Valid SY0-501 Dumps shared by ExamDiscuss.com for Helping Passing SY0-501 Exam! ExamDiscuss.com now offer the newest SY0-501 exam dumps, the ExamDiscuss.com SY0-501 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com SY0-501 dumps with Test Engine here:
Access SY0-501 Dumps Premium Version
(715 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 105/216
While reviewing the security controls in place for a web-based application, a security controls assessor notices that there are no password strength requirements in place. Because of this vulnerability, passwords might be easily discovered using a brute force attack.
Which of the following password requirements will MOST effectively improve the security posture of the application against these attacks? (Select two)
Which of the following password requirements will MOST effectively improve the security posture of the application against these attacks? (Select two)
Correct Answer: C,F
- Question List (216q)
- 1 commentQuestion 1: An audit takes place after company-wide restricting, in whic...
- Question 2: The IT department needs to prevent users from installing unt...
- Question 3: A penetration testing is preparing for a client engagement i...
- Question 4: Which of the following precautions MINIMIZES the risk from n...
- Question 5: A security analyst has been asked to perform a review of an ...
- Question 6: When generating a request for a new x.509 certificate for se...
- Question 7: An organization is moving its human resources system to a cl...
- Question 8: An organization relies heavily on an application that has a ...
- Question 9: When identifying a company's most valuable assets as part of...
- Question 10: An attacker compromises a public CA and issues unauthorized ...
- Question 11: A software development company needs to share information be...
- Question 12: A high-security defense installation recently begun utilizin...
- Question 13: An information system owner has supplied a new requirement t...
- Question 14: A system's administrator has finished configuring firewall A...
- Question 15: Which of the following would verify that a threat does exist...
- Question 16: During a monthly vulnerability scan, a server was flagged fo...
- Question 17: Which of the following AES modes of operation provide authen...
- Question 18: A technician suspects that a system has been compromised. Th...
- Question 19: An organization uses SSO authentication for employee access ...
- Question 20: The process of applying a salt and cryptographic hash to a p...
- Question 21: A company wants to ensure that the validity of publicly trus...
- Question 22: A company exchanges information with a business partner. An ...
- Question 23: An auditor is reviewing the following output from a password...
- Question 24: A security administrator is evaluating three different servi...
- Question 25: A senior incident response manager receives a call about som...
- Question 26: Before an infection was detected, several of the infected de...
- Question 27: When performing data acquisition on a workstation, which of ...
- Question 28: An organization is comparing and contrasting migration from ...
- Question 29: As part of a new industry regulation, companies are required...
- Question 30: An employee uses RDP to connect back to the office network. ...
- Question 31: A security administrator is developing training for corporat...
- Question 32: An organization finds that most help desk calls are regardin...
- Question 33: A security administrator determined that users within the co...
- Question 34: Adhering to a layered security approach, a controlled access...
- Question 35: Which of the following is an important step to take BEFORE m...
- Question 36: Which of the following attack types is being carried out whe...
- Question 37: An application developer is designing an application involvi...
- Question 38: Joe is exchanging encrypted email with another party. Joe en...
- Question 39: An organization is working with a cloud services provider to...
- Question 40: A system administrator wants to provide balance between the ...
- Question 41: An organization requires users to provide their fingerprints...
- Question 42: Malware that changes its binary pattern on specific dates at...
- Question 43: An administrator is replacing a wireless router. The configu...
- Question 44: A security administrator suspects that data on a server has ...
- Question 45: An organization is trying to decide which type of access con...
- Question 46: The security administrator has noticed cars parking just out...
- Question 47: Ann, a security administrator, has been instructed to perfor...
- Question 48: A consultant has been tasked to assess a client's network. T...
- Question 49: Which of the following specifically describes the exploitati...
- Question 50: A manager wants to distribute a report to several other mana...
- Question 51: An attack that is using interference as its main attack to i...
- Question 52: A black hat hacker is enumerating a network and wants to rem...
- Question 53: A malicious attacker has intercepted HTTP traffic and insert...
- Question 54: A security engineer is configuring a wireless network that m...
- Question 55: A security administrator is tasked with conducting an assess...
- Question 56: In terms of encrypting data, which of the following is BEST ...
- Question 57: An employer requires that employees use a key-generating app...
- Question 58: Which of the following would MOST likely appear in an uncred...
- Question 59: When configuring settings in a mandatory access control envi...
- Question 60: A computer on a company network was infected with a zero-day...
- Question 61: An information security specialist is reviewing the followin...
- Question 62: While performing surveillance activities, an attacker determ...
- Question 63: A security administrator suspects a MITM attack aimed at imp...
- Question 64: A security engineer is faced with competing requirements fro...
- Question 65: An analyst is reviewing a simple program for potential secur...
- Question 66: A security technician would like to obscure sensitive data w...
- Question 67: A workstation puts out a network request to locate another s...
- Question 68: An application team is performing a load-balancing test for ...
- Question 69: Which of the following is the summary of loss for a given ye...
- Question 70: A company wants to host a publicity available server that pe...
- Question 71: After a user reports stow computer performance, a systems ad...
- Question 72: Which of the following BEST describes an attack where commun...
- Question 73: A Security Officer on a military base needs to encrypt sever...
- Question 74: A website administrator has received an alert from an applic...
- Question 75: A wireless network uses a RADIUS server that is connected to...
- Question 76: A company wants to host a publicly available server that per...
- Question 77: Ann. An employee in the payroll department, has contacted th...
- Question 78: Having adequate lighting on the outside of a building is an ...
- Question 79: A software developer wants to ensure that the application is...
- Question 80: A Chief Executive Officer (CEO) suspects someone in the lab ...
- Question 81: A system administrator wants to provide for and enforce wire...
- Question 82: A security analyst is hardening a web server, which should a...
- Question 83: A systems administrator wants to protect data stored on mobi...
- Question 84: A system administrator needs to implement 802.1x whereby whe...
- Question 85: The chief Security Officer (CSO) has reported a rise in data...
- Question 86: A security team wants to establish an Incident Response plan...
- Question 87: Which of the following must be intact for evidence to be adm...
- Question 88: Ann a security analyst is monitoring the IDS console and not...
- Question 89: Which of the following should be used to implement voice enc...
- Question 90: During a recent audit, it was discovered that many services ...
- Question 91: A security administrator has been asked to implement a VPN t...
- Question 92: Which of the following attack types BEST describes a client-...
- Question 93: A technician must configure a firewall to block external DNS...
- Question 94: After an identified security breach, an analyst is tasked to...
- Question 95: A security analyst observes the following events in the logs...
- Question 96: Which of the following are the MAIN reasons why a systems ad...
- Question 97: A user clicked an email link that led to a website than infe...
- Question 98: A security analyst is performing a quantitative risk analysi...
- Question 99: A new intern in the purchasing department requires read acce...
- Question 100: A systems administrator is attempting to recover from a cata...
- Question 101: A company was recently audited by a third party. The audit r...
- Question 102: A vulnerability scanner that uses its running service's acce...
- Question 103: A company has a data classification system with definitions ...
- Question 104: A security analyst receives an alert from a WAF with the fol...
- Question 105: While reviewing the security controls in place for a web-bas...
- Question 106: A security analyst wants to harden the company's VoIP PBX. T...
- Question 107: Which of the following are methods to implement HA in a web ...
- Question 108: A Chief Information Officer (CIO) drafts an agreement betwee...
- Question 109: Anne, the Chief Executive Officer (CEO), has reported that s...
- Question 110: As part of the SDLC, a third party is hired to perform a pen...
- Question 111: Which of the following is the LEAST secure hashing algorithm...
- Question 112: A security consultant discovers that an organization is usin...
- Question 113: The SSID broadcast for a wireless router has been disabled b...
- Question 114: A company has three divisions, each with its own networks an...
- Question 115: Recently several employees were victims of a phishing email ...
- Question 116: Which of the following types of attacks precedes the install...
- Question 117: Which of the following best describes the initial processing...
- Question 118: A security administrator is tasked with implementing central...
- Question 119: A security analyst is hardening an authentication server. On...
- Question 120: A company hires a consulting firm to crawl its Active Direct...
- Question 121: A security administrator wishes to implement a secure a meth...
- Question 122: A company hires a third-party firm to conduct an assessment ...
- Question 123: A business has recently deployed laptops to all sales employ...
- Question 124: Joe, a user, wants to send Ann, another user, a confidential...
- Question 125: Joe notices there are several user accounts on the local net...
- Question 126: The availability of a system has been labeled as the highest...
- Question 127: A security administrator receives notice that a third-party ...
- Question 128: An organization wishes to provide better security for its na...
- Question 129: A product manager is concerned about continuing operations a...
- Question 130: A new firewall has been places into service at an organizati...
- Question 131: An organization needs to implement a large PKI. Network engi...
- Question 132: During a recent audit, it was discovered that several user a...
- Question 133: A systems administrator is reviewing the following informati...
- Question 134: Which of the following allows an application to securely aut...
- Question 135: Which of the following cryptographic attacks would salting o...
- Question 136: A network operations manager has added a second row of serve...
- Question 137: Which of the following is commonly used for federated identi...
- Question 138: Which of the following use the SSH protocol?...
- Question 139: To reduce disk consumption, an organization's legal departme...
- Question 140: A dumpster diver recovers several hard drives from a company...
- Question 141: A technician needs to implement a system which will properly...
- Question 142: During an application design, the development team specifics...
- Question 143: The Chief Technology Officer (CTO) of a company, Ann, is put...
- Question 144: A new hire wants to use a personally owned phone to access c...
- Question 145: A new security policy in an organization requires that all f...
- Question 146: An administrator is testing the collision resistance of diff...
- Question 147: A company researched the root cause of a recent vulnerabilit...
- Question 148: The administrator installs database software to encrypt each...
- Question 149: The firewall administrator is adding a new certificate for t...
- Question 150: Audit logs from a small company's vulnerability scanning sof...
- Question 151: A company is terminating an employee for misbehavior. Which ...
- Question 152: The Chief Executive Officer (CEO) of a major defense contrac...
- Question 153: Which of the following technologies would be MOST appropriat...
- Question 154: The data backup window has expanded into the morning hours a...
- Question 155: After a routine audit, a company discovers that engineering ...
- Question 156: A company would like to prevent the use of a known set of ap...
- Question 157: A security administrator has found a hash in the environment...
- Question 158: Phishing emails frequently take advantage of high-profile ca...
- Question 159: A network administrator at a small office wants to simplify ...
- Question 160: A security analyst is testing both Windows and Linux systems...
- Question 161: Which of the following is the proper way to quantify the tot...
- Question 162: Two users need to send each other emails over unsecured chan...
- Question 163: After a merger, it was determined that several individuals c...
- Question 164: Which of the following cryptographic algorithms is irreversi...
- Question 165: A network technician is trying to determine the source of an...
- Question 166: Which of the following occurs when the security of a web app...
- Question 167: A user has attempted to access data at a higher classificati...
- Question 168: A security administrator is configuring a new network segmen...
- Question 169: After correctly configuring a new wireless enabled thermosta...
- Question 170: Which of the following vulnerability types would the type of...
- Question 171: An attacker wearing a building maintenance uniform approache...
- Question 172: A company's user lockout policy is enabled after five unsucc...
- Question 173: A security administrator wants to implement a company-wide p...
- Question 174: A company is deploying a new VoIP phone system. They require...
- Question 175: A network technician is setting up a segmented network that ...
- Question 176: In an effort to reduce data storage requirements, some compa...
- Question 177: A manager suspects that an IT employee with elevated databas...
- Question 178: A system administrator is configuring a site-to-site VPN tun...
- Question 179: Which of the following network vulnerability scan indicators...
- Question 180: Which of the following technologies employ the use of SAML? ...
- Question 181: An organization wants to conduct secure transactions of larg...
- Question 182: An attacker captures the encrypted communication between two...
- Question 183: The chief security officer (CS0) has issued a new policy tha...
- Question 184: When considering a third-party cloud service provider, which...
- Question 185: An organization's file server has been virtualized to reduce...
- Question 186: Which of the following can affect electrostatic discharge in...
- Question 187: A user suspects someone has been accessing a home network wi...
- Question 188: A penetration tester finds that a company's login credential...
- Question 189: A security administrator needs to implement a system that de...
- Question 190: An administrator intends to configure an IPSec solution that...
- Question 191: A user is presented with the following items during the new-...
- Question 192: An administrator discovers the following log entry on a serv...
- Question 193: Joe, the security administrator, sees this in a vulnerabilit...
- Question 194: Many employees are receiving email messages similar to the o...
- Question 195: Which of the following would meet the requirements for multi...
- Question 196: Which of the following is the GREATEST risk to a company by ...
- Question 197: A director of IR is reviewing a report regarding several rec...
- Question 198: An analyst wants to implement a more secure wireless authent...
- Question 199: A supervisor in your organization was demoted on Friday afte...
- Question 200: Two users need to securely share encrypted files via email. ...
- Question 201: Joe a website administrator believes he owns the intellectua...
- Question 202: A development team has adopted a new approach to projects in...
- Question 203: A Chief Security Officer (CSO) has been unsuccessful in atte...
- Question 204: During a data breach cleanup, it is discovered that not all ...
- Question 205: Joe, a technician, is working remotely with his company prov...
- Question 206: A security analyst is reviewing the following packet capture...
- Question 207: An auditor has identified an access control system that can ...
- Question 208: A company is developing a new secure technology and requires...
- Question 209: Which of the following cryptography algorithms will produce ...
- Question 210: A security program manager wants to actively test the securi...
- Question 211: Joe, a security administrator, needs to extend the organizat...
- Question 212: When systems, hardware, or software are not supported by the...
- Question 213: An attacker uses a network sniffer to capture the packets of...
- Question 214: An incident responder receives a call from a user who report...
- Question 215: Ann, a college professor, was recently reprimanded for posti...
- Question 216: A network administrator is attempting to troubleshoot an iss...
