Last Updated on July 19, 2021 by InfraExam
SY0-501 : CompTIA Security+ Certification : Part 46
Which of the following policies would help an organization identify and mitigate potential single points of failure in the company’s IT/security operations?
- Least privilege
- Awareness training
- Separation of duties
- Mandatory vacation
Which of the following may indicate a configuration item has reached end-of-life?
- The device will no longer turn on and indicated an error.
- The vendor has not published security patches recently.
- The object has been removed from the Active Directory.
- Logs show a performance degradation of the component.
Using an ROT13 cipher to protect confidential information for unauthorized access is known as:
A company is implementing a tool to mask all PII when moving data from a production server to a testing server. Which of the following security techniques is the company applying?
- Data wiping
- Data obfuscation
- Data sanitization
A security analyst has received several reports of an issue on an internal web application. Users state they are having to provide their credentials twice to log in. The analyst checks with the application team and notes this is not an expected behavior. After looking at several logs, the analyst decides to run some commands on the gateway and obtains the following output:
Which of the following BEST describes the attack the company is experiencing?
- MAC flooding
- URL redirection
- ARP poisoning
- DNS hijacking
A technician needs to document which application versions are listening on open ports. Which of the following is MOST likely to return the information the technician needs?
- Banner grabbing
- Steganography tools
- Protocol analyzer
- Wireless scanner
A government contracting company issues smartphones to employees to enable access to corporate resources. Several employees will need to travel to a foreign country for business purposes and will require access to their phones. However, the company recently received intelligence that its intellectual property is highly desired by the same country’s government. Which of the following MDM configurations would BEST reduce the disk of compromise while on foreign soil?
- Disable firmware OTA updates.
- Disable location services.
- Disable push notification services.
- Disable wipe.
A security analyst is performing a manual audit of captured data from a packet analyzer. The analyst looks for Base64 encoded strings and applies the filter http.authbasic. Which of the following BEST describes what the analyst is looking for?
- Unauthorized software
- Unencrypted credentials
- SSL certificate issues
- Authentication tokens
Which of the following impacts are associated with vulnerabilities in embedded systems? (Choose two.)
- Repeated exploitation due to unpatchable firmware
- Denial of service due to an integrated legacy operating system.
- Loss of inventory accountability due to device deployment
- Key reuse and collision issues due to decentralized management.
- Exhaustion of network resources resulting from poor NIC management.
Given the output:
Which of the following account management practices should the security engineer use to mitigate the identified risk?
- Implement least privilege
- Eliminate shared accounts.
- Eliminate password reuse.
- Implement two-factor authentication
An organization wants to separate permissions for individuals who perform system changes from individuals who perform auditing of those system changes. Which of the following access control approaches is BEST suited for this?
- Assign administrators and auditors to different groups and restrict permissions on system log files to read-only for the auditor group.
- Assign administrators and auditors to the same group, but ensure they have different permissions based on the function they perform.
- Create two groups and ensure each group has representation from both the auditors and the administrators so they can verify any changes that were made.
- Assign file and folder permissions on an individual user basis and avoid group assignment altogether.
Which of the following concepts ensure ACL rules on a directory are functioning as expected? (Choose two.)
A datacenter engineer wants to ensure an organization’s servers have high speed and high redundancy and can sustain the loss of two physical disks in an array. Which of the following RAID configurations should the engineer implement to deliver this functionality?
- RAID 0
- RAID 1
- RAID 5
- RAID 10
- RAID 50
An organization requires secure configuration baselines for all platforms and technologies that are used. If any system cannot conform to the secure baseline, the organization must process a risk acceptance and receive approval before the system is placed into production. It may have non-conforming systems in its lower environments (development and staging) without risk acceptance, but must receive risk approval before the system is placed in production. Weekly scan reports identify systems that do not conform to any secure baseline.
The application team receives a report with the following results:
There are currently no risk acceptances for baseline deviations. This is a mission-critical application, and the organization cannot operate if the application is not running. The application fully functions in the development and staging environments. Which of the following actions should the application team take?
- Remediate 2633 and 3124 immediately.
- Process a risk acceptance for 2633 and 3124.
- Process a risk acceptance for 2633 and remediate 3124.
- Shut down NYAccountingProd and investigate the reason for the different scan results.
A company is having issues with intellectual property being sent to a competitor from its system. The information being sent is not random but has an identifiable pattern. Which of the following should be implemented in the system to stop the content from being sent?
A network technician needs to monitor and view the websites that are visited by an employee. The employee is connected to a network switch. Which of the following would allow the technician to monitor the employee’s web traffic?
- Implement promiscuous mode on the NIC of the employee’s computer.
- Install and configured a transparent proxy server.
- Run a vulnerability scanner to capture DNS packets on the router.
- Configure a VPN to forward packets to the technician’s computer.
A security administrator is adding a NAC requirement for all VPN users to ensure the connecting devices are compliant with company policy. Which of the following items provides the HIGHEST assurance to meet this requirement?
- Implement a permanent agent.
- Install antivirus software.
- Use an agentless implementation.
- Implement PKI.
A company wants to configure its wireless network to require username and password authentication. Which of the following should the systems administrator implement?
An organization is struggling to differentiate threats from normal traffic and access to systems. A security engineer has been asked to recommend a system that will aggregate data and provide metrics that will assist in identifying malicious actors or other anomalous activity throughout the environment. Which of the following solutions should the engineer recommend?
- Web application firewall
- File integrity monitor
The concept of connecting a user account across the systems of multiple enterprises is BEST known as:
- a remote access policy.
- multifactor authentication.
- single sign-on.