Web
Analytics

Comptia Security
SY0-501 CompTIA Security+ Certification Exam
Answer 25 questions in 10 minutes.

SY0-501 CompTIA Security+ Certification Exam |


A company is allowing a BYOD policy for its staff. Which of the following is a best practice that can decrease the risk of users jailbreaking mobile devices?
Install a corporately monitored mobile antivirus on the devices.
Require applications to be digitally signed.
Build a custom ROM that can prevent jailbreaking.
Prevent the installation of applications from a third-party application store.

DRAG DROP A security administrator is given the security and availability profiles for servers that are being deployed. 1. Match each RAID type with the correct configuration and MINIMUM number of drives. 2. Review the server profiles and match them with the appropriate RAID type based on integrity, availability, I/O, storage requirements. Instructions: All drive definitions can be dragged as many times as necessary Not all placeholders may be filled in the RAID configuration boxes If parity is required, please select the appropriate number of parity checkboxes Server profiles may be dragged only once If at any time you would like to bring back the initial state of the simulation, please select the Reset button. When you have completed the simulation, please select the Done button to submit. Once the simulation is submitted, please select the Next button to continue. Select and Place: Correct Answer: Explanation: RAID-0 is known as striping. It is not a fault tolerant solution but does improve disk performance for read/write operations. Striping requires a minimum of two disks and does not use parity. RAID-0 can be used where performance is required over fault tolerance, such as a media streaming server. RAID-1 is known as mirroring because the same data is written to two disks so that the two disks have identical data. This is a fault tolerant solution that halves the storage space. A minimum of two disks are used in mirroring and does not use parity. RAID-1 can be used where fault tolerance is required over performance, such as on an authentication server. RAID-5 is a fault tolerant solution that uses parity and striping. A minimum of three disks are required for RAID-5 with one disk's worth of space being used for parity information. However, the parity information is distributed across all the disks. RAID-5 can recover from a sing disk failure. RAID-6 is a fault tolerant solution that uses dual parity and striping. A minimum of four disks are required for RAID-6. Dual parity allows RAID-6 to recover from the simultaneous failure of up to two disks. Critical data should be stored on a RAID-6 system. http://www.adaptec.com/en-us/solutions/raid_levels.html A portable data storage device has been determined to have malicious firmware. Which of the following is the BEST course of action to ensure data confidentiality?"
Physically destroy the device
Perform virus scan in the device
Format the device
Re-image the device

Which of the following authentication concepts is a gait analysis MOST closely associated?
Somewhere you are
Something you do
Something you know
Something you are

Which of the following is an important step to take BEFORE moving any installation packages from a test environment to production? .
Archive and compress the files
Roll back changes in the test environment
Verify the hashes of files
Update the secure baseline

The Chief Security Officer (CISO) at a multinational banking corporation is reviewing a plan to upgrade the entire corporate IT infrastructure. The architecture consists of a centralized cloud environment hosting the majority of data, small server clusters at each corporate location to handle the majority of customer transaction processing, ATMs, and a new mobile banking application accessible from smartphones, tablets, and the Internet via HTTP. The corporation does business having varying data retention and privacy laws. Which of the following technical modifications to the architecture and corresponding security controls should be implemented to provide the MOST complete protection of data?
Install redundant servers to handle corporate customer processing, encrypt all customer data to ease the transfer from one country to another, implement endto- end encryption between mobile applications and the cloud.
Store customer data based on national borders, ensure end-to end encryption between ATMs, end users, and servers, test redundancy and COOP plans to ensure data is not inadvertently shifted from one legal jurisdiction to another with more stringent regulations
Revoke exiting root certificates, re-issue new customer certificates, and ensure all transactions are digitally signed to minimize fraud, implement encryption for data in-transit between data centers
Ensure all data is encryption according to the most stringent regulatory guidance applicable, implement encryption for data in-transit between data centers, increase data availability by replicating all data, transaction data, logs between each corporate location

A Chief Security Officer (CSO) has been unsuccessful in attempts to access the website for a potential partner (www.example.net). Which of the following rules is preventing the CSO from accessing the site? Blocked sites: *.nonews.com, *.rumorhasit.net, *.mars?
Rule 1: deny from inside to outside source any destination any service smtp
Rule 3: deny from inside to outside source any destination {blocked sites} service http-https
Rule 4: deny from any to any source any destination any service any
Rule 2: deny from inside to outside source any destination any service ping

A. in-house penetration tester has been asked to evade a new DLP system. The tester plans to exfiltrate data through steganography. Discovery of which of the following would help catch the tester in the act?
Unusual SFTP connections to a consumer IP address
Outgoing emails containing unusually large image files
Abnormally high numbers of outgoing instant messages that contain obfuscated text
Large-capacity USB drives on the tester's desk with encrypted zip files

GET PROVEN ADVICE FROM
100+ BEST BOOKS IN 1 BOOK

250 Top Work & Personal Skills Made Easy

The World's First & Only Encyclopedia of
Self Help, Self Improvement & Career Advice

250+ Easy-to-Follow Guides
5000+ Proven Tips
13 Types of Essential Skills

502 Pages | $3.99 | PDF / EPub, Kindle Ready



 
 
 




Please report any error in fatskills quizzes and questions to 'simpleversity at gmail.com'.

Without work one finishes nothing. - Ralph Waldo Emerson

© The Simple Project 2020