Sy0 501 questions - Study guides, Class notes & Summaries

CompTIA Security+ (SY0-501) Multiple Choice Exam Questions And Answers 100% Pass. You're the chief security contact for MTS. One of your Primary tasks is to document everything related to security and create a manual that can be used to manage the company in your absence. Which documents should be referenced in your manual as the ones that identify the methods used to accomplish a given task? A. Policies B. Standards C. Guidelines D. BIA - answerC. Guidelines help clarify processes ...

CompTIA SY0-501 CompTIA SY0-501 Exam Actual Questions Exam CompTIA SY0-501 CompTIA SY0-501 Exam Actual Questions Exam When identifying a company's most valuable assets as part of a BIA, which of the following should be the FIRST priority? A. Life B. Intellectual property C. Sensitive data D. Public reputation A. Life A company's user lockout policy is enabled after five unsuccessful login attempts. The help desk notices a user is repeatedly locked out over the course of a work...

Use Case CORRECT ANSWERS: A goal that an organization wants to achieve. (Chp. 1) Confidentiality CORRECT ANSWERS: Prevents the unauthorized disclosure of data. It ensures that data is only viewable by authorized users. (Chp. 1) What is the CIA triad? CORRECT ANSWERS: Confidentiality, Integrity, Availability (Chp.1) What does PII stand for? CORRECT ANSWERS: Personally Identifiable Information (Chp.1) Access Controls use _________, __________, and _________ combined to provide acce...

3DES CORRECT ANSWERS: Triple Digital Encryption Standard. A symmetric algorithm used to encrypt data and provide confidentiality. It is a block cipher that encrypts data in 64-bit blocks. AAA CORRECT ANSWERS: Authentication, authorization, and accounting. A group of technologies used in remote access systems. Authentication verifies a user's identification. Authorization determines if a user should have access. Accounting tracks a user's access with logs. Sometimes called AAAs of security...

Which of the following should risk assessments be based upon as a best practice? A. A quantitative measurement of risk and impact and asset value B. An absolute measurement of threats C. A qualitative measurement of risk and impact D. A survey of annual loss and potential threats and asset value CORRECT ANSWERS: A. A quantitative measurement of risk and impact and asset value A risk management concept where operations resume at some capacity, despite the presence of a failure, i...

You're the chief security contact for MTS. One of your Primary tasks is to document everything related to security and create a manual that can be used to manage the company in your absence. Which documents should be referenced in your manual as the ones that identify the methods used to accomplish a given task? A. Policies B. Standards C. Guidelines D. BIA CORRECT ANSWERS: C. Guidelines help clarify processes to maintain standards. Guidelines tend to be less formal than policies or stan...

You're the chief security contact for MTS. One of your Primary tasks is to document everything related to security and create a manual that can be used to manage the company in your absence. Which documents should be referenced in your manual as the ones that identify the methods used to accomplish a given task? A. Policies B. Standards C. Guidelines D. BIA - C. Guidelines help clarify processes to maintain standards. Guidelines tend to be less formal than policies or standards. Consid...

Explain SFTP CORRECT ANSWERS: SFTP or Secure FTP uses SSH to harden FTP. Uses SSH TCP Port 22. What is the difference between Recovery Time Objective and Recovery Point objective? CORRECT ANSWERS: Recovery Time Objective is the the target for how long it takes to get a system back online while Recovery Point Objective is how far back the recovery needs to go (Example: Server backups contain can go back 1 month). What are the two purposes of a proxy? CORRECT ANSWERS: Filtering and monito...

Virus CORRECT ANSWERS: A piece of malicious code that replicates by attaching itself to another piece of executable code. Two types -- boot sector and program. Note that an Armored Virus employs encryption Crypto-malware CORRECT ANSWERS: An early name given to malware that encrypts files on a system and then leaves them unusable either permanently, acting as a denial of service, or temporarily until a ransom is paid. EX: WannaCry was an example of this Ransomware CORRECT ANSWERS: ...