[Free] 2018(June) Ensurepass CompTIA SY0-501 Dumps with VCE and PDF 41-50

Ensurepass.com : Ensure you pass the IT Exams
2018 May CompTIA Official New Released SY0-501
100% Free Download! 100% Pass Guaranteed!

CompTIA Security Certification Exam

Question No: 41

A user suspects someone has been accessing a home network without permission by spoofing the MAC address of an authorized system While attempting to determine if an unauthorized user is togged into the home network, the user reviews the wireless router, which shows the following table for systems that are currently on the home network.

EnsurePass 2018 PDF and VCE

Which of the following should be the NEXT step to determine if there is an unauthorized user on the network?

  1. Apply MAC filtering and see if the router drops any of the systems.

  2. Physically check each of the authorized systems to determine if they are togged onto the network.

  3. Deny the “unknown” host because the hostname is not known and MAC filtering is not applied to this host.

  4. Conduct a ping sweep of each of the authorized systems and see if an echo response is received.

Answer: C

Question No: 42

A botnet has hit a popular website with a massive number of GRE-encapsulated packets to perform a DDoS attack News outlets discover a certain type of refrigerator was exploited and used to send outbound packets to the website that crashed. To which of the following categories does the refrigerator belong?

  1. SoC

  2. ICS

  3. IoT

  4. MFD

Answer: D

Question No: 43

An organization has determined it can tolerate a maximum of three hours of downtime. Which of the following has been specified?

  1. RTO

  2. RPO

  3. MTBF

  4. MTTR

Answer: B

Question No: 44

A security consultant discovers that an organization is using the PCL protocol to print documents, utilizing the default driver and print settings. Which of the following is the MOST likely risk in this situation?

  1. An attacker can access and change the printer configuration.

  2. SNMP data leaving the printer will not be properly encrypted.

  3. An MITM attack can reveal sensitive information.

  4. An attacker can easily inject malicious code into the printer firmware.

  5. Attackers can use the PCL protocol to bypass the firewall of client computers.

Answer: A

Question No: 45

A network administrator at a small office wants to simplify the configuration of mobile clients connecting to an encrypted wireless network. Which of the following should be implemented if the administrator does not want to provide the wireless password or certificate to the employees?

  1. 802.1x

  2. WPA2-PSK

  3. TKIP

  4. none of the above

Answer: B

Question No: 46

Despite having implemented password policies, users continue to set the same weak passwords and reuse old passwords. Which of the following technical controls would help prevent these policy violations? (Select TWO).

  1. Password expiration

  2. Password length

  3. Password complexity

  4. Password history

  5. Password lockout

Answer: BC

Question No: 47

A company determines that it is prohibitively expensive to become compliant with new credit card regulations. Instead, the company decides to purchase insurance to cover the cost of any potential loss. Which of the following is the company doing?

  1. Transferring the risk

  2. Accepting the risk

  3. Avoiding the risk

  4. Mitigating the risk

Answer: A

Question No: 48

A penetration tester is crawling a target website that is available to the public. Which of the following represents the actions the penetration tester is performing?

  1. URL hijacking

  2. Reconnaissance

  3. White box testing

  4. Escalation of privilege

Answer: B

Question No: 49

An attacker compromises a public CA and issues unauthorized X.509 certificates for Company.com. In the future, impact of similar incidents. Which of the following would assist Company.com with its goal?

  1. Certificate pinning

  2. Certificate stapling

  3. Certificate chaining

  4. Certificate with extended validation

Answer: C

Question No: 50

Joe, an employee, wants to show his colleagues how much he knows about smartphones. Joe demonstrates a free movie application that he installed from a third party on his corporate smartphone. Joe’s colleagues were unable to find the application in the app stores. Which of the following allowed Joe to install the application? (Select TWO).

  1. Near-field communication

  2. Rooting/jailbreaking

  3. Ad-hoc connections

  4. Tethering

  5. Sideloading

Answer: AB

100% Ensurepass Free Download!
Download Free Demo:SY0-501 Demo PDF
100% Ensurepass Free Guaranteed!
Download 2018 EnsurePass SY0-501 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.