Package deal
SY0-501 TEST COMPILATION BUNDLE
SY0-501 TEST COMPILATION BUNDLE
[Show more]SY0-501 TEST COMPILATION BUNDLE
[Show more]Which of of the following BEST describes an important security advantages yielded by implementing vendor diversity? CORRECT ANSWERS: Resiliency 
 
A botnet has hit a popular website with a massive number of GRE-encapsulated packets to perform a DDoS attack. News outlets discover a certain type of r...
Preview 4 out of 31 pages
Add to cartWhich of of the following BEST describes an important security advantages yielded by implementing vendor diversity? CORRECT ANSWERS: Resiliency 
 
A botnet has hit a popular website with a massive number of GRE-encapsulated packets to perform a DDoS attack. News outlets discover a certain type of r...
Which category of IDS might increase logging activities, disable a service, or close a port as a response to a detected security branch? CORRECT ANSWERS: Active Detection 
 
Which port number does SSH use? CORRECT ANSWERS: Port 22 
 
Which port number is used by SMB? CORRECT ANSWERS: TCP port 445...
Preview 4 out of 37 pages
Add to cartWhich category of IDS might increase logging activities, disable a service, or close a port as a response to a detected security branch? CORRECT ANSWERS: Active Detection 
 
Which port number does SSH use? CORRECT ANSWERS: Port 22 
 
Which port number is used by SMB? CORRECT ANSWERS: TCP port 445...
arp - s 192.168.1.1 00-3a-d1-fa-b1-06 CORRECT ANSWERS: A security administrator wants to implement a logon script that will prevent MITM attacks on the local LAN. 
Which of the following commands should the security administrator implement within the script to accomplish 
this task? 
 
A. arp - s 1...
Preview 4 out of 61 pages
Add to cartarp - s 192.168.1.1 00-3a-d1-fa-b1-06 CORRECT ANSWERS: A security administrator wants to implement a logon script that will prevent MITM attacks on the local LAN. 
Which of the following commands should the security administrator implement within the script to accomplish 
this task? 
 
A. arp - s 1...
Confidentialty CORRECT ANSWERS: Prevents the unauthorized disclosure of data to any any unauthorized personnel 
 
Encryption CORRECT ANSWERS: Scrambles data to make it unreadable by unauthorized personnel 
 
Identification CORRECT ANSWERS: Users claim an identity with a unique username 
 
Authent...
Preview 4 out of 32 pages
Add to cartConfidentialty CORRECT ANSWERS: Prevents the unauthorized disclosure of data to any any unauthorized personnel 
 
Encryption CORRECT ANSWERS: Scrambles data to make it unreadable by unauthorized personnel 
 
Identification CORRECT ANSWERS: Users claim an identity with a unique username 
 
Authent...
Explain SFTP CORRECT ANSWERS: SFTP or Secure FTP uses SSH to harden FTP. Uses SSH TCP Port 22. 
 
What is the difference between Recovery Time Objective and Recovery Point objective? CORRECT ANSWERS: Recovery Time Objective is the the target for how long it takes to get a system back online while ...
Preview 2 out of 15 pages
Add to cartExplain SFTP CORRECT ANSWERS: SFTP or Secure FTP uses SSH to harden FTP. Uses SSH TCP Port 22. 
 
What is the difference between Recovery Time Objective and Recovery Point objective? CORRECT ANSWERS: Recovery Time Objective is the the target for how long it takes to get a system back online while ...
What is malware? CORRECT ANSWERS: malicious software 
 
What are the types and methods of Malware? CORRECT ANSWERS: 1. Viruses 
2. Crypto-malware, Ransomware 
3. Worms 
4. Trojan Horse 
5. Rootkit 
6. Keylogger 
7. Adware/Spyware 
8. Botnet 
 
What is the CIA of computer security? CORRECT ANSWERS...
Preview 1 out of 3 pages
Add to cartWhat is malware? CORRECT ANSWERS: malicious software 
 
What are the types and methods of Malware? CORRECT ANSWERS: 1. Viruses 
2. Crypto-malware, Ransomware 
3. Worms 
4. Trojan Horse 
5. Rootkit 
6. Keylogger 
7. Adware/Spyware 
8. Botnet 
 
What is the CIA of computer security? CORRECT ANSWERS...
Which option is not a well-known personal cloud service? CORRECT ANSWERS: Kali. 
 
Which system should be used in medium to larger organizations to manage mobile app software? CORRECT ANSWERS: MDM. 
 
Which statement is false concerning personnel issues? CORRECT ANSWERS: Safely terminate employee...
Preview 1 out of 2 pages
Add to cartWhich option is not a well-known personal cloud service? CORRECT ANSWERS: Kali. 
 
Which system should be used in medium to larger organizations to manage mobile app software? CORRECT ANSWERS: MDM. 
 
Which statement is false concerning personnel issues? CORRECT ANSWERS: Safely terminate employee...
What is HIDS? CORRECT ANSWERS: Host-based Intrusion Detection System 
 
What is a personal firewall? CORRECT ANSWERS: an application that protects an individual computer from unwanted Internet traffic, by way of a set of rules and policies 
 
What is a pop-up blocker? CORRECT ANSWERS: An applicat...
Preview 1 out of 2 pages
Add to cartWhat is HIDS? CORRECT ANSWERS: Host-based Intrusion Detection System 
 
What is a personal firewall? CORRECT ANSWERS: an application that protects an individual computer from unwanted Internet traffic, by way of a set of rules and policies 
 
What is a pop-up blocker? CORRECT ANSWERS: An applicat...
System hardening CORRECT ANSWERS: Is the process of implementing security controls on a computer system 
 
Web server hardening configuration 
> 4 considerations CORRECT ANSWERS: 1. prevent information leakage 
2. permissions 
3. configure SSL certificate to encrypt communications 
4. viewab...
Preview 1 out of 2 pages
Add to cartSystem hardening CORRECT ANSWERS: Is the process of implementing security controls on a computer system 
 
Web server hardening configuration 
> 4 considerations CORRECT ANSWERS: 1. prevent information leakage 
2. permissions 
3. configure SSL certificate to encrypt communications 
4. viewab...
race condition CORRECT ANSWERS: A state where two subjects can access the same object without proper mediation 
 
end-of-life vulnerabilities CORRECT ANSWERS: device, component, software is no longer supported by vendor, thus no longer getting security patches 
 
Embedded System CORRECT ANSWERS: ...
Preview 1 out of 2 pages
Add to cartrace condition CORRECT ANSWERS: A state where two subjects can access the same object without proper mediation 
 
end-of-life vulnerabilities CORRECT ANSWERS: device, component, software is no longer supported by vendor, thus no longer getting security patches 
 
Embedded System CORRECT ANSWERS: ...
Which development tool features tracks code changes? CORRECT ANSWERS: Version control. 
 
You team is developing a secured web service. 
What should be established to detect deviations from normal configurations that can affect security. CORRECT ANSWERS: Secure Baseline. 
 
A technician installs ...
Preview 1 out of 2 pages
Add to cartWhich development tool features tracks code changes? CORRECT ANSWERS: Version control. 
 
You team is developing a secured web service. 
What should be established to detect deviations from normal configurations that can affect security. CORRECT ANSWERS: Secure Baseline. 
 
A technician installs ...
Which client-server protocol enables a remote access server to communicate with a central server to authenticate dial-in users and authorize their access to systems? CORRECT ANSWERS: RADIUS 
 
Which Kerberos-trusted third party service, familiar with all systems and trusted by all, guarantees priva...
Preview 1 out of 2 pages
Add to cartWhich client-server protocol enables a remote access server to communicate with a central server to authenticate dial-in users and authorize their access to systems? CORRECT ANSWERS: RADIUS 
 
Which Kerberos-trusted third party service, familiar with all systems and trusted by all, guarantees priva...
acceptable use policy/rules of behavior CORRECT ANSWERS: agreed-upon principles set forth by a company to govern how the employees of that company may use resource such a computers and internet access. 
 
ALE CORRECT ANSWERS: annual loss expectancy - a calculation used to identify risks and calcul...
Preview 2 out of 6 pages
Add to cartacceptable use policy/rules of behavior CORRECT ANSWERS: agreed-upon principles set forth by a company to govern how the employees of that company may use resource such a computers and internet access. 
 
ALE CORRECT ANSWERS: annual loss expectancy - a calculation used to identify risks and calcul...
You're the chief security contact for MTS. One of your Primary tasks is to document everything related to security and create a manual that can be used to manage the company in your absence. Which documents should be referenced in your manual as the ones that identify the methods used to accomplish...
Preview 4 out of 47 pages
Add to cartYou're the chief security contact for MTS. One of your Primary tasks is to document everything related to security and create a manual that can be used to manage the company in your absence. Which documents should be referenced in your manual as the ones that identify the methods used to accomplish...
Which device relieves the CPU from encryption and decryption processing? 
 
A. HSM 
B. TPM 
C. SSL 
D. SED CORRECT ANSWERS: A. HSM 
 
A technician installs a Linux virtual machine from the installation media and then applies the latest operating system patches. 
What else should be done to harden t...
Preview 1 out of 3 pages
Add to cartWhich device relieves the CPU from encryption and decryption processing? 
 
A. HSM 
B. TPM 
C. SSL 
D. SED CORRECT ANSWERS: A. HSM 
 
A technician installs a Linux virtual machine from the installation media and then applies the latest operating system patches. 
What else should be done to harden t...
3DES CORRECT ANSWERS: Triple Digital Encryption Standard. A symmetric algorithm used to encrypt data and provide confidentiality. It is a block cipher that encrypts data in 64-bit blocks. 
 
AAA CORRECT ANSWERS: Authentication, authorization, and accounting. A group of technologies used in remote ...
Preview 4 out of 40 pages
Add to cart3DES CORRECT ANSWERS: Triple Digital Encryption Standard. A symmetric algorithm used to encrypt data and provide confidentiality. It is a block cipher that encrypts data in 64-bit blocks. 
 
AAA CORRECT ANSWERS: Authentication, authorization, and accounting. A group of technologies used in remote ...
Cloud Computing CORRECT ANSWERS: A system in which all computer programs and data is stored on a central server owned by a company (e.g. Google) and accessed virtually 
 
Hyperconvergence CORRECT ANSWERS: Allows providers to fully integrate the storage, network, and servers 
 
VDI CORRECT ANSWERS...
Preview 1 out of 2 pages
Add to cartCloud Computing CORRECT ANSWERS: A system in which all computer programs and data is stored on a central server owned by a company (e.g. Google) and accessed virtually 
 
Hyperconvergence CORRECT ANSWERS: Allows providers to fully integrate the storage, network, and servers 
 
VDI CORRECT ANSWERS...
Which of the following should risk assessments be based upon as a best practice? 
 
A. A quantitative measurement of risk and impact and asset value 
 
B. An absolute measurement of threats 
 
C. A qualitative measurement of risk and impact 
 
D. A survey of annual loss and potential threats and ass...
Preview 4 out of 72 pages
Add to cartWhich of the following should risk assessments be based upon as a best practice? 
 
A. A quantitative measurement of risk and impact and asset value 
 
B. An absolute measurement of threats 
 
C. A qualitative measurement of risk and impact 
 
D. A survey of annual loss and potential threats and ass...
Virus CORRECT ANSWERS: A piece of malicious code that replicates by attaching itself to another piece of executable code. Two types -- boot sector and program. 
 
Note that an Armored Virus employs encryption 
 
Crypto-malware CORRECT ANSWERS: An early name given to malware that encrypts files on ...
Preview 2 out of 15 pages
Add to cartVirus CORRECT ANSWERS: A piece of malicious code that replicates by attaching itself to another piece of executable code. Two types -- boot sector and program. 
 
Note that an Armored Virus employs encryption 
 
Crypto-malware CORRECT ANSWERS: An early name given to malware that encrypts files on ...
Authentication CORRECT ANSWERS: When a person's identity is established with proof and confirmed by a system 
 
Authorization CORRECT ANSWERS: When a user is given access to certain data or areas of a building 
 
Accounting CORRECT ANSWERS: The tracking of data, computer usage, and network resou...
Preview 1 out of 4 pages
Add to cartAuthentication CORRECT ANSWERS: When a person's identity is established with proof and confirmed by a system 
 
Authorization CORRECT ANSWERS: When a user is given access to certain data or areas of a building 
 
Accounting CORRECT ANSWERS: The tracking of data, computer usage, and network resou...
Use Case CORRECT ANSWERS: A goal that an organization wants to achieve. (Chp. 1) 
 
Confidentiality CORRECT ANSWERS: Prevents the unauthorized disclosure of data. It ensures that data is only viewable by authorized users. (Chp. 1) 
 
What is the CIA triad? CORRECT ANSWERS: Confidentiality, Integr...
Preview 4 out of 45 pages
Add to cartUse Case CORRECT ANSWERS: A goal that an organization wants to achieve. (Chp. 1) 
 
Confidentiality CORRECT ANSWERS: Prevents the unauthorized disclosure of data. It ensures that data is only viewable by authorized users. (Chp. 1) 
 
What is the CIA triad? CORRECT ANSWERS: Confidentiality, Integr...
Reasons for successful cyber attacks 
-Widespread vulnerabilities common in hardware and software. 
-Configuration issues 
-Poorly designed software 
-Hardware limitations 
-Enterprise-based issues (commonplace actions that are routinely performed at a company) 
 
What is an end-of-life systems? 
Ve...
Preview 1 out of 2 pages
Add to cartReasons for successful cyber attacks 
-Widespread vulnerabilities common in hardware and software. 
-Configuration issues 
-Poorly designed software 
-Hardware limitations 
-Enterprise-based issues (commonplace actions that are routinely performed at a company) 
 
What is an end-of-life systems? 
Ve...
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Stuvia is a marketplace, so you are not buying this document from us, but from seller Classroom. Stuvia facilitates payment to the seller.
No, you only buy these notes for $40.49. You're not tied to anything after your purchase.
4.6 stars on Google & Trustpilot (+1000 reviews)
81113 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now