SY0-501 Exam Questions

A network technician is trying to determine the source of an ongoing network based attack. Which of the following should the technician use to view IPv4 packet data on a particular...

The security administrator has noticed cars parking just outside of the building fence line. Which of the following security measures can the administrator use to help protect the...

A security administrator suspects that data on a server has been exhilarated as a result of un- authorized remote access. Which of the following would assist the administrator in c...

A company is deploying a new VoIP phone system. They require 99.999% uptime for their phone service and are concerned about their existing data network interfering with the VoIP ph...

A server administrator needs to administer a server remotely using RDP, but the specified port is closed on the outbound firewall on the network. The access the server using RDP on...

Which of the following can be used to control specific commands that can be executed on a network infrastructure device?

Company XYZ has decided to make use of a cloud-based service that requires mutual, certificate- based authentication with its users. The company uses SSL-inspecting IDS at its netw...

Six months into development, the core team assigned to implement a new internal piece of software must convene to discuss a new requirement with the stake holders. A stakeholder id...

A company is investigating a data compromise where data exfiltration occurred. Prior to the investigation, the supervisor terminates an employee as a result of the suspected data l...

A security administrator needs an external vendor to correct an urgent issue with an organization's physical access control system (PACS). The PACS does not currently have internet...

A datacenter manager has been asked to prioritize critical system recovery priorities. Which of the following is the MOST critical for immediate recovery?

Which of the following techniques can be bypass a user or computer's web browser privacy settings? (Select Two)

When designing a web based client server application with single application server and database cluster backend, input validation should be performed:

Which of the following delineates why it is important to perform egress filtering and monitoring on Internet connected security zones of interfaces on a firewall?

The help desk is receiving numerous password change alerts from users in the accounting department. These alerts occur multiple times on the same day for each of the affected users...

Which of the following would enhance the security of accessing data stored in the cloud? (Select TWO)

A remote user (User1) is unable to reach a newly provisioned corporate windows workstation. The system administrator has been given the following log files from the VPN, corporate...

During a third-party audit, it is determined that a member of the firewall team can request, approve, and implement a new rule-set on the firewall. Which of the following will the...

Which of the following is the appropriate network structure used to protect servers and services that must be provided to external clients without completely eliminating access for...

An administrator has configured a new Linux server with the FTP service. Upon verifying that the service was configured correctly, the administrator has several users test the FTP...

An administrator thinks the UNIX systems may be compromised, but a review of system log files provides no useful information. After discussing the situation with the security team,...

A global gaming console manufacturer is launching a new gaming platform to its customers. Which of the following controls reduces the risk created by malicious gaming customers att...

An audit has revealed that database administrators are also responsible for auditing database changes and backup logs. Which of the following access control methodologies would BES...

Ann, a security administrator, has been instructed to perform fuzz-based testing on the company's applications. Which of the following best describes what she will do?

An organization requires users to provide their fingerprints to access an application. To improve security, the application developers intend to implement multifactor authenticatio...

A network technician is setting up a segmented network that will utilize a separate ISP to provide wireless access to the public area for a company. Which of the following wireless...

After a routine audit, a company discovers that engineering documents have been leaving the network on a particular port. The company must allow outbound traffic on this port, as i...

A security analyst has received the following alert snippet from the HIDS appliance: Given the above logs, which of the following is the cause of the attack?

A security analyst reviews the following output: The analyst loads the hash into the SIEM to discover if this hash is seen in other parts of the network. After inspecting a large n...

A company's AUP requires: - Passwords must meet complexity requirements. - Passwords are changed at least once every six months. - Passwords must be at least eight characters long....

An organization's primary datacenter is experiencing a two-day outage due to an HVAC malfunction. The node located in the datacenter has lost power and is no longer operational, im...

A security analyst notices anomalous activity coming from several workstations in the organizations. Upon identifying and containing the issue, which of the following should the se...

An employee receives an email, which appears to be from the Chief Executive Officer (CEO), asking for a report of security credentials for all users. Which of the following types o...

An information security analyst needs to work with an employee who can answer questions about how data for a specific system is used in the business. The analyst should seek out an...

A group of non-profit agencies wants to implement a cloud service to share resources with each other and minimize costs. Which of the following cloud deployment models BEST describ...

A director of IR is reviewing a report regarding several recent breaches. The director complies the following statistics: - Initial IR engagement time frame - Length of time before...

A copy of a highly confidential salary report was recently found on a printer in the IT department. The human resources department does not have this specific printer mapped to its...

A company is developing a new system that will unlock a computer automatically when an authorized user sits in front of it, and then lock the computer when the user leaves. The use...

A security analyst accesses corporate web pages and inputs random data in the forms. The response received includes the type of database used and SQL commands that the database acc...

Which of the following differentiates a collision attack from a rainbow table attack?

A help desk is troubleshooting user reports that the corporate website is presenting untrusted certificate errors to employees and customers when they visit the website. Which of t...

A security analyst is investigating a suspected security breach and discovers the following in the logs of the potentially compromised server: Which of the following would be the B...

A security administrator wants to implement a logon script that will prevent MITM attacks on the local LAN. Which of the following commands should the security administrator implem...

Which of the following is the BEST reason for salting a password hash before it is stored in a database?

An actor downloads and runs a program against a corporate login page. The program imports a list of usernames and passwords, looking for a successful attempt. Which of the followin...

An organization wants to utilize a common, Internet-based third-party provider for authorization and authentication. The provider uses a technology based on OAuth 2.0 to provide re...

A penetration tester harvests potential usernames from a social networking site. The penetration tester then uses social engineering to attempt to obtain associated passwords to ga...

Which of the following could occur when both strong and weak ciphers are configured on a VPN concentrator? (Select TWO)

Which of the following is the BEST choice for a security control that represents a preventive and corrective logical control at the same time?

A web developers improves client access to the company's REST API. Authentication needs to be tokenized but not expose the client's password. Which of the following methods would B...