SY0-501 Online Practice Questions and Answers

A security consultant discovers that an organization is using the PCL protocol to print documents, utilizing the default driver and print settings. Which of the following is the MOST likely risk in this situation?

A. An attacker can access and change the printer configuration.

B. SNMP data leaving the printer will not be properly encrypted.

C. An MITM attack can reveal sensitive information.

D. An attacker can easily inject malicious code into the printer firmware.

E. Attackers can use the PCL protocol to bypass the firewall of client computers.

Which of the following cryptographic attacks would salting of passwords render ineffective?

A. Brute force

B. Dictionary

C. Rainbow tables

D. Birthday

A system's administrator has finished configuring firewall ACL to allow access to a new web server.

The security administrator confirms form the following packet capture that there is network traffic from the internet to the web server:

The company's internal auditor issues a security finding and requests that immediate action be taken. With which of the following is the auditor MOST concerned?

A. Misconfigured firewall

B. Clear text credentials

C. Implicit deny

D. Default configuration

An organization requires users to provide their fingerprints to access an application. To improve security, the application developers intend to implement multifactor authentication. Which of the following should be implemented?

A. Use a camera for facial recognition

B. Have users sign their name naturally

C. Require a palm geometry scan

D. Implement iris recognition

An administrator is configuring access to information located on a network file server named "Bowman". The files are located in a folder named "BalkFiles". The files are only for use by the "Matthews" division and should be read-only. The

security policy requires permissions for shares to be managed at the file system layer and also requires those permissions to be set according to a least privilege model. Security policy for this data type also dictates that administrator-level

accounts on the system have full access to the files.

The administrator configures the file share according to the following table:

Which of the following rows has been misconfigured?

A. Row 1

B. Row 2

C. Row 3

D. Row 4

E. Row 5

A system uses an application server and database server Employing the principle of least privilege, only database administrators are given administrative privileges on the database server, and only application team members are given administrative privileges on the application server. Audit and log file reviews are performed by the business unit (a separate group from the database and application teams). The organization wants to optimize operational efficiency when application or database changes are needed, but it also wants to enforce least privilege, prevent modification of log files, and facilitate the audit and log review performed by the business unit. Which of the following approaches would BEST meet the organization's goals?

A. Restrict privileges on the log file directory to "read only" and use a service account to send a copy of these files to the business unit.

B. Switch administrative privileges for the database and application servers. Give the application team administrative privileges on the database servers and the database team administrative privileges on the application servers.

C. Remove administrative privileges from both the database and application servers, and give the business unit "read only" privileges on the directories where the log files are kept.

D. Give the business unit administrative privileges on both the database and application servers so they can Independently monitor server activity.

A security analyst wishes to scan the network to view potentially vulnerable systems the way an attacker would. Which of the following would BEST enable the analyst to complete the objective?

A. Perform a non-credentialed scan.

B. Conduct an intrusive scan.

C. Attempt escalation of privilege

D. Execute a credentialed scan.

Which of the following is the LEAST secure hashing algorithm?

A. SHA1

B. RIPEMD

C. MD5

D. DES

The president of a company that specializes in military contracts receives a request for an interview. During the interview, the reporter seems more interested in discussing the president's family life and personal history than the details of a recent company success. Which of the following security concerns is this MOST likely an example of?

A. Insider threat

B. Social engineering

C. Passive reconnaissance

D. Phishing

Which of the following describes the key difference between vishing and phishing attacks?

A. Phishing is used by attackers to steal a person's identity.

B. Vishing attacks require some knowledge of the target of attack.

C. Vishing attacks are accomplished using telephony services.

D. Phishing is a category of social engineering attack.

A company has noticed multiple instances of proprietary information on public websites. It has also observed an increase in the number of email messages sent to random employees containing malicious links and PDFs. Which of the following changes should the company make to reduce the risks associated with phishing attacks? (Select TWO)

A. Install an additional firewall

B. Implement a redundant email server

C. Block access to personal email on corporate systems

D. Update the X.509 certificates on the corporate email server

E. Update corporate policy to prohibit access to social media websites

F. Review access violation on the file server

Two users must encrypt and transmit large amounts of data between them. Which of the following should they use to encrypt and transmit the data?

A. Symmetric algorithm

B. Hash function

C. Digital signature

D. Obfuscation

Which of the following locations contain the MOST volatile data?

A. SSD

B. Paging file

C. RAM

D. Cache memory

A security analyst is reviewing patches on servers. One of the servers is reporting the following error message in the WSUS management console:

The computer has not reported status in 30 days.

Given this scenario, which of the following statements BEST represents the issue with the output above?

A. The computer in Question : has not pulled the latest ACL policies for the firewall.

B. The computer in Question : has not pulled the latest GPO policies from the management server.

C. The computer in Question : has not pulled the latest antivirus definitions from the antivirus program.

D. The computer in Question : has not pulled the latest application software updates.

Which of the following authentication concepts is a gait analysis MOST closely associated?

A. Somewhere you are

B. Something you are

C. Something you do

D. Something you know