NEW QUESTION: 1

A company determines that it is prohibitively expensive to become compliant with new credit

card regulations. Instead, the company decides to purchase insurance to cover the cost of any

potential loss. Which of the following is the company doing?

A. Migrating the risk

B. Avoiding the risk

C. Transferring the risk

D. Accepting the risk

Answer: C

NEW QUESTION: 2

In terms of encrypting data, which of the following is BEST described as a way to safeguard

password data by adding random data to it in storage?

A. Implementing elliptical curve

B. Using hash algorithms

C. Using salt

D. Implementing PKI

Answer: C

NEW QUESTION: 3

To reduce disk consumption, an organization's legal department has recently approved a new

policy setting the data retention period for sent email at six months. Which of the following is the

BEST way to ensure this goal is met?

A. Implement automatic disk compression on email servers.

B. Configure the email server to delete the relevant emails.

C. Migrate the relevant emails into an "Archived" folder.

D. Create a daily encrypted backup of the relevant emails.

Answer: D

NEW QUESTION: 4

When configuring settings in a mandatory access control environment, which of the following

specifies the subjects that can access specific data objects?

A. Administrator

B. User

C. System

D. Owner

Answer: A

NEW QUESTION: 5

After a user reports slow computer performance, a system administrator detects a suspicious

file, which was installed as part of a freeware software package. The systems administrator reviews

the output below:

Based on the above information, which of the following types of malware was installed on the user's

computer?

A. Bot

B. RAT

C. Worm

D. Spyware

E. Keylogger

Answer: C

NEW QUESTION: 6

A botnet has hit a popular website with a massive number of GRE-encapsulated packets to

perform a DDoS attack. News outlets discover a certain type of refrigerator was exploited and used to

send outbound packets to the website that crashed. To which of the following categories does the

refrigerator belong?

A. SoC

B. IoT

C. MFD

D. ICS

Answer: B

https://www.lead2passexam.com/CompTIA/valid-SY0-501-exam-dumps.html

NEW QUESTION: 7

Which of the following cryptographic algorithms is irreversible?

A. SHA-256

B. RC4

C. DES

D. AES

Answer: A

NEW QUESTION: 8

Refer to the following code:

Which of the following vulnerabilities would occur if this is executed?

A. Page exception

B. NullPointerException

C. Missing null check

D. Pointer deference

Answer: C

NEW QUESTION: 9

A security analyst wants to harden the company's VoIP PBX. The analyst is worried that

credentials may be intercepted and compromised when IP phones authenticate with the BPX. Which

of the following would best prevent this from occurring?

A. Require SIPS on connections to the PBX.

B. Place the phones and PBX in their own VLAN.

C. Implement SRTP between the phones and the PBX.

D. Restrict the phone connections to the PBX.

Answer: A

NEW QUESTION: 10

An organization finds that most help desk calls are regarding account lockout due to a variety

of applications running on different systems. Management is looking for a solution to reduce the

number of account lockouts while improving security. Which of the following is the BEST solution for

this organization?

A. Utilize role-based access control.

B. Create multiple application accounts for each user.

C. Implement SSO.

D. Provide secure tokens.

Answer: C

NEW QUESTION: 11

A user is presented with the following items during the new-hire onboarding process:

-Laptop

-Secure USB drive

-Hardware OTP token

-External high-capacity HDD

-Password complexity policy

-Acceptable use policy

-HASP key

-Cable lock

Which of the following is one component of multifactor authentication?

A. Secure USB drive

B. Hardware OTP token

C. Cable lock

D. HASP key

Answer: B

NEW QUESTION: 12

A director of IR is reviewing a report regarding several recent breaches. The director compiles

the following statistic's

-Initial IR engagement time frame

-Length of time before an executive management notice went out

-Average IR phase completion

The director wants to use the data to shorten the response time. Which of the following would

accomplish this?

A. Containment phase

B. Escalation notifications

C. CSIRT

D. Tabletop exercise

Answer: D

https://www.examslabs.com/CompTIA/Security/best-SY0-501-exam-dumps.html