SY0-501 Exam Questions

A company wants to ensure confidential data from storage media is sanitized in such a way that the drive cannot be reused. Which of the following method should the technician use?

A forensic expert is given a hard drive from a crime scene and is asked to perform an investigation. Which of the following is the FIRST step the forensic expert needs to take the...

An incident response manager has started to gather all the facts related to a SIEM alert showing multiple systems may have been compromised. The manager has gathered these facts: T...

A stock trading company had the budget for enhancing its secondary datacenter approved. Since the main site is a hurricane-affected area and the disaster recovery site is 100 mi (1...

A systems administrator is attempting to recover from a catastrophic failure in the datacenter. To recover the domain controller, the systems administrator needs to provide the dom...

User from two organizations, each with its own PKI, need to begin working together on a joint project. Which of the following would allow the users of the separate PKIs to work tog...

A security analyst is migrating a pass-the-hash vulnerability on a Windows infrastructure. Given the requirement, which of the following should the security analyst do to MINIMIZE...

A security analyst is reviewing an assessment report that includes software versions, running services, supported encryption algorithms, and permission settings. Which of the follo...

A Chief Information Officer (CIO) asks the company's security specialist if the company should spend any funds on malware protection for a specific server. Based on a risk assessme...

The computer resource center issue smartphones to all first-level and above managers. The managers have the ability to install mobile tools. Which of the following tools should be...

A systems administrator wants to provide for and enforce wireless access accountability during events where external speakers are invited to make presentations to a mixed audience...

A recent internal audit is forcing a company to review each internal business unit's VMs because the cluster they are installed on is in danger of running out of computer resources...

A security analyst is attempting to identify vulnerabilities in a customer's web application without impacting the system or its data. Which of the following BEST describes the vul...

Two users must encrypt and transmit large amounts of data between them. Which of the following should they use to encrypt and transmit the data?

A new Chief Information Officer (CIO) has been reviewing the badging and decides to write a policy that all employees must have their badges rekeyed at least annually. Which of the...

A software developer is concerned about DLL hijacking in an application being written. Which of the following is the MOST viable mitigation measure of this type of attack?

A security engineer wants to implement a site-to-site VPN that will require SSL certificates for mutual authentication. Which of the following should the engineer implement if the...

An application was recently compromised after some malformed data came in via web form. Which of the following would MOST likely have prevented this?

While working on an incident, Joe, a technician, finished restoring the OS and applications on a workstation from the original media. Joe is about to begin copying the user's files...

A systems administrator found a suspicious file in the root of the file system. The file contains URLs, usernames, passwords, and text from other documents being edited on the syst...

A computer emergency response team is called at midnight to investigate a case in which a mail server was restarted. After an initial investigation, it was discovered that email is...

A remote intruder wants to take inventory of a network so exploits can be researched. The intruder is looking for information about software versions on the network. Which of the f...

An analyst is reviewing a simple program for potential security vulnerabilities before being deployed to a Windows server. Given the following code: void foo (char *bar) { car rand...

A company has a data classification system with definitions for "Private" and "Public". the company's security policy outlines how data should be protected based on type. The compa...

A security technician is configuring an access management system to track and record user actions. Which of the following functions should the technician configure?

A security administrator installed a new network scanner that identifies new host systems on the network. Which of the following did the security administrator install?

A Chief Information Officer (CIO) has decided it is not cost effective to implement safeguards against a known vulnerability. Which of the following risk responses does this BEST d...

A manager wants to distribute a report to several other managers within the company. Some of them reside in remote locations that are not connected to the domain but have a local s...

A technician is investigating a potentially compromised device with the following symptoms: Browser slowness Frequent browser crashes Hourglass stuck New search toolbar Increased m...

A penetration tester has written an application that performs a bit-by-bit XOR 0xFF operation on binaries prior to transmission over untrusted media. Which of the following BEST de...

An audit reported has identifies a weakness that could allow unauthorized personnel access to the facility at its main entrance and from there gain access to the network. Which of...

When attempting to secure a mobile workstation, which of the following authentication technologies rely on the user's physical characteristics? (Select TWO)

Systems administrator and key support staff come together to simulate a hypothetical interruption of service. The team updates the disaster recovery processes and documentation aft...

A company has two wireless networks utilizing captive portals. Some employees report getting a trust error in their browsers when connecting to one of the networks. Both captive po...

Company A has acquired Company

A technician is configuring a load balancer for the application team to accelerate the network performance of their applications. The applications are hosted on multiple servers an...

Ann is the IS manager for several new systems in which the classifications of the systems' data are being decided. She is trying to determine the sensitivity level of the data bein...

An organization's employees currently use three different sets of credentials to access multiple internal resources. Management wants to make this process less complex. Which of th...

An external attacker can modify the ARP cache of an internal computer. Which of the following types of attacks is described?

A systems administrator has isolated an infected system from the network and terminated the malicious process from executing. Which of the following should the administrator do NEX...

A new security administrator ran a vulnerability scanner for the first time and caused a system outage. Which of the following types of scans MOST likely caused the outage?

A security analyst is hardening a WiFi infrastructure. The primary requirements are the following: The infrastructure must allow staff to authenticate using the most secure method....

A security administrator is trying to eradicate a worm, which is spreading throughout the organization, using an old remote vulnerability in the SMB protocol. The worm uses Nmap to...

Which of the following is a deployment concept that can be used to ensure only the required OS access is exposed to software applications?

A procedure differs from a policy in that it:

Ann, a user, reports she is unable to access an application from her desktop. A security analyst verifies Ann's access and checks the SIEM for any errors. The security analyst revi...

Which of the following types of penetration test will allow the tester to have access only to password hashes prior to the penetration test?

Which of the following threats has sufficient knowledge to cause the MOST danger to an organization?

While troubleshooting a client application connecting to the network, the security administrator notices the following error: Certificate is not valid. Which of the following is th...

A business sector is highly competitive, and safeguarding trade secrets and critical information is paramount. On a seasonal basis, an organization employs temporary hires and cont...