Uploaded by joe32539

CompTIA-SY0-501

advertisement
CompTIA
SY0-501
CompTIA Security+ Certification Exam
Web: www.exactinside.com
Version: Demo
Email: [email protected]
[ Total Questions: 10]
IMPORTANT NOTICE
Feedback
We have developed quality product and state-of-art service to ensure our customers interest. If you have any
suggestions, please feel free to contact us at [email protected]
Support
If you have any questions about our product, please provide the following items:
exam code
screenshot of the question
login id/email
please contact us at [email protected] and our technical experts will provide support within 24 hours.
Copyright
The product of each order has its own encryption code, so you should use it independently. Any unauthorized
changes will inflict legal punishment. We reserve the right of final explanation for this statement.
Exact Questions
CompTIA - SY0-501
Exam Topic Breakdown
Exam Topic
Number of Questions
Topic 2 : Exam Pool B
4
Topic 3 : Simulations
4
Topic 1 : Exam Pool A
2
TOTAL
10
Find Everything , Exactly in your Exam
1 of 18
Exact Questions
CompTIA - SY0-501
Topic 2, Exam Pool B
Question #:1 - (Exam Topic 2)
A hospital has received reports from multiple patients that their PHI was stolen after completing forms on the
hospital's website. Upon investigation, the hospital finds a packet analyzer was used to steal data. Which of the
following protocols would prevent this attack from reoccurring?
A. SFTP
B. HTTPS
C. FTPS
D. SRTP
Answer: A
Explanation
FTPS (also known FTP-SSL, and FTP Secure) is an extension to the commonly used File Transfer Protocol
(FTP) that adds support for the Transport Layer Security (TLS) and, formerly, the Secure Sockets Layer (SSL,
which is now prohibited by RFC7568) cryptographic protocols.
HTTPS (Hypertext Transfer Protocol Secure) is a secure version of the HTTP protocol that uses the SSL/TLS
protocol for encryption and authentication. HTTPS is specified by RFC 2818 (May 2000) and uses port 443 by
default instead of HTTP's port 80.
The HTTPS protocol makes it possible for website users to transmit sensitive data such as credit card numbers,
banking information, and login credentials securely over the internet. For this reason, HTTPS is especially
important for securing online activities such as shopping, banking, and remote work. However, HTTPS is
quickly becoming the standard protocol for all websites, whether or not they exchange sensitive data with
users.
SFTP (SSH File Transfer Protocol) is a secure file transfer protocol. It runs over the SSH protocol. It supports
the full security and authentication functionality of SSH. SFTP has pretty much replaced legacy FTP as a file
transfer protocol, and is quickly replacing FTP/S.
SRTP (Secure Real-Time Transport Protocol or Secure RTP) is an extension to RTP (Real-Time Transport
Protocol) that incorporates enhanced security features. Like RTP, it is intended particularly for VoIP (Voice
over IP) communications.
Question #:2 - (Exam Topic 2)
A systems administrator is implementing a remote access method for the system that will utilize GUI. Which
Find Everything , Exactly in your Exam
2 of 18
Exact Questions
CompTIA - SY0-501
of the following protocols would be BEST suited for this?
A. TLS
B. SSH
C. SFTP
D. SRTP
Answer: B
Question #:3 - (Exam Topic 2)
An organization with a low tolerance tor user inconvenience wants to protect laptop hard drives against loss of
data theft Which of the following would be the MOST acceptable?
A. SED
B. HSU
C. DLP
D. TPM
Answer: C
Question #:4 - (Exam Topic 2)
A security analyst is hardening a large-scale wireless network. The primary requirements are the following
* Must use authentication through EAP-TLS certificates
* Must use an AAA server
* Must use the most secure encryption protocol
Given these requirements, which of the following should the analyst implement and recommend? (Select
TWO).
A. 802.1X
B. 802.3
C. LDAP
D. TKIP
E.
Find Everything , Exactly in your Exam
3 of 18
Exact Questions
CompTIA - SY0-501
E. CCMP
F. WPA2-PSK
Answer: A F
Find Everything , Exactly in your Exam
4 of 18
Exact Questions
CompTIA - SY0-501
Topic 3, Simulations
Question #:5 - (Exam Topic 3)
A security administrator wants to implement strong security on the company smart phones and terminal
servers located in the data center.
Drag and drop the applicable controls to each asset types?
Instructions: Controls can be used multiple times and not all placeholders need to be filled. When you have
completed the simulation, please select the Done button to submit.
Answer:
Find Everything , Exactly in your Exam
5 of 18
Exact Questions
CompTIA - SY0-501
Explanation
Find Everything , Exactly in your Exam
6 of 18
Exact Questions
CompTIA - SY0-501
Question #:6 - (Exam Topic 3)
An attack has occurred against a company.
INSTRUCTIONS
You have been tasked to do the following:
Identify the type of attack that is occurring on the network by clicking on the attacker’s tablet and reviewing
the output. (Answer Area 1)
Identify which compensating controls should be implemented on the assets, in order to reduce the
effectiveness of future attacks by dragging them to the correct server. (Answer area 2)
All objects will be used, but not all placeholders may be filled. Objects may only be used once.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
Find Everything , Exactly in your Exam
7 of 18
Exact Questions
Find Everything , Exactly in your Exam
CompTIA - SY0-501
8 of 18
Exact Questions
CompTIA - SY0-501
Answer:
Find Everything , Exactly in your Exam
9 of 18
Exact Questions
CompTIA - SY0-501
Explanation
Find Everything , Exactly in your Exam
10 of 18
Exact Questions
Find Everything , Exactly in your Exam
CompTIA - SY0-501
11 of 18
Exact Questions
CompTIA - SY0-501
Question #:7 - (Exam Topic 3)
A security engineer is setting up passwordless authentication for the first time.
INSTRUCTIONS
Use the minimum set of commands to set this up and verify that it works. Commands cannot be reused.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
Answer:
Find Everything , Exactly in your Exam
12 of 18
Exact Questions
CompTIA - SY0-501
Explanation
Find Everything , Exactly in your Exam
13 of 18
Exact Questions
CompTIA - SY0-501
Question #:8 - (Exam Topic 3)
Drag and drop the correct protocol to its default port.
Find Everything , Exactly in your Exam
14 of 18
Exact Questions
CompTIA - SY0-501
Answer:
Find Everything , Exactly in your Exam
15 of 18
Exact Questions
CompTIA - SY0-501
Explanation
Find Everything , Exactly in your Exam
16 of 18
Exact Questions
CompTIA - SY0-501
FTP uses TCP port 21. Telnet uses port 23.
SSH uses TCP port 22.
All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22.
Secure Copy Protocol (SCP) is a secure file-transfer facility based on SSH and Remote Copy Protocol (RCP).
Secure FTP (SFTP) is a secured alternative to standard File Transfer Protocol (FTP). SMTP uses TCP port 25.
Port 69 is used by TFTP.
SNMP
makes use of UDP ports 161 and 162. http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
Find Everything , Exactly in your Exam
17 of 18
Exact Questions
CompTIA - SY0-501
Topic 1, Exam Pool A
Question #:9 - (Exam Topic 1)
Which of the following BEST describes a security exploit for which a vendor patch is not readily available?
A. Integer overflow
B. Zero-day
C. End of life
D. Race condition
Answer: B
Question #:10 - (Exam Topic 1)
A salesperson often uses a USB drive to save and move files from a corporate laptop. The corporate laptop
was recently updated, and now the files on the USB are read-only. Which of the following was recently added
to the laptop?
A. Antivirus software
B. File integrity check
C. HIPS
D. DLP
Answer: D
Find Everything , Exactly in your Exam
18 of 18
About exactinside.com
exactinside.com was founded in 2007. We provide latest & high quality IT / Business Certification Training Exam
Questions, Study Guides, Practice Tests.
We help you pass any IT / Business Certification Exams with 100% Pass Guaranteed or Full Refund. Especially
Cisco, CompTIA, Citrix, EMC, HP, Oracle, VMware, Juniper, Check Point, LPI, Nortel, EXIN and so on.
View list of all certification exams: All vendors
We prepare state-of-the art practice tests for certification exams. You can reach us at any of the email addresses listed
below.
Sales: [email protected]
Feedback: [email protected]
Support: [email protected]
Any problems about IT certification or our products, You can write us back and we will get back to you within 24
hours.
Download