[Lead2pass New] Lead2pass SY0-501 New Questions Free Download (111-120)

Lead2pass 2017 November New CompTIA SY0-501 Exam Dumps!

100% Free Download! 100% Pass Guaranteed!

Are you struggling for the SY0-501 exam? Good news, Lead2pass CompTIA technical experts have collected all the questions and answers which are updated to cover the knowledge points and enhance candidates’ abilities. We offer the latest SY0-501 PDF and VCE dumps with new version VCE player for free download, and the new SY0-501 dump ensures your SY0-501 exam 100% pass.

Following questions and answers are all new published by CompTIA Official Exam Center: https://www.lead2pass.com/sy0-501.html

QUESTION 111
Anne, the Chief Executive Officer (CEO), has reported that she is getting multiple telephone calls from someone claiming to be from the helpdesk. The caller is asking to verify her network authentication credentials because her computer is broadcasting across the network. This is MOST likely which of the following types of attacks?

A.    Vishing
B.    Impersonation
C.    Spim
D.    Scareware

Answer: A

QUESTION 112
An administrator discovers the following log entry on a server:

Nov 12 2013 00:23:45 httpd[2342]: GET
/app2/prod/proc/process.php?input=change;cd%20../../../etc;cat%20shadow

Which of the following attacks is being attempted?

A.    Command injection
B.    Password attack
C.    Buffer overflow
D.    Cross-site scripting

Answer: B

QUESTION 113
A security team wants to establish an Incident Response plan. The team has never experienced an incident. Which of the following would BEST help them establish plans and procedures?

A.    Table top exercises
B.    Lessons learned
C.    Escalation procedures
D.    Recovery procedures

Answer: D

QUESTION 114
Which of the following would verify that a threat does exist and security controls can easily be bypassed without actively testing an application?

A.    Protocol analyzer
B.    Vulnerability scan
C.    Penetration test
D.    Port scanner

Answer: B
Explanation:
A vulnerability scan is the automated process of proactively identifying security vulnerabilities of computing systems in a network in order to determine if and where a system can be exploited and/or threatened. While public servers are important for communication and data transfer over the Internet, they open the door to potential security breaches by threat agents, such as malicious hackers.
Vulnerability scanning employs software that seeks out security flaws based on a database of known flaws, testing systems for the occurrence of these flaws and generating a report of the findings that an individual or an enterprise can use to tighten the network’s security.
Vulnerability scanning typically refers to the scanning of systems that are connected to the Internet but can also refer to system audits on internal networks that are not connected to the Internet in order to assess the threat of rogue software or malicious employees in an enterprise.

QUESTION 115
Which of the following technologies would be MOST appropriate to utilize when testing a new software patch before a company-wide deployment?

A.    Cloud computing
B.    Virtualization
C.    Redundancy
D.    Application control

Answer: B
Explanation:
Virtualization is used to host one or more operating systems in the memory of a single host computer and allows multiple operating systems to run simultaneously on the same hardware, reducing costs. Virtualization offers the flexibility of quickly and easily making backups of entire virtual systems, and quickly recovering the virtual system when errors occur. Furthermore, malicious code compromises of virtual systems rarely affect the host system, which allows for safer testing and experimentation.

QUESTION 116
A system administrator needs to implement 802.1x whereby when a user logs into the network, the authentication server communicates to the network switch and assigns the user to the proper VLAN.
Which of the following protocols should be used?

A.    RADIUS
B.    Kerberos
C.    LDAP
D.    MSCHAP

Answer: A

QUESTION 117
Which of the following types of cloud Infrastructures would allow several organizations with similar structures and interests to realize shared storage and resources?

A.    Private
B.    Hybrid
C.    Public
D.    Community

Answer: A

QUESTION 118
A security administrator has found a hash m the environment known to belong to malware. The administrator then finds this file to be in the preupdate area of the OS, which indicates it was pushed from the central patch system.

 

The administrator pulls a report from the patch management system with the following output:

 

Given the above outputs, which of the following MOST likely happened?

A.    The file was corrupted after it left the patch system
B.    The file was infected when the patch manager downloaded it.
C.    The file was not approved in the application whitelist system
C. The fee was embedded with a logic bomb to evade detection

Answer:

QUESTION 119
Which of the following implements two-factor authentication?

A.    A phone system requiring a PIN to make a call
B.    An ATM requiring a credit card and PIN
C.    A computer requiring username and password
D.    A datacenter mantrap requiring fingerprint and iris scan

Answer: D

QUESTION 120
A company is terminating an employee for misbehavior. Which of the following steps is MOST important in the process of disengagement from this employee?

A.    Obtain a list of passwords used by the employee.
B.    Generate a report on outstanding projects the employee handled
C.    Have the employee surrender company identification.
D.    Have the employee sign an NDA before departing

Answer: A

More free Lead2pass SY0-501 exam new questions on Google Drive: https://drive.google.com/open?id=1Hm6GQHDVOsEnyhNf3EHqIGEtor5IUsfu

We ensure our new version SY0-501 PDF and VCE dumps are 100% valid for passing exam, because Lead2pass is the top IT certification study training materials vendor. Many candidates have passed exam with the help of Lead2pass’s VCE or PDF dumps. Lead2pass will update the study materials timely to make them be consistent with the current exam. Download the free demo on Lead2pass, you can pass the exam easily.

2017 CompTIA SY0-501 (All 166 Q&As) exam dumps (PDF&VCE) from Lead2pass:

https://www.lead2pass.com/sy0-501.html [100% Exam Pass Guaranteed]