Question 1

A systems administrator is installing and configuring an application service that requires access to read and

write to log and configuration files on a local hard disk partition. The service must run as an account with

authorization to interact with the file system. Which of the following would reduce the attack surface added by

the service and account? (Choose two.)

Options :

A :

Use a unique managed service account.

B :

Utilize a generic password for authenticating.

C : Enable and review account audit logs.

D : Enforce least possible privileges for the account.

E : Add the account to the local administrators group.

F : Use a guest account placed in a non-privileged users group.

Answer: A,D

Question 2

A company has a data classification system with definitions for “Private” and “Public”. The company’s security

policy outlines how data should be protected based on type. The company recently added the data type

“Proprietary”.

Which of the following is the MOST likely reason the company added this data type?

Options :

A : Reduced cost

B : More searchable data

C : Better data classification

D :

Expanded authority of the privacy officer

Answer: C

Question 3

Given the output:

Which of the following account management practices should the security engineer use to mitigate the

identified risk?

Options :

A : Implement least privilege

B : Eliminate shared accounts.

C :

Eliminate password reuse.

D : Implement two-factor authentication

Answer: B

Question 4

An attacker is able to capture the payload for the following packet:

IP 192.168.1.22:2020 10.10.10.5:443

IP 192.168.1.10:1030 10.10.10.1:21

IP 192.168.1.57:5217 10.10.10.1:3389

During an investigation, an analyst discovers that the attacker was able to capture the information above and

use it to log on to other servers across the company. Which of the following is the MOST likely reason?

Options :

A :

The attacker has exploited a vulnerability that is commonly associated with TLS1.3.

B :

The application server is also running a web server that has been compromised.

C : The attacker is picking off unencrypted credentials and using those to log in to the secure server.

D : User accounts have been improperly configured to allow single sign-on across multiple servers.

Answer: C

Question 5

Which of the following is the GREATEST risk to a company by allowing employees to physically bring their

personal smartphones to work?

Options :

A :

Taking pictures of proprietary information and equipment in restricted areas.

B :

Installing soft token software to connect to the company-s wireless network.

C :

Company cannot automate patch management on personally-owned devices.

D : Increases the attack surface by having more target devices on the company-s campus

Answer: A

Higher Test Marks with Free Online SY0-501 Exam Practice

Buying Options: