Download SY0-501 Exam Questions and Answers 2021

NEW QUESTION 1
A mobile device user is concerned about geographic positioning information being included in messages sent between users on a popular social network platform. The user turns off the functionality in the application, but wants to ensure the application cannot re-enable the setting without the knowledge of the user.
Which of the following mobile device capabilities should the user disable to achieve the stated goal?

• A. Device access control
• B. Location based services
• C. Application control
• D. GEO-Tagging

Answer: D

NEW QUESTION 2
A security administrator is diagnosing a server where the CPU utilization is at 100% for 24 hours. The main culprit of CPU utilization is the antivirus program. Which of the following issue could occur if left unresolved? (Select TWO)

• A. MITM attack
• B. DoS attack
• C. DLL injection
• D. Buffer overflow
• E. Resource exhaustion

Answer: BE

NEW QUESTION 3
Given the log output:
Max 15 00:15:23.431 CRT: #SEC_LOGIN-5-LOGIN_SUCCESS:
Login Success [user: msmith] [Source: 10.0.12.45] [localport: 23] at 00:15:23:431 CET Sun Mar 15 2015
Which of the following should the network administrator do to protect data security?

• A. Configure port security for logons
• B. Disable telnet and enable SSH
• C. Configure an AAA server
• D. Disable password and enable RSA authentication

Answer: B

NEW QUESTION 4
Which of the following cryptographic algorithms is irreversible?

• A. RC4
• B. SHA-256
• C. DES
• D. AES

Answer: B

NEW QUESTION 5
A security administrator installed a new network scanner that identifies new host systems on the network. Which of the following did the security administrator install?

• A. Vulnerability scanner
• B. Network-based IDS
• C. Rogue system detection
• D. Configuration compliance scanner

Answer: C

NEW QUESTION 6
Joe, a user, wants to send Ann, another user, a confidential document electronically. Which of the following should Joe do to ensure the document is protected from eavesdropping?

• A. Encrypt it with Joe’s private key
• B. Encrypt it with Joe’s public key
• C. Encrypt it with Ann’s private key
• D. Encrypt it with Ann’s public key

Answer: D

NEW QUESTION 7
A vulnerability scan is being conducted against a desktop system. The scan is looking for files, versions, and registry values known to be associated with system vulnerabilities. Which of the following BEST describes the type of scan being performed?

• A. Non-intrusive
• B. Authenticated
• C. Credentialed
• D. Active

Answer: C

NEW QUESTION 8
While reviewing the security controls in place for a web-based application, a security controls assessor notices that there are no password strength requirements in place. Because of this vulnerability, passwords might be easily discovered using a brute force attack. Which of the following password requirements will MOST effectively improve the security posture of the application against these attacks? (Select two)

• A. Minimum complexity
• B. Maximum age limit
• C. Maximum length
• D. Minimum length
• E. Minimum age limit
• F. Minimum re-use limit

Answer: AD

NEW QUESTION 9
A security team wants to establish an Incident Response plan. The team has never experienced an incident. Which of the following would BEST help them establish plans and procedures?

• A. Table top exercises
• B. Lessons learned
• C. Escalation procedures
• D. Recovery procedures

Answer: A

NEW QUESTION 10
After surfing the Internet, Joe, a user, woke up to find all his files were corrupted. His wallpaper was replaced by a message stating the files were encrypted and he needed to transfer money to a foreign country to recover them. Joe is a victim of:

• A. a keylogger
• B. spyware
• C. ransomware
• D. a logic bomb

Answer: C

NEW QUESTION 11
A network operations manager has added a second row of server racks in the datacenter. These racks face the opposite direction of the first row of racks.
Which of the following is the reason the manager installed the racks this way?

• A. To lower energy consumption by sharing power outlets
• B. To create environmental hot and cold isles
• C. To eliminate the potential for electromagnetic interference
• D. To maximize fire suppression capabilities

Answer: B

NEW QUESTION 12
An external contractor, who has not been given information about the software or network architecture, is conducting a penetration test. Which of the following BEST describes the test being performed?

• A. Black box
• B. White box
• C. Passive reconnaissance
• D. Vulnerability scan

Answer: A

NEW QUESTION 13
A security administrator has written a script that will automatically upload binary and text-based configuration files onto a remote server using a scheduled task. The configuration files contain sensitive information. Which of the following should the administrator use? (Select TWO)

• A. TOPT
• B. SCP
• C. FTP over a non-standard pot
• D. SRTP
• E. Certificate-based authentication
• F. SNMPv3

Answer: CE

NEW QUESTION 14
When configuring settings in a mandatory access control environment, which of the following specifies the subjects that can access specific data objects?

• A. Owner
• B. System
• C. Administrator
• D. User

Answer: C

NEW QUESTION 15
In terms of encrypting data, which of the following is BEST described as a way to safeguard password data by adding random data to it in storage?

• A. Using salt
• B. Using hash algorithms
• C. Implementing elliptical curve
• D. Implementing PKI

Answer: A

NEW QUESTION 16
A penetration tester finds that a company’s login credentials for the email client were being sent in clear text. Which of the following should be done to provide encrypted logins to the email server?

• A. Enable IPSec and configure SMTP.
• B. Enable SSH and LDAP credentials.
• C. Enable MIME services and POP3.
• D. Enable an SSL certificate for IMAP services.

Answer: D