.png){kind=logo}
PDF Download
FREE AND STUDY GAMES ABOUT SYS501 EXAM
QUESTIONS
Actual Qs and Ans Expert-Verified Explanation
This Exam contains:
-Guarantee passing score -521 Questions and Answers -format set of multiple-choice -Expert-Verified Explanation Question 1: Which of the following solutions should an administrator use to reduce the risk from an unknown vulnerability in a third-party software application?
- Sandboxing
- Encryption
- Code signing
- Fuzzing
Answer:
Answer: A
Question 2: An incident involving a workstation that is potentially infected with a virus has occurred. The workstation may have sent confidential data to an unknown internet server. Which of the following should a security analyst do FIRST?
- Make a copy of ever
Answer:
Answer: A
Question 3: Despite having implemented password policies, users continue to set the same weak passwords and reuse old passwords. Which of the following technical controls would help prevent these policy violations? (Select two.)
- Password expiration
- Password
Answer:
Answer: CD
Question 4: To reduce disk consumption, an organization's legal department has recently approved a new policy setting the data retention period for sent email at six months. Which of the following is the BEST way to ensure this goal is met?
- Create a daily encry
Answer:
Answer: A
Question 5: A security administrator has written a script that will automatically upload binary and text-based configuration files onto a remote server using a scheduled task. The configuration files contain sensitive information. Which of the following should the
Answer:
Answer: CE
Question 6: A company is developing a new system that will unlock a computer automatically when an authorized user sits in front of it, and then lock the computer when the user leaves. The user does not have to perform any action for this process to occur. Which of
Answer:
Answer: A
Question 7: An application was recently compromised after some malformed data came in via web form. Which of the following would MOST likely have prevented this?
- Input validation
- Proxy server
- Stress testing
- Encoding
Answer:
Answer: A
Question 8: Ann is the IS manager for several new systems in which the classification of the systems' data are being decided. She is trying to determine the sensitivity level of the data being processed.Which of the following people should she consult to determine
Answer:
Answer: D
Question 9: The administrator installs database software to encrypt each field as it is written to disk.Which of the following describes the encrypted data?
- In-transit
- In-use
- Embedded
- At-rest
Answer:
Answer: B
Question 10: Which of the following allows an application to securely authenticate a user by receiving credentials from a web domain?
A. TACACS+
B. RADIUS
- Kerberos
D. SAML
Answer:
Answer: D
Question 11: A security engineer is configuring a wireless network that must support mutual authentication of the wireless client and the authentication server before users provide credentials. The wireless network must also support authentication with usernames and
Answer:
Answer: C
Question 12: A new Chief Information Officer (CIO) has been reviewing the badging and decides to write a policy that all employees must have their badges rekeyed at least annually. Which of the following controls BEST describes this policy?
- Physical
- Correcti
Answer:
Answer: D
Question 13: During a recent audit, it was discovered that several user accounts belonging to former employees were still active and had valid VPN permissions. Which of the following would help reduce the amount of risk the organization incurs in this situation in t
Answer:
Answer: B
Question 14: Which of the following vulnerability types would the type of hacker known as a script kiddie be MOST dangerous against?
- Passwords written on the bottom of a keyboard
.png)