everything , Exactly in your Exam
8 of 16
Exact Questions
CompTIA - SY0-501
You have been tasked with designing a security plan for your company. Drag and drop the appropriate security
controls on the floor plan.
Instructions: All objects must be used and all place holders must be filled. Order does not matter. When you
have completed the simulation, please select the Done button to submit.
Answer:
Find Everything , Exactly in your Exam
9 of 16
Exact Questions
CompTIA - SY0-501
Explanation
Find Everything , Exactly in your Exam
10 of 16
Exact Questions
CompTIA - SY0-501
Cable locks - Adding a cable lock between a laptop and a desk prevents someone from picking it up and
walking away
Proximity badge + reader
Safe is a hardware/physical security measure
Mantrap can be used to control access to sensitive areas. CCTV can be used as video surveillance.
Biometric reader can be used to control and prevent unauthorized access. Locking cabinets can be used to
protect backup media, documentation and other physical artifacts.
Question #:8 - (Exam Topic 3)
An attack has occurred against a company.
INSTRUCTIONS
You have been tasked to do the following:
Identify the type of attack that is occurring on the network by clicking on the attacker’s tablet and reviewing
the output. (Answer Area 1)
Find Everything , Exactly in your Exam
11 of 16
Exact Questions
CompTIA - SY0-501
Identify which compensating controls should be implemented on the assets, in order to reduce the
effectiveness of future attacks by dragging them to the correct server. (Answer area 2)
All objects will be used, but not all placeholders may be filled. Objects may only be used once.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
Find Everything , Exactly in your Exam
12 of 16
Exact Questions
CompTIA - SY0-501
Answer:
Find Everything , Exactly in your Exam
13 of 16
Exact Questions
CompTIA - SY0-501
Explanation
Find Everything , Exactly in your Exam
14 of 16
Exact Questions
Find Everything , Exactly in your Exam
CompTIA - SY0-501
15 of 16
Exact Questions
CompTIA - SY0-501
Topic 1, Exam Pool A
Question #:9 - (Exam Topic 1)
Which of the following is the MOST likely motivation for a script kiddie threat actor?
A. Financial gain
B. Notoriety
C. Political expression
D. Corporate espionage
Answer: B
Question #:10 - (Exam Topic 1)
A security engineer needs to build a solution to satisfy regulatory requirements that state certain critical server
must be accessed using MFA. However, the critical servers are older and are unable to support the addition of
MFA. Which of the following will the engineer MOST likely use to achieve this objective?
A. A forward proxy
B. A stateful firewall
C. A jump server
D. A port tap
Answer: B
Find Everything , Exactly in your Exam
16 of 16
About exactinside.com
exactinside.com was founded in 2007. We provide latest & high quality IT / Business Certification Training Exam
Questions, Study Guides, Practice Tests.
We help you pass any IT / Business Certification Exams with 100% Pass Guaranteed or Full Refund. Especially
Cisco, CompTIA, Citrix, EMC, HP, Oracle, VMware, Juniper, Check Point, LPI, Nortel, EXIN and so on.
View list of all certification exams: All vendors
We prepare state-of-the art practice tests for certification exams. You can reach us at any of the email addresses listed
below.
Sales: sales@exactinside.com
Feedback: feedback@exactinside.com
Support: support@exactinside.com
Any problems about IT certification or our products, You can write us back and we will get back to you within 24
hours.
Download