A. Misconfigured devices B. Logs and events anomalies C. Authentication issues D. Unauthorized software Answer: D Explanation: QUESTION NO: 440 CompTIA SY0-501 Exam "Pass Any Exam. Any Time." - 291
A security administrator is diagnosing a server where the CPU utilization is at 100% for 24 hours. The main culprit of CPU utilization is the antivirus program. Which of the following issue could occur if left unresolved? (Select TWO) A. MITM attack B. DoS attack C. DLL injection D. Buffer overflow E. Resource exhaustion Answer: B,E Explanation: QUESTION NO: 441 Which of the following is used to validate the integrity of data? A. CBC B. Blowfish C. MD5 D. RSA Answer: C Explanation: CompTIA SY0-501 Exam "Pass Any Exam. Any Time." - 292
QUESTION NO: 442 A user typically works remotely over the holidays using a web-based VPN to access corporate resources. The user reports getting untrusted host errors and being unable to connect. Which of the following is MOST likely the cause? A. The certificate has expired B. The browser does not support SSL C. The user's account is locked out D. The VPN software has reached the seat license maximum Answer: A Explanation: QUESTION NO: 443 When it comes to cloud computing, if one of the requirements for a project is to have the most control over the systems in the cloud, which of the following is a service model that would be BEST suited for this goal? A. Infrastructure B. Platform C. Software D. Virtualization Answer: A Explanation: CompTIA SY0-501 Exam "Pass Any Exam. Any Time." - 293
QUESTION NO: 444 A security analyst is acquiring data from a potential network incident. Which of the following evidence is the analyst MOST likely to obtain to determine the incident? A. Volatile memory capture B. Traffic and logs C. Screenshots D. System image capture Answer: B Explanation: QUESTION NO: 445 A cybersecurity analyst is looking into the payload of a random packet capture file that was selected for analysis. The analyst notices that an internal host had a socket established with another internal host over a non-standard port. Upon investigation, the origin host that initiated the socket shows this output: CompTIA SY0-501 Exam "Pass Any Exam. Any Time." - 294
Given the above output, which of the following commands would have established the questionable socket? A. traceroute 18.104.22.168 B. ping -1 30 22.214.171.124 -a 600 C. nc -1 192.168.5.1 -p 9856 D. pskill pid 9487 Answer: C Explanation: QUESTION NO: 446 A security administrator has written a script that will automatically upload binary and text-based configuration files onto a remote server using a scheduled task. The configuration files contain sensitive information. Which of the following should the administrator use? (Select TWO) A. TOPT B. CompTIA SY0-501 Exam "Pass Any Exam. Any Time." - 295
You've reached the end of your free preview.
Want to read all 401 pages?
- Fall '19