[Free] 2019(Oct) EnsurePass CompTIA SY0-501 Dumps with VCE and PDF 151-160

Get Full Version of the Exam
http://www.EnsurePass.com/SY0-501.html

Question No.151

A user is presented with the following items during the new-hire onboarding process:

image

Laptop

image

image

image

image

image

Secure USB drive Hardware OTP token External high-capacity HDD Password complexity policy Acceptable use policy

image

image

HASP key Cable lock

Which of the following is one component of multifactor authentication?

  1. Secure USB drive

  2. Cable lock

  3. Hardware OTP token

  4. HASP key

Correct Answer: C

Question No.152

Which of the following cryptographic algorithms is irreversible?

  1. RC4

  2. SHA-256

  3. DES

  4. AES

Correct Answer: B

Question No.153

A dumpster diver recovers several hard drives from a company and is able to obtain confidential data from one of the hard drives. The company then discovers its information is posted online. Which of the following methods would have MOST likely prevented the data from being exposed?

  1. Removing the hard drive from its enclosure

  2. Using software to repeatedly rewrite over the disk space

  3. Using Blowfish encryption on the hard drives

  4. Using magnetic fields to erase the data

Correct Answer: D

Question No.154

A workstation puts out a network request to locate another system. Joe, a hacker on the network, responds before the real system does, and he tricks the workstation into communicating with him. Which of the following BEST describes what occurred?

  1. The hacker used a race condition.

  2. The hacker used a pass-the-hash attack.

  3. The hacker-exploited importer key management.

  4. The hacker exploited weak switch configuration.

Correct Answer: D

Question No.155

An organization uses SSO authentication for employee access to network resources. When an employee resigns, as per the organization#39;s security policy, the employee#39;s access to all network resources is terminated immediately. Two weeks later, the former employee sends an email to the help desk for a password reset to access payroll information from the human resources server. Which of the following represents the BEST course of action?

  1. Approve the former employee#39;s request, as a password reset would give the former employee access to only the human resources server.

  2. Deny the former employee#39;s request, since the password reset request came from an external email address.

  3. Deny the former employee#39;s request, as a password reset would give the employee access to all network resources.

  4. Approve the former employee#39;s request, as there would not be a security issue with the former employee gaining access to network.

Correct Answer: C

Question No.156

Joe, a security administrator, needs to extend the organization#39;s remote access functionality to be used by staff while travelling. Joe needs to maintain separate access control functionalities for internal, external, and VOIP services. Which of the following represents the BEST access technology for Joe to use?

  1. RADIUS

  2. TACACS

  3. Diameter

  4. Kerberos

Correct Answer: B

Question No.157

In terms of encrypting data, which of the following is BEST described as a way to safeguard password data by adding random data to it in storage?

  1. Using salt

  2. Using hash algorithms

  3. Implementing elliptical curve

  4. Implementing PKI

Correct Answer: A

Question No.158

An organization needs to implement a large PKI. Network engineers are concerned that repeated transmission of the OCSP will impact network performance. Which of the following should the security analyst recommend is lieu of an OCSP?

  1. CSR

  2. CRL

  3. CA

  4. OID

Correct Answer: B

Question No.159

A Chief Information Officer (CIO) drafts an agreement between the organization and its employees. The agreement outlines ramifications for releasing information without consent and/for approvals. Which of the following BEST describes this type of agreement?

  1. ISA

  2. NDA

  3. MOU

  4. SLA

Correct Answer: B

Question No.160

A security administrator is configuring a new network segment, which contains devices that will be accessed by external users, such as web and FTP server. Which of the following represents the MOST secure way to configure the new network segment?

  1. The segment should be placed on a separate VLAN, and the firewall rules should be configured to allow external traffic.

  2. The segment should be placed in the existing internal VLAN to allow internal traffic only.

  3. The segment should be placed on an intranet, and the firewall rules should be configured to allow external traffic.

  4. The segment should be placed on an extranet, and the firewall rules should be configured to allow both internal and external traffic.

Correct Answer: A

Get Full Version of the Exam
SY0-501 Dumps
SY0-501 VCE and PDF

Leave a Reply