SY0-501 Online Practice Questions and Answers

Employees receive a benefits enrollment email from the company's human resources department at the beginning of each year. Several users have reported receiving the email but are unable to log in to the website with their usernames and passwords. Users who enter the URL for the human resources website can log in without issue. Which of the following security issues is occurring?

A. Several users' computers were not configured to use HTTPS to access the website

B. The human resources servers received a large number of requests, resulting in a DoS

C. The internal DNS server was compromised, directing users to a hacker's server

D. Users received a social engineering email and were directed to an external website

A security specialist is notified about a certificate warning that users receive when using a new internal website. After being given the URL from one of the users and seeing the warning, the security specialist inspects the certificate and realizes it has been issued to the IP address, which is how the developers reach the site.

Which of the following would BEST resolve the issue?

A. OSCP

B. OID

C. PEM

D. SAN

Which of the following is an example of the second A in the AAA model?

A. The encryption protocol successfully completes the handshake and establishes a connection

B. The one-time password is keyed in, and the login system grants access.

C. The event log records a successful login with a type code that indicates an interactive login.

D. A domain controller confirms membership in the appropriate group

A security analyst is investigating a security breach involving the loss of sensitive data. A user passed the information through social media as vacation photos. Which of the following methods was used to encode the data?

A. Obfuscation

B. Steganography

C. Hashing

D. Elliptic curve

A security technician is configuring a new firewall appliance for a production environment. The firewall must support secure web services for client workstations on the 10.10.10.0/24 network. The same client workstations are configured to contact a server at 192.168.1.15/24 for domain name resolution. Which of the following rules should the technician add to the firewall to allow this connectivity for the client workstations? (Select TWO).

A. Permit 10.10.10.0/24 0.0.0.0 -p tcp --dport 22

B. Permit 10.10.10.0/24 0.0.0.0 -p tcp --dport 80

C. Permit 10.10.10.0/24192.168.1.15/24 -p udp --dport 21

D. Permit 10.10.10.0/24 0.0.0.0-p tcp --dport 443

E. Permit 10.10.10.0/24 192.168.1.15/24 -p tcp --dport 53

F. Permit 10.10.10.0/24 192.168.1.15/24 -p udp --dport 53

A technician must configure a firewall to block external DNS traffic from entering a network. Which of the following ports should they block on the firewall?

A. 53

B. 110

C. 143

D. 443

The chief Security Officer (CSO) has reported a rise in data loss but no break ins have occurred. By doing which of the following is the CSO most likely to reduce the number of incidents?

A. Implement protected distribution

B. Empty additional firewalls

C. Conduct security awareness training

D. Install perimeter barricades

Which of the following is a passive method to test whether transport encryption is implemented?

A. Black box penetration test

B. Port scan

C. Code analysis

D. Banner grabbing

A security analyst is investigating a call from a user regarding one of the websites receiving a 503: Service Unavailable error. The analyst runs a netstat-an command to discover if the web server is up and listening. The analyst receives the following output: TCP 10.1.5.2:80 192.168.2.112:60973 TIME_WAIT TCP 10.1.5.2:80 192.168.2.112:60974 TIME_WAIT TCP 10.1.5.2:80 192.168.2.112:60975 TIME_WAIT TCP 10.1.5.2:80 192.168.2.112:60976 TIME_WAIT TCP 10.1.5.2:80 192.168.2.112:60977 TIME_WAIT TCP 10.1.5.2:80 192.168.2.112:60978 TIME_WAIT Which of the following types of attack is the analyst seeing?

A. Buffer overflow

B. Domain hijacking

C. Denial of service

D. ARP poisoning

An employee workstation with an IP address of 204.211.38.211/24 reports it is unable to submit print jobs to a network printer at 204.211.38.52/24 after a firewall upgrade. The active firewall rules are as follows:

Assuming port numbers have not been changed from their defaults, which of the following should be modified to allow printing to the network printer?

A. The permit statement for 204.211.38.52/24 should be changed to TCP port 631 instead of UDP

B. The deny statement for 204.211.38.52/24 should be changed to a permit statement

C. The permit statement for 204.211.38.52/24 should be changed to UDP port 443 instead of 631

D. The permit statement for 204.211.38.211/24 should be changed to TCP port 631 only instead of ALL