Syo-501 2018 Questions 51-79
QUESTION 51 A systems administrator is attempting to recover from a catastrophic failure in the datacenter. To recover the domain controller, the systems administrator needs to provide the domain administrator credentials. Which of the following account types is the system administrator using?
Shared accounts
Guest account
Service account
User account
QUESTION 52 User from two organizations, each with its own PKI, need to begin working together on a joint project. Which of the following would allow the users of the separate PKIs to work together without connection errors?
Trust model
Stapling
Intermediate CA
Key escrow
QUESTION 53 A security analyst is migrating a pass-the-hash vulnerability on a Windows infrastructure. Given the requirement, which of the following should the security analyst do to MINIMIZE the risk?
Enable CHAP
Disable NTLM
Enable Kerebos
Disable PAP
QUESTION 54 An organization requires users to provide their fingerprints to access an application. To improve security, the application developers intend to implement multifactor authentication. Which of the following should be implemented?
Use a camera for facial recognition
Have users sign their name naturally
Require a palm geometry scan
Implement iris recognition
QUESTION 55 A security analyst is reviewing an assessment report that includes software versions, running services, supported encryption algorithms, and permission settings. Which of the following produced the report?
Vulnerability scanner
Protocol analyzer
Network mapper
Web inspector
QUESTION 56 A Chief Information Officer (CIO) asks the company's security specialist if the company should spend any fund s on malware protection for a specific server. Based on a risk assessment, the ARO value of a malware infection for a server is 5 and the annual cost for the malware protection is $2500. Which of the following LSE values warrants a recommendation against purchasing the malware protection?
$500
$1000
$2000
$2500
QUESTION 57 The computer resource center issue smartphones to all first-level and above managers. The managers have the ability to install mobile tools. Which of the following tools should be implemented with the type of tools the managers installed?
Download manager
Content manager
Segmentation manager
Application manager
QUESTION 58 A systems administrator wants to provide for and enforce wireless access accountability during events where external speakers are invited to make presentations to a mixed audience of employees and non-employees. Which of the following should the administrator implement?
Shared accounts
Preshared passwords
Least privilege
Sponsored guest
QUESTION 59 A recent internal audit is forcing a company to review each internal business unit's VMs because the cluster they are installed on is in danger of running out of computer resources. Which of the following vulnerabilities exist?
Buffer overflow
End-of-life systems
System sprawl
Weak configuration
QUESTION 60 A security administrator has found a hash in the environment known to belong to malware. The administrator then finds this file to be in the preupdate area of the OS, which indicated it was pushed from the central patch system. File: winx86_adobe_upgrade.exe Hash: 99ac28bede43ab869b853ba62c4ea243 Administrator pulls a report from the patch management system with the following output: Install Date Package Name Target Device Hash 10/10/2017 java_11.2_x64.exe HQ PC's 01ab28bbde63aa879b35bba62cdea282 10/10/2017 winx86_adobe_flash_upgrade.exe HQ PC's 99ac28bede43ab86b853ba62c4ea243 Given the above output, which of the following MOST likely happened?
The file was corrupted after it left the patch system
The file was infected when the patch manager downloaded it
The file was not approved in the application whitelist system
The file was embedded with a logic bomb to evade detection
QUESTION 61 Two users must encrypt and transmit large amounts of data between them. Which of the following should they use to encrypt and transmit the data?
Symmetric algorithm
Hash function
Digital signature
Obfuscation
QUESTION 62 A new Chief Information Officer (CIO) has been reviewing the badging and decides to write a policy that all employees must have their badges rekeyed at least annually. Which of the following controls BEST describes this policy?
Physical
Corrective
Technical
Administrative
QUESTION 63 A software developer is concerned about DLL hijacking in an application being written. Which of the following is the MOST viable mitigation measure of this type of attack?
The DLL of each application should be set individually
All calls to different DLLs should e hard-coded in the application
Access to DLLs from the Windows registry should be disabled
The affected DLLs should be renamed to avoid future hijacking
QUESTION 64 A security engineer wants to implement a site-to-site VPN that will require SSL certificates for mutual authentication. Which of the following should the engineer implement if the design requires client MAC addresses to be visible across the tunnel?
Tunnel mode IPSec
Transport mode VPN IPSec
L2TP
SSL VPN
QUESTION 65 An application was recently compromised after some malformed data came in via web form. Which of the following would MOST likely have prevented this?
Input validation
Proxy server
Stress testing
Encoding
QUESTION 66 While working on an incident, Joe, a technician, finished restorting the OS and applications on a workstation from the original media. Joe is about to begin copying the user's files back onto the hard drive. Which of the following incident response steps is Joe working on now?
Recovery
Eradication
Containment
Identification
QUESTION 67 A systems administrator found a suspicious file in the root of the file system. The file contains URLs, usernames, passwords, and text fro other documents being edited on the system. Which of the following types of malware would generate such a file?
Keylogger
Rootkit
Bot
RAT
QUESTION 68 A computer emergency response team is called at midnight to investigate a case in which a mail server was restarted. After an initial investigation, it was discovered that email is being exfiltrated through an active connection. Which of the following is the NEXT step the team should take?
Identify the source of the active connection
Perform eradication of active connection and recover
Performance containment procedure by disconnecting the server
Format the server and restore its initial configuration
QUESTION 69 A remote intruder wants to take inventory of a network so exploits can be researched. The intruder is looking for information about software versions on the network. Which of the following techniques is the intruder using?
Banner grabbing
Port scanning
Packet sniffing
Virus scanning
QUESTION 70 An analyst is reviewing a simple program for potential security vulnerabilities before being deployed to a Windows server. Given the following code: void foo (char *bar) { car random_user_input[12]; stropy (random_user_input, bar); } Which of the following vulnerabilities is present?
Bad memory pointer
Buffer overflow
Integer overflow
Backdoor
QUESTION 71 A company has a date classification system with definitions for "Private" and "Public". The company's security policy outlines how data should be protected based on type. The company recently added data type "Proprietary". Which of the following is the MOST likely reason the company added this data type?
Reduced cost
More searchable data
Better data classification
Expanded authority of the privacy officer
QUESTION 72 A security technician is configuring an access management system to track and record user actions. Which of the following functions should the technician configure?
Accounting
Authorization
Authentication
Identification
QUESTION 73 A security administrator installed a new network scanner that identifies new host systems on the network. Which of the following did the security administrator install?
Vulnerability scanner
Network-based IDS
Rogue system detectio
Configuration compliance scanner
QUESTION 74 A Chief Information Officer (CIO) has decided it is not cost effective to implement safeguards against a known vulnerability. Which of the following risk responses does this BEST describe?
Transference
Avoidance
Mitigation
Acceptance
QUESTION 75 An audit takes place after company-wide restructuring, in which several employees changed roles. The following deficiencies are found during the audit regarding access to confidential data. Employee Job Function Audit Finding Ann Sales Manager *Access to confidential payroll shares *Access to payroll processing program *Access to marketing shares Jeff Marketing Director *Access to human resources annual review folder *Access to shared human resources mailbox John Sales Manager *Active account *Access to human resources annual review folder *Access to confidential payroll shares Which of the following would be the BEST method to prevent similar audit finding in the future?
Implement separation of duties for the payroll department
Implement a DLP solution on the payroll and human resources reviews
Implement rule-based access controls on the human resources server
Implement regular permission auditing and reviews
QUESTION 76 A technician is investigating a potentially compromised device with the following symptoms: Browser slowness Frequent browser crashes Hourglass stuck New search toolbar Increased memory consumption Which of the following types of malware has infected the system?
Man-in-the-browser
Spoofer
Spyware
Adware
QUESTION 77 A penetration tester has written an application that performs a bit-by-bit XOR 0xFF operation on binaries prior to transmission over untrusted media. Which of the following BEST describes the action performed by this type of application?
Hashing
Key exchange
Encryption
Obfusication
{"name":"Syo-501 2018 Questions 51-79", "url":"https://www.quiz-maker.com/QPREVIEW","txt":"QUESTION 51 A systems administrator is attempting to recover from a catastrophic failure in the datacenter. To recover the domain controller, the systems administrator needs to provide the domain administrator credentials. Which of the following account types is the system administrator using?, QUESTION 52 User from two organizations, each with its own PKI, need to begin working together on a joint project. Which of the following would allow the users of the separate PKIs to work together without connection errors?, QUESTION 53 A security analyst is migrating a pass-the-hash vulnerability on a Windows infrastructure. Given the requirement, which of the following should the security analyst do to MINIMIZE the risk?","img":"https://www.quiz-maker.com/3012/images/ogquiz.png"}
More Quizzes
Vikings Quiz
630
Mennyit tudsz a Covid-19 járványról?
740
Which type of poem are you?
8413
Anger Management Quiz
520
Military Entry
1360
Health and Safety General Policy
10516
If you answer all without the internet, you are a genius.
10516
Q1 - 3rd Summative Test in PE
6342
If you were a house, which house type would you be?
840
Which Hatzgang Member are you?
10579
How close are we?
10514
Zoey's Quiz
25120