Last Updated on July 11, 2021 by InfraExam
SY0-501 : CompTIA Security+ Certification : Part 17
A network technician is trying to determine the source of an ongoing network based attack.
Which of the following should the technician use to view IPv4 packet data on a particular internal network segment?
- Protocol analyzer
The security administrator has noticed cars parking just outside of the building fence line.
Which of the following security measures can the administrator use to help protect the company’s WiFi network against war driving? (Choose two.)
- Create a honeynet
- Reduce beacon rate
- Add false SSIDs
- Change antenna placement
- Adjust power level controls
- Implement a warning banner
A security administrator suspects that data on a server has been exhilarated as a result of un- authorized remote access.
Which of the following would assist the administrator in con-firming the suspicions? (Choose two.)
- Networking access control
- DLP alerts
- Log analysis
- File integrity monitoring
- Host firewall rules
A company is deploying a new VoIP phone system. They require 99.999% uptime for their phone service and are concerned about their existing data network interfering with the VoIP phone system. The core switches in the existing data network are almost fully saturated.
Which of the following options will pro-vide the best performance and availability for both the VoIP traffic, as well as the traffic on the existing data network?
- Put the VoIP network into a different VLAN than the existing data network.
- Upgrade the edge switches from 10/100/1000 to improve network speed
- Physically separate the VoIP phones from the data network
- Implement flood guards on the data network
A server administrator needs to administer a server remotely using RDP, but the specified port is closed on the outbound firewall on the network.
The access the server using RDP on a port other than the typical registered port for the RDP protocol?
Which of the following can be used to control specific commands that can be executed on a network infrastructure device?
Company XYZ has decided to make use of a cloud-based service that requires mutual, certificate- based authentication with its users. The company uses SSL-inspecting IDS at its network boundary and is concerned about the confidentiality of the mutual authentication.
Which of the following model prevents the IDS from capturing credentials used to authenticate users to the new service or keys to decrypt that communication?
- Use of OATH between the user and the service and attestation from the company domain
- Use of active directory federation between the company and the cloud-based service
- Use of smartcards that store x.509 keys, signed by a global CA
- Use of a third-party, SAML-based authentication service for attestation
Six months into development, the core team assigned to implement a new internal piece of software must convene to discuss a new requirement with the stake holders. A stakeholder identified a missing feature critical to the organization, which must be implemented. The team needs to validate the feasibility of the newly introduced requirement and ensure it does not introduce new vulnerabilities to the software and other applications that will integrate with it.
Which of the following BEST describes what the company?
- The system integration phase of the SDLC
- The system analysis phase of SSDSLC
- The system design phase of the SDLC
- The system development phase of the SDLC
A company is investigating a data compromise where data exfiltration occurred. Prior to the investigation, the supervisor terminates an employee as a result of the suspected data loss. During the investigation, the supervisor is absent for the interview, and little evidence can be provided form the role-based authentication system in use by the company.
The situation can be identified for future mitigation as which of the following?
- Job rotation
- Log failure
- Lack of training
- Insider threat
A security administrator needs an external vendor to correct an urgent issue with an organization’s physical access control system (PACS). The PACS does not currently have internet access because it is running a legacy operation system.
Which of the following methods should the security administrator select the best balances security and efficiency?
- Temporarily permit outbound internet access for the pacs so desktop sharing can be set up
- Have the external vendor come onsite and provide access to the PACS directly
- Set up VPN concentrator for the vendor and restrict access to the PACS using desktop sharing
- Set up a web conference on the administrator’s pc; then remotely connect to the pacs
A datacenter manager has been asked to prioritize critical system recovery priorities.
Which of the following is the MOST critical for immediate recovery?
- Communications software
- Operating system software
- Weekly summary reports to management
- Financial and production software
Which of the following techniques can be bypass a user or computer’s web browser privacy settings? (Choose two.)
- SQL injection
- Session hijacking
- Cross-site scripting
- Locally shared objects
- LDAP injection
When designing a web based client server application with single application server and database cluster backend, input validation should be performed:
- On the client
- Using database stored procedures
- On the application server
- Using HTTPS
Which of the following delineates why it is important to perform egress filtering and monitoring on Internet connected security zones of interfaces on a firewall?
- Egress traffic is more important than ingress traffic for malware prevention
- To rebalance the amount of outbound traffic and inbound traffic
- Outbound traffic could be communicating to known botnet sources
- To prevent DDoS attacks originating from external network
The help desk is receiving numerous password change alerts from users in the accounting department. These alerts occur multiple times on the same day for each of the affected users’ accounts.
Which of the following controls should be implemented to curtail this activity?
- Password Reuse
- Password complexity
- Password History
- Password Minimum age
Which of the following would enhance the security of accessing data stored in the cloud? (Select TWO)
- Block level encryption
- SAML authentication
- Transport encryption
- Multifactor authentication
- Predefined challenge questions
A remote user (User1) is unable to reach a newly provisioned corporate windows workstation. The system administrator has been given the following log files from the VPN, corporate firewall and workstation host.
Which of the following is preventing the remote user from being able to access the workstation?
- Network latency is causing remote desktop service request to time out
- User1 has been locked out due to too many failed passwords
- Lack of network time synchronization is causing authentication mismatches
- The workstation has been compromised and is accessing known malware sites
- The workstation host firewall is not allowing remote desktop connections
During a third-party audit, it is determined that a member of the firewall team can request, approve, and implement a new rule-set on the firewall.
Which of the following will the audit team most l likely recommend during the audit out brief?
- Discretionary access control for the firewall team
- Separation of duties policy for the firewall team
- Least privilege for the firewall team
- Mandatory access control for the firewall team
Which of the following is the appropriate network structure used to protect servers and services that must be provided to external clients without completely eliminating access for internal users?
An administrator has configured a new Linux server with the FTP service. Upon verifying that the service was configured correctly, the administrator has several users test the FTP service. Users report that they are able to connect to the FTP service and download their personal files, however, they cannot transfer new files to the server.
Which of the following will most likely fix the uploading issue for the users?
- Create an ACL to allow the FTP service write access to user directories
- Set the Boolean selinux value to allow FTP home directory uploads
- Reconfigure the ftp daemon to operate without utilizing the PSAV mode
- Configure the FTP daemon to utilize PAM authentication pass through user permissions