Syo-501 2018 Questions 51-79

QUESTION 51 A systems administrator is attempting to recover from a catastrophic failure in the datacenter. To recover the domain controller, the systems administrator needs to provide the domain administrator credentials. Which of the following account types is the system administrator using?

QUESTION 52 User from two organizations, each with its own PKI, need to begin working together on a joint project. Which of the following would allow the users of the separate PKIs to work together without connection errors?

QUESTION 53 A security analyst is migrating a pass-the-hash vulnerability on a Windows infrastructure. Given the requirement, which of the following should the security analyst do to MINIMIZE the risk?

QUESTION 54 An organization requires users to provide their fingerprints to access an application. To improve security, the application developers intend to implement multifactor authentication. Which of the following should be implemented?

QUESTION 55 A security analyst is reviewing an assessment report that includes software versions, running services, supported encryption algorithms, and permission settings. Which of the following produced the report?

QUESTION 56 A Chief Information Officer (CIO) asks the company's security specialist if the company should spend any fund s on malware protection for a specific server. Based on a risk assessment, the ARO value of a malware infection for a server is 5 and the annual cost for the malware protection is $2500. Which of the following LSE values warrants a recommendation against purchasing the malware protection?

QUESTION 57 The computer resource center issue smartphones to all first-level and above managers. The managers have the ability to install mobile tools. Which of the following tools should be implemented with the type of tools the managers installed?

QUESTION 58 A systems administrator wants to provide for and enforce wireless access accountability during events where external speakers are invited to make presentations to a mixed audience of employees and non-employees. Which of the following should the administrator implement?

QUESTION 59 A recent internal audit is forcing a company to review each internal business unit's VMs because the cluster they are installed on is in danger of running out of computer resources. Which of the following vulnerabilities exist?

QUESTION 60 A security administrator has found a hash in the environment known to belong to malware. The administrator then finds this file to be in the preupdate area of the OS, which indicated it was pushed from the central patch system. File: winx86_adobe_upgrade.exe Hash: 99ac28bede43ab869b853ba62c4ea243 Administrator pulls a report from the patch management system with the following output: Install Date Package Name Target Device Hash 10/10/2017 java_11.2_x64.exe HQ PC's 01ab28bbde63aa879b35bba62cdea282 10/10/2017 winx86_adobe_flash_upgrade.exe HQ PC's 99ac28bede43ab86b853ba62c4ea243 Given the above output, which of the following MOST likely happened?

QUESTION 61 Two users must encrypt and transmit large amounts of data between them. Which of the following should they use to encrypt and transmit the data?

QUESTION 62 A new Chief Information Officer (CIO) has been reviewing the badging and decides to write a policy that all employees must have their badges rekeyed at least annually. Which of the following controls BEST describes this policy?

QUESTION 63 A software developer is concerned about DLL hijacking in an application being written. Which of the following is the MOST viable mitigation measure of this type of attack?

QUESTION 64 A security engineer wants to implement a site-to-site VPN that will require SSL certificates for mutual authentication. Which of the following should the engineer implement if the design requires client MAC addresses to be visible across the tunnel?

QUESTION 65 An application was recently compromised after some malformed data came in via web form. Which of the following would MOST likely have prevented this?

QUESTION 66 While working on an incident, Joe, a technician, finished restorting the OS and applications on a workstation from the original media. Joe is about to begin copying the user's files back onto the hard drive. Which of the following incident response steps is Joe working on now?

QUESTION 67 A systems administrator found a suspicious file in the root of the file system. The file contains URLs, usernames, passwords, and text fro other documents being edited on the system. Which of the following types of malware would generate such a file?

QUESTION 68 A computer emergency response team is called at midnight to investigate a case in which a mail server was restarted. After an initial investigation, it was discovered that email is being exfiltrated through an active connection. Which of the following is the NEXT step the team should take?

QUESTION 69 A remote intruder wants to take inventory of a network so exploits can be researched. The intruder is looking for information about software versions on the network. Which of the following techniques is the intruder using?

QUESTION 70 An analyst is reviewing a simple program for potential security vulnerabilities before being deployed to a Windows server. Given the following code: void foo (char *bar) { car random_user_input[12]; stropy (random_user_input, bar); } Which of the following vulnerabilities is present?

QUESTION 71 A company has a date classification system with definitions for "Private" and "Public". The company's security policy outlines how data should be protected based on type. The company recently added data type "Proprietary". Which of the following is the MOST likely reason the company added this data type?

QUESTION 72 A security technician is configuring an access management system to track and record user actions. Which of the following functions should the technician configure?

QUESTION 73 A security administrator installed a new network scanner that identifies new host systems on the network. Which of the following did the security administrator install?

QUESTION 74 A Chief Information Officer (CIO) has decided it is not cost effective to implement safeguards against a known vulnerability. Which of the following risk responses does this BEST describe?

QUESTION 75 An audit takes place after company-wide restructuring, in which several employees changed roles. The following deficiencies are found during the audit regarding access to confidential data. Employee Job Function Audit Finding Ann Sales Manager *Access to confidential payroll shares *Access to payroll processing program *Access to marketing shares Jeff Marketing Director *Access to human resources annual review folder *Access to shared human resources mailbox John Sales Manager *Active account *Access to human resources annual review folder *Access to confidential payroll shares Which of the following would be the BEST method to prevent similar audit finding in the future?

QUESTION 76 A technician is investigating a potentially compromised device with the following symptoms: Browser slowness Frequent browser crashes Hourglass stuck New search toolbar Increased memory consumption Which of the following types of malware has infected the system?

QUESTION 77 A penetration tester has written an application that performs a bit-by-bit XOR 0xFF operation on binaries prior to transmission over untrusted media. Which of the following BEST describes the action performed by this type of application?

QUESTION 78 An audit reported has identifies a weakness that could allow unauthorized personnel access to the facility at its main entrance and from there gain access to the network. Which of the following would BEST resolve the vulnerability?

QUESTION 79 When attempting to secure a mobile workstation, which of the following authentication technologies rely on the user's physical characteristics? (Select TWO)