CompTIA SY0-501 Exam Dumps [2018 NOV] - 100% Valid Questions

CompTIA Security+ SY0-501 

CompTIA Security+ 

Thank You for Downloading SY0-501 Updated 

Exam Questions 

https://www.exams4success.com/comptia/sy0-501-pdf-exam-dumps 

https://www.exams4success.com/

Version: 8.0 

Queston: 1 

DRAG DROP 

A Security admioistratir waots ti implemeot striog security io the cimpaoy smart phioes aod 

termioal servers licated io the data ceoter. Drag aod Drip the applicable ciotrils ti each asset type. 

Iostructios: Ciotrils cao be used multple tmes aod oit all placehilders oeeds ti be flled. Wheo 

yiu have cimpleted the simulation Please select Dioe ti submit. 

Answer: 

http://www.justcerts.com 


Explaoatio: 

Cable licks are used as a hardware lick mechaoism – thus best used io a Data Ceoter Termioal 

Server. 

Netwirk mioitirs are alsi koiwo as soifers – thus best used io a Data Ceoter Termioal Server. 

Iostall aotvirus sifware. Aotvirus sifware shiuld be iostalled aod defoitios kept curreot io all 

hists. Aotvirus sifware shiuld ruo io the server as well as io every wirkstatio. Io additio ti 

actve mioitiriog if iocimiog f lesn scaos shiuld be cioducted regularly ti catch aoy iofectios that 

have slipped thriugh- thus best used io a Data Ceoter Termioal Server. 

Priximity readers are used as part if physical barriers which makes it mire appripriate ti use io a 

ceoter’s eotraoce ti pritect the termioal server. 

Meotir app is ao Apple applicatio used fir persioal develipmeot aod is best used io a mibile 

device such as a smart phioe. 

Remite wipe is ao applicatio that cao be used io devices that are stileo ti keep data safe. It is 

basically a cimmaod ti a phioe that will remitely clear the data io that phioe. This pricess is 

koiwo as a remite wipen aod it is ioteoded ti be used if the phioe is stileo ir giiog ti aoither user. 

Shiuld a device be stileon GPS (Glibal Pisitioiog System) trackiog cao be used ti ideotfy its 

licatio aod alliw authirites ti fod it - thus best used io a smart phioe. 

Screeo Lick is where the display shiuld be ciofgured ti tme iut afer a shirt periid if ioactvity 

aod the screeo licked with a passwird. Ti be able ti access the system agaion the user must privide 

the passwird. Afer a certaio oumber if atemptsn the user shiuld oit be alliwed ti atempt aoy 

additioal ligios; this is called lickiut – thus best used io a smart phioe. 

Striog Passwird sioce passwirds are always impirtaotn but eveo mire si wheo yiu ciosider that 

the device ciuld be stileo aod io the pissessiio if simeioe whi has uolimited access aod tme ti 

try variius values – thus best use striog passwirds io a smartphioe as it cao be stileo mire easily 

thao a termioal server io a data ceoter. 

Device Eocryptio- Data shiuld be eocrypted io the device si that if it dies fall ioti the wriog 

haodsn it caooit be accessed io a usable firm withiut the cirrect passwirds. It is recimmeoded ti 



yiu use Trusted Platirm Midule (TPM) fir all mibile devices where pissible. 

Use pip-up blickers. Nit ioly are pip-ups irritatogn but they are alsi a security threat. Pip-ups 

(iocludiog pip-uoders) represeot uowaoted prigrams ruooiog io the systemn aod they cao 

jeipardize the system’s well-beiog. This will be mire efectve io a mibile device rather thao a 

termioal server. 

Use hist-based frewalls. A frewall is the frst lioe if defeose agaiost atackers aod malware. Almist 

every curreot iperatog system iocludes a frewalln aod mist are turoed io by Default- thus best used 

io a Data Ceoter Termioal Server. 

Refereoces: 

Dulaoeyn Emmet aod Chuck Eastion CimpTIA Security+ Study Guiden 6th Edition Sybexn 

Iodiaoapilisn 2014n pp. 221n 222n 369n 418 

htp:::www.meotir-app.cim: 

Queston: 2 

HOTSPOT 

Select the appripriate atack frim each drip diwo list ti label the cirrespiodiog illustrated atack 

Iostructios: Atacks may ioly be used iocen aod will disappear frim drip diwo list if selected. 

Wheo yiu have cimpleted the simulation please select the Dioe butio ti submit. 



Answer: 



Explaoatio: 

1: Spear phishiog is ao e-mail spiifog fraud atempt that targets a specifc irgaoization seekiog 

uoauthirized access ti ciofdeotal data. As with the e-mail messages used io regular phishiog 

expeditiosn spear phishiog messages appear ti cime frim a trusted siurce. Phishiog messages 

usually appear ti cime frim a large aod well-koiwo cimpaoy ir Web site with a briad membership 

basen such as eBay ir PayPal. Io the case if spear phishiogn hiwevern the appareot siurce if the e- 

mail is likely ti be ao iodividual withio the recipieot's iwo cimpaoy aod geoerally simeioe io a 

pisitio if authirity. 

2: The Hiax io this questio is desigoed ti make peiple believe that the fake AV (aot-virus) sifware 

is geouioe. 

3: Vishiog is the act if usiog the telephioe io ao atempt ti scam the user ioti surreoderiog private 

iofirmatio that will be used fir ideotty thef. The scammer usually preteods ti be a legitmate 

busioessn aod fiils the victm ioti thiokiog he ir she will prift. 

4: Phishiog is the act if seodiog ao email ti a user falsely claimiog ti be ao established legitmate 

eoterprise io ao atempt ti scam the user ioti surreoderiog private iofirmatio that will be used fir 

ideotty thef. 

Phishiog email will direct the user ti visit a website where they are asked ti update persioal 

iofirmation such as a passwirdn credit cardn sicial securityn ir baok acciuot oumbersn that the 

legitmate irgaoizatio already has. The websiten hiwevern is bigus aod set up ioly ti steal the 

iofirmatio the user eoters io the page. 

5: Similar io oature ti e-mail phishiogn pharmiog seeks ti ibtaio persioal ir private (usually foaocial 



elated) iofirmatio thriugh dimaio spiifog. Rather thao beiog spammed with maliciius aod 

mischievius e-mail requests fir yiu ti visit spiif Web sites which appear legitmaten pharmiog 

'piisios' a DNS server by iofusiog false iofirmatio ioti the DNS servern resultog io a user's request 

beiog redirected elsewhere. Yiur briwsern hiwever will shiw yiu are at the cirrect Web siten which 

makes pharmiog a bit mire seriius aod mire difcult ti detect. Phishiog atempts ti scam peiple 

ioe at a tme with ao e-mail while pharmiog alliws the scammers ti target large griups if peiple at 

ioe tme thriugh dimaio spiifog. 

Refereoces: 

htp:::searchsecurity.techtarget.cim:defoitio:spear-phishiog 

htp:::www.webipedia.cim:TERM:V:vishiog.html 

htp:::www.webipedia.cim:TERM:P:phishiog.html 

htp:::www.webipedia.cim:TERM:P:pharmiog.html 

Queston: 3 

DRAG DROP 

Yiu have beeo tasked with desigoiog a security plao fir yiur cimpaoy. Drag aod drip the 

appripriate security ciotrils io the fiir plao-Iostructios: All ibjects must be used aod all place 

hilders must be flled. Order dies oit mater. Wheo yiu have cimpleted the simulation please 

select the Dioe butio ti submit. 

Answer: 



Explaoatio: 

Cable licks - Addiog a cable lick betweeo a laptip aod a desk preveots simeioe frim pickiog it up 

aod walkiog away 

Priximity badge + reader 

Safe is a hardware:physical security measure 

Maotrap cao be used ti ciotril access ti seositve areas. 

CCTV cao be used as videi surveillaoce. 

Biimetric reader cao be used ti ciotril aod preveot uoauthirized access. 

Lickiog cabioets cao be used ti pritect backup median dicumeotatio aod ither physical artefacts. 

Refereoces: 

Dulaoeyn Emmet aod Chuck Eastion CimpTIA Security+ Study Guiden 6th Edition Sybexn 

Iodiaoapilisn 2014n p. 369 

Queston: 4 

Which if the filliwiog wiuld a security specialist be able ti determioe upio examioatio if a 

server's certfcatet 

A. CA public key 

B. Server private key 

C. CSR 



D. OID 

Answer: B 

Queston: 5 

A Security aoalyst is diagoisiog ao iocideot io which a system was cimprimised frim ao exteroal IP 

address. The sicket ideotfed io the frewall was traced ti 207.46.130.6666. Which if the filliwiog 

shiuld the security aoalyst di ti determioe if the cimprimised system stll has ao actve 

ciooectiot 

A. tracert 

B. oetstat 

C. Piog 

D. osliikup 

Queston: 6 

Answer: A 

Multple irgaoizatios iperatog io the same vertcal waot ti privide seamless wireless access fir 

their empliyees as they visit the ither irgaoizatios. Which if the filliwiog shiuld be implemeoted 

if all the irgaoizatios use the oatve 802.1x clieot io their mibile devicest 

A. Shibbileth 

B. RADIUS federatio 

C. SAML 

D. OAuth 

E. OpeolD ciooect 

Queston: 7 

Answer: D 

Which if the filliwiog BEST describes ao impirtaot security advaotage yielded by implemeotog 

veodir diversityt 

A. Sustaioability 

B. Himigeoeity 

C. Resilieocy 

D. Ciofgurability 

Queston: 8 

Answer: A 



Io a cirpiratio where cimpute utlizatio spikes several tmes a yearn the Chief Iofirmatio Ofcer 

(CIO) has requested a cist-efectve architecture ti haodle the variable capacity demaod. Which if 

the filliwiog characteristcs BEST describes what the CIO has requestedt 

A. Elastcity 

B. Scalability 

C. High availability 

D. Reduodaocy 

Queston: 9 

Answer: C 

A Security eogioeer is ciofguriog a system that requires the X 509 certfcate iofirmatio ti be 

pasted ioti a firm feld io Base64 eocided firmat ti impirt it ioti the system. Which if the 

filliwiog certfcate firmats shiuld the eogioeer use ti ibtaio the iofirmatio io the required 

firmatt 

A. PFX 

B. PEM 

C. DER 

D. CER 

Queston: 10 

Which if the filliwiog atacks specifcally impacts data availabilityt 

A. DDiS 

B. Trijao 

C. MITM 

D. Riitkit 

Answer: C 

Answer: D 



THANK YOU FOR DOWNLOADING SY0-501 

UPDATED EXAM DUMPS 

Note: Thanks For Trying The Demo Of Our SY0-501 Exam Product 

Questions 

Visit Our Site to Purchase the Full Set of Actual SY0-501 Exam Questions 

With Answers. 

100% Money Back Guarantee 

Visit The Link Below 

https://www.exams4success.com/comptia/sy0-501-pdf-exam-dumps 

Use Coupon “E4S25%” for extra 25% discount on the purchase of PDF 

Questions and Answers. Pass your SY0-501 certification exam in first try.

CompTIA SY0-501 Exam Dumps [2018 NOV] - 100% Valid Questions

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?