C a digital certificate on a physical token that is

This preview shows page 492 - 497 out of 513 pages.

C. A digital certificate on a physical token that is unlocked with a secret passcode. D. A one-time password token combined with a proximity badge. Answer: D Explanation: QUESTION NO: 779 A company recently installed fingerprint scanners at all entrances to increase the facility’s security. The scanners were installed on Monday morning, and by the end of the week it was determined CompTIA SY0-501 Exam "Pass Any Exam. Any Time." - 492
that 1.5% of valid users were denied entry. Which of the following measurements do these users fall under? A. FRR B. FAR C. CER D. SLA Answer: A Explanation: QUESTION NO: 780 An attacker has obtained the user ID and password of a datacenter’s backup operator and has gained access to a production system. Which of the following would be the attacker's NEXT action? A. Perform a passive reconnaissance of the network. B. Initiate a confidential data exfiltration process. C. Look for known vulnerabilities to escalate privileges. D. Create an alternate user ID to maintain persistent access. Answer: B Explanation: QUESTION NO: 781 CompTIA SY0-501 Exam "Pass Any Exam. Any Time." - 493
An organization’s IRP prioritizes containment over eradication. An incident has been discovered where an attacker outside of the organization has installed cryptocurrency mining software on the organization’s web servers. Given the organization’s stated priorities, which of the following would be the NEXT step? A. Remove the affected servers from the network. B. Review firewall and IDS logs to identify possible source IPs. C. Identify and apply any missing operating system and software patches. D. Delete the malicious software and determine if the servers must be reimaged. Answer: B Explanation: QUESTION NO: 782 During a security audit of a company's network, unsecure protocols were found to be in use. A network administrator wants to ensure browser-based access to company switches is using the most secure protocol. Which of the following protocols should be implemented? A. SSH2 B. TLS1.2 C. SSL1.3 D. SNMPv3 Answer: B Explanation: CompTIA SY0-501 Exam "Pass Any Exam. Any Time." - 494
QUESTION NO: 783 While monitoring the SIEM, a security analyst observes traffic from an external IP to an IP address of the business network on port 443. Which of the following protocols would MOST likely cause this traffic? A. HTTP B. SSH C. SSL D. DNS Answer: C Explanation: QUESTION NO: 784 A technician is required to configure updates on a guest operating system while maintaining the ability to quickly revert the changes that were made while testing the updates. Which of the following should the technician implement? A. Snapshots B. Revert to known state C. Rollback to known configuration D. Shadow copy Answer: A Explanation: CompTIA SY0-501 Exam "Pass Any Exam. Any Time." - 495
QUESTION NO: 785 A technician is investigating a report of unusual behavior and slow performance on a company- owned laptop. The technician runs a command and reviews the following information: Based on the above information, which of the following types of malware should the technician report?

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture