Lead2pass 2018 100% Real SY0-501 Exam Questions:
https://www.lead2pass.com/sy0-501.html
QUESTION 31
Which of the following characteristics differentiate a rainbow table attack from a brute force attack? (Select TWO).
A. Rainbow table attacks greatly reduce compute cycles at attack time.
B. Rainbow tables must include precompiled hashes.
C. Rainbow table attacks do not require access to hashed passwords.
D. Rainbow table attacks must be performed on the network.
E. Rainbow table attacks bypass maximum failed login restrictions.
Answer: BE
QUESTION 32
Which of the following BEST describes a routine in which semicolons, dashes, quotes, and commas are removed from a string?
A. Error handling to protect against program exploitation
B. Exception handling to protect against XSRF attacks
C. Input validation to protect against SQL injection
D. Padding to protect against string buffer overflows
Answer: C
QUESTION 33
Which of the following is an important step to take BEFORE moving any installation packages from a test environment to production?
A. Roll back changes in the test environment
B. Verify the hashes of files
C. Archive and compress the files
D. Update the secure baseline
Answer: A
QUESTION 34
Which of the following cryptographic attacks would salting of passwords render ineffective?
A. Brute force
B. Dictionary
C. Rainbow tables
D. Birthday
Answer: B
QUESTION 35
A network administrator wants to implement a method of securing internal routing.
Which of the following should the administrator implement?
A. DMZ
B. NAT
C. VPN
D. PAT
Answer: C
QUESTION 36
Which of the following types of keys is found in a key escrow?
A. Public
B. Private
C. Shared
D. Session
Answer: D
QUESTION 37
A senior incident response manager receives a call about some external IPs communicating with internal computers during off hours. Which of the following types of malware is MOST likely causing this issue?
A. Botnet
B. Ransomware
C. Polymorphic malware
D. Armored virus
Answer: A
QUESTION 38
A company is currently using the following configuration:
* IAS server with certificate-based EAP-PEAP and MSCHAP
* Unencrypted authentication via PAP
A security administrator needs to configure a new wireless setup with the following configurations:
* PAP authentication method
* PEAP and EAP provide two-factor authentication
Which of the following forms of authentication are being used? (Select TWO).
A. PAP
B. PEAP
C. MSCHAP
D. PEAP-MSCHAP
E. EAP
F. EAP-PEAP
Answer: AF
QUESTION 39
A security administrator is trying to encrypt communication. For which of the following reasons should administrator take advantage of the Subject Alternative Name (SAM) attribute of a certificate?
A. It can protect multiple domains
B. It provides extended site validation
C. It does not require a trusted certificate authority
D. It protects unlimited subdomains
Answer: B
QUESTION 40
After a merger between two companies a security analyst has been asked to ensure that the organization’s systems are secured against infiltration by any former employees that were terminated during the transition.
Which of the following actions are MOST appropriate to harden applications against infiltration by former employees? (Select TWO)
A. Monitor VPN client access
B. Reduce failed login out settings
C. Develop and implement updated access control policies
D. Review and address invalid login attempts
E. Increase password complexity requirements
F. Assess and eliminate inactive accounts
Answer: CF
SY0-501 dumps full version (PDF&VCE): https://www.lead2pass.com/sy0-501.html
Large amount of free SY0-501 exam questions on Google Drive: https://drive.google.com/open?id=1Hm6GQHDVOsEnyhNf3EHqIGEtor5IUsfu
You may also need:
SY0-401 exam dumps: https://drive.google.com/open?id=0B3Syig5i8gpDLXZsWm9MWmh0a0E