CompTIA SY0-501 Actual Free Exam Questions & Community Discussion

A network technician discovered the usernames and passwords used for network device configuration have been compromised by a user with a packet sniffer. Which of the following would secure the credentials from sniffing?

A systems administrator is trying to reduce the amount of time backups take every night. Which of the following backup types only includes changes since the most recent backup of any type?

Which of the following is an example of the second A in the AAA model?

A security analyst is performing a manual audit of captured data from a packet analyzer. The analyst looks forbase64 encoded strings and applies the filter http.authbasic. Which of the following describes what the analysts looking for?

A company wants to deploy PKI on its Internet-facing website. The applications that are currently deployed are:
* www company com (mam website)
* contactus company com (for locating a nearby location)
* quotes company com (for requesting a price quote)
The company wants to purchase one SSL certificate that will work for all the existing applications and any future applications that follow the same naming conventions, such as store company com. Which of the following certificate types would BEST meet the requirements?

Exploitation of a system using widely known credentials and network addresses that results in DoS is an example of:

A company recently experienced a significant malware attack that caused all business operations to stop After an investigation a single PC was identified as the root cause and a secunty analyst on the IR team disconnected the machine from the corporate network, both the wired and wireless connections. Which of the following incident response phases was just completed?

A NIPS administrator needs to install a new signature to observe the behavior of a worm that may be spreading over SMB. Which of the following signatures should be installed on the NIPS?

An organization's IRP prioritizes containment over eradication. An incident has been discovered where an attacker outside of the organization has installed cryptocurrency mining software on the organization's web servers. Given the organization's stated priorities, which of the following would be the NEXT step?

Which of the following is a resiliency strategy that allows a system to automatically adapt to workload changes?

An organization wants to implement a solution that allows for automated logical controls for network defense. An engineer plans to select an appropriate network security component, which automates response actions based on security threats to the network. Which of the following would be MOST appropriate based on the engineer's requirements?

A systems administrator just issued the ssh-keygen -t rsa command on a Linux terminal Which of the following BEST describes what the rsa portion of the command represents?

A security administrator wants to determine if a company's web servers have the latest operating system and application patches installed. Which of the following types of vulnerability scans should be conducted?

Which of the following control types are alerts sent from a SIEM fulfilling based on vulnerably signatures?