Is this exam completely free?

Examcademy offers a free preview for every exam, covering around 20% of the total questions. Full access is available with a paid upgrade.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! Examcademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our mock exams are built and reviewed with the help of AI and community contributions, staying aligned with real-world exam objectives.

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!

SY0-501Free trial

By comptia

Verified

25Q per page

Question 76

A security analyst is hardening a server with the directory services role installed. The analyst must ensure LDAP traffic cannot be monitored or sniffed and maintains compatibility with LDAP clients. Which of the following should the analyst implement to meet these requirements? (Choose two.)

A: Generate an X.509-compliant certificate that is signed by a trusted CA.
B: Install and configure an SSH tunnel on the LDAP server.
C: Ensure port 389 is open between the clients and the servers using the communication.
D: Ensure port 636 is open between the clients and the servers using the communication.
E: Remote the LDAP directory service role from the server.

—

Question 77

A manager suspects that an IT employee with elevated database access may be knowingly modifying financial transactions for the benefit of a competitor. Which of the following practices should the manager implement to validate the concern?

A: Separation of duties
B: Mandatory vacations
C: Background checks
D: Security awareness training

—

Question 78

A penetration tester finds that a company's login credentials for the email client were being sent in clear text. Which of the following should be done to provide encrypted logins to the email server?

A: Enable IPSec and configure SMTP.
B: Enable SSH and LDAP credentials.
C: Enable MIME services and POP3.
D: Enable an SSL certificate for IMAP services.

—

Question 79

Before an infection was detected, several of the infected devices attempted to access a URL that was similar to the company name but with two letters transposed. Which of the following BEST describes the attack vector used to infect the devices?

A: Cross-site scripting
B: DNS poisoning
C: Typo squatting
D: URL hijacking

—

Question 80

A systems administrator is reviewing the following information from a compromised server:

Given the above information, which of the following processes was MOST likely exploited via a remote buffer overflow attack?

A: Apache
B: LSASS
C: MySQL
D: TFTP

—

Question 81

Joe, a security administrator, needs to extend the organization's remote access functionality to be used by staff while travelling. Joe needs to maintain separate access control functionalities for internal, external, and VOIP services. Which of the following represents the BEST access technology for Joe to use?

A: RADIUS
B: TACACS+
C: Diameter
D: Kerberos

—

Question 82

The availability of a system has been labeled as the highest priority. Which of the following should be focused on the MOST to ensure the objective?

A: Authentication
B: HVAC
C: Full-disk encryption
D: File integrity checking

—

Question 83

As part of the SDLC, a third party is hired to perform a penetration test. The third party will have access to the source code, integration tests, and network diagrams. Which of the following BEST describes the assessment being performed?

A: Black box
B: Regression
C: White box
D: Fuzzing

—

Question 84

A dumpster diver recovers several hard drives from a company and is able to obtain confidential data from one of the hard drives. The company then discovers its information is posted online. Which of the following methods would have MOST likely prevented the data from being exposed?

A: Removing the hard drive from its enclosure
B: Using software to repeatedly rewrite over the disk space
C: Using Blowfish encryption on the hard drives
D: Using magnetic fields to erase the data

—

Question 85

Which of the following are methods to implement HA in a web application server environment? (Choose two.)

A: Load balancers
B: Application layer firewalls
C: Reverse proxies
D: VPN concentrators
E: Routers

—

Question 86

An application developer is designing an application involving secure transports from one service to another that will pass over port 80 for a request.
Which of the following secure protocols is the developer MOST likely to use?

A: FTPS
B: SFTP
C: SSL
D: LDAPS
E: SSH

—

Question 87

Which of the following threat actors is MOST likely to steal a company's proprietary information to gain a market edge and reduce time to market?

A: Competitor
B: Hacktivist
C: Insider
D: Organized crime.

—

Question 88

Which of the following precautions MINIMIZES the risk from network attacks directed at multifunction printers, as well as the impact on functionality at the same time?

A: Isolating the systems using VLANs
B: Installing a software-based IPS on all devices
C: Enabling full disk encryption
D: Implementing a unique user PIN access functions

—

Question 89

After an identified security breach, an analyst is tasked to initiate the IR process. Which of the following is the NEXT step the analyst should take?

A: Recovery
B: Identification
C: Preparation
D: Documentation
E: Escalation

—

Question 90

A company was recently audited by a third party. The audit revealed the company's network devices were transferring files in the clear. Which of the following protocols should the company use to transfer files?

A: HTTPS
B: LDAPS
C: SCP
D: SNMPv3

—

Question 91

During a monthly vulnerability scan, a server was flagged for being vulnerable to an Apache Struts exploit. Upon further investigation, the developer responsible for the server informs the security team that Apache Struts is not installed on the server. Which of the following BEST describes how the security team should reach to this incident?

A: The finding is a false positive and can be disregarded
B: The Struts module needs to be hardened on the server
C: The Apache software on the server needs to be patched and updated
D: The server has been compromised by malware and needs to be quarantined.

—

Question 92

A systems administrator wants to protect data stored on mobile devices that are used to scan and record assets in a warehouse. The control must automatically destroy the secure container of mobile devices if they leave the warehouse. Which of the following should the administrator implement? (Choose two.)

A: Geofencing
B: Remote wipe
C: Near-field communication
D: Push notification services
E: Containerization

—

Question 93

A security analyst is performing a quantitative risk analysis. The risk analysis should show the potential monetary loss each time a threat or event occurs. Given this requirement, which of the following concepts would assist the analyst in determining this value? (Choose two.)

A: ALE
B: AV
C: ARO
D: EF
E: ROI

—

Question 94

Which of the following AES modes of operation provide authentication? (Choose two.)

A: CCM
B: CBC
C: GCM
D: DSA
E: CFB

—

Question 95

An audit takes place after company-wide restricting, in which several employees changed roles. The following deficiencies are found during the audit regarding access to confidential data:

Which of the following would be the BEST method to prevent similar audit findings in the future?

A: Implement separation of duties for the payroll department.
B: Implement a DLP solution on the payroll and human resources servers.
C: Implement rule-based access controls on the human resources server.
D: Implement regular permission auditing and reviews.

—

Question 96

A security engineer is configuring a wireless network that must support mutual authentication of the wireless client and the authentication server before users provide credentials. The wireless network must also support authentication with usernames and passwords. Which of the following authentication protocols MUST the security engineer select?

A: EAP-FAST
B: EAP-TLS
C: PEAP
D: EAP

—

Question 97

A system's administrator has finished configuring firewall ACL to allow access to a new web server.

The security administrator confirms form the following packet capture that there is network traffic from the internet to the web server:

The company's internal auditor issues a security finding and requests that immediate action be taken. With which of the following is the auditor MOST concerned?

A: Misconfigured firewall
B: Clear text credentials
C: Implicit deny
D: Default configuration

—

Question 98

A penetration tester is crawling a target website that is available to the public. Which of the following represents the actions the penetration tester is performing?

A: URL hijacking
B: Reconnaissance
C: White box testing
D: Escalation of privilege

—

Question 99

Which of the following vulnerability types would the type of hacker known as a script kiddie be MOST dangerous against?

A: Passwords written on the bottom of a keyboard
B: Unpatched exploitable Internet-facing services
C: Unencrypted backup tapes
D: Misplaced hardware token

—

Question 100

An in-house penetration tester is using a packet capture device to listen in on network communications. This is an example of:

A: Passive reconnaissance
B: Persistence
C: Escalation of privileges
D: Exploiting the switch

—

Page 4 of 42 • Questions 76-100 of 1043

←

2 3 4 5 6

→

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!