SY0-501 Exam Dumps | An attacker is able to capture the payload for the following packet: IP 192.168.1.22:2020 10.10.10.5:443

<< Prev Question Next Question >>

Question 217/250

An attacker is able to capture the payload for the following packet:
IP 192.168.1.22:2020 10.10.10.5:443
IP 192.166.1.10:1030 10.10.10.1:21
IP 192.168.1.57:5217 10.10.10.1:3389
During an investigation, an analyst discovers that the attacker was able to capture the information above and use it to log on to other servers across the company. Which of the following is the MOST likely reason?

A. The application server is also running a web server that has been compromised.

B. The attacker is picking off unencrypted credentials and using those to log in to the secure server.

C. User accounts have been improperly configured to allow single sign-on across multiple servers.

D. The attacker has exploited a vulnerability that is commonly associated with TLS1.3.

Question List (250q): Question 1: The IT department's on-site developer has been with the team...; Question 2: A security administrator learns that Pll, which was gathered...; Question 3: A technician is investigating a report of unusual behavior a...; Question 4: A systems administrator performing routine maintenance notic...; Question 5: A security analyst runs a monthly file integrity check on th...; Question 6: Which of the following BEST explains the reason why a server...; Question 7: Which of the following access management concepts is MOST cl...; Question 8: Which of the following is an example of the second A in the ...; Question 9: An analyst is reviewing the following web-server log after r...; Question 10: A large organization has recently noticed an increase in the...; Question 11: A security analyst is determining the point of compromise af...; Question 12: An organization is updating its access control standards for...; Question 13: A company's MOM policy outlines the following requirements: ...; Question 14: A security consultant is analyzing data from a recent compro...; Question 15: A vulnerability assessment report will include the CVSS scor...; Question 16: While reviewing system logs, a security analyst notices that...; Question 17: Which of the following control types are alerts sent from a ...; Question 18: Given the information below: MD5HASH document.doc 049eab40fd...; Question 19: A security administrator is reviewing the following informat...; Question 20: A network administrator is trying to provide the most resili...; Question 21: Which of the following serves to warn users against download...; Question 22: A systems administrator wants to enforce the use of HTTPS on...; Question 23: A Chief Information Security Officer (CISO) asks the securit...; Question 24: A systems administrator has been assigned to create accounts...; Question 25: A penetration tester is testing passively for vulnerabilitie...; Question 26: Which of the following cloud models is used to share resourc...; Question 27: Which of the following BEST describes a defense-in-depth str...; Question 28: A security analyst is emailing PII in a spreadsheet file to ...; Question 29: A company is deploying a wireless network. It is a requireme...; Question 30: When an initialization vector is added to each encryption cy...; Question 31: An organization wants to control user accounts and privilege...; Question 32: A network administrator is brute forcing accounts through a ...; Question 33: A recent audit uncovered a key finding regarding the use of ...; Question 34: A security engineer wants to add SSL to the public web serve...; Question 35: A company recently experienced a security breach. The securi...; Question 36: A security administrator needs to create a RAID configuratio...; Question 37: The president of a company that specializes in military cont...; Question 38: Exercising various programming responses for the purpose of ...; Question 39: A security administrator wants to determine if a company's w...; Question 40: A company recently installed fingerprint scanners at all ent...; Question 41: An organization's research department uses workstations in a...; Question 42: Ann. a user, reported to the service desk that many files on...; Question 43: A technician needs lo document which application versions ar...; Question 44: Which of the following BEST distinguishes Agile development ...; Question 45: Which of the following enables a corporation to extend local...; Question 46: Which of the following is the BEST example of a reputation i...; Question 47: A developer is creating a new web application on a public cl...; Question 48: An authorized user is conducting a penetration scan of a sys...; Question 49: A law firm wants to protect its customers' individual inform...; Question 50: Which of the following involves the use of targeted and high...; Question 51: During the penetration testing of an organization, the teste...; Question 52: Which of the following BEST explains 'likelihood of occurren...; Question 53: After running an online password cracking tool, an attacker ...; Question 54: A manufacturing company updates a policy that instructs empl...; Question 55: An attacker has gained control of several systems on the Int...; Question 56: A systems administrator is implementing a remote access meth...; Question 57: A security analyst wants to verify that a client-server (non...; Question 58: A technician is evaluating a security appliance solution. Th...; Question 59: An email systems administrator is configuring the mail serve...; Question 60: A member of the IR team has identified an infected computer ...; Question 61: An organization's policy requires users to create passwords ...; Question 62: Smart home devices that ate always on or connected, such as ...; Question 63: A user received an SMS on a mobile phone that asked for bank...; Question 64: A security analyst recommends implementing SSL for an existi...; Question 65: A security administrator is reviewing the following firewall...; Question 66: Select the appropriate attack and remediation from each drop...; Question 67: Which of the following implements a stream cipher?...; Question 68: An application developer is working on a new calendar and sc...; Question 69: Which of the following would MOST likely support the integri...; Question 70: A junior systems administrator noticed that one of two hard ...; Question 71: After a business performed a risk assessment, the current RP...; Question 72: Which of the following physical security controls is MOST ef...; Question 73: You have been tasked with designing a security plan for your...; Question 74: Confidential corporate data was recently stolen by an attack...; Question 75: A network administrator needs to restrict the users of the c...; Question 76: An organization wants to implement a solution that allows fo...; Question 77: A company is determining where to host a hot site, and one o...; Question 78: A security analyst just discovered that developers have acce...; Question 79: Which of the following has a direct impact on whether a comp...; Question 80: A security analyst receives the following output: Which of t...; Question 81: A network administrator has been alerted that web pages are ...; Question 82: An organization wants to set up a wireless network in the mo...; Question 83: An administrator performs a workstation audit and finds one ...; Question 84: A Chief Security Officer's (CSO's) key priorities are to imp...; Question 85: A newly hired Chief Security Officer (CSO) is reviewing the ...; Question 86: A technician is configuring an intrusion prevention system t...; Question 87: A mobile application developer wants to secure an applicatio...; Question 88: During a forensic investigation, which of the following must...; Question 89: A company moved into a new building next to a sugar mil. Cra...; Question 90: A pass-the-hash attack is commonly used to:...; Question 91: Passive reconnaissance during a penetration test consists of...; Question 92: A small business just recovered from a ransomware attack aga...; Question 93: An incident response analyst in a corporate security operati...; Question 94: An analyst is trying to obtain a signed certificate from a C...; Question 95: An attacker has obtained the user ID and password of a datac...; Question 96: A security analyst is reviewing the password policy for a se...; Question 97: A new PKI is being built at a company, but the network admin...; Question 98: A security engineer deploys a certificate from a commercial ...; Question 99: Buffer overflow can be avoided using proper:...; Question 100: A security analyst is hardening a large-scale wireless netwo...; Question 101: Which of the following BEST explains how the use of configur...; Question 102: A network administrator was provided the following output fr...; Question 103: A security analyst is reviewing the following log: (Exhibit)...; Question 104: A security team has downloaded a public database of the larg...; Question 105: A common asymmetric algorithm utilizes the user's login name...; Question 106: You have just received some room and Wifi access control rec...; Question 107: Which of the following algorithms would be used to provide n...; Question 108: Which of the following terms BEST describes an exploitable v...; Question 109: Which of the following will ensure the integrity of a file i...; Question 110: A systems administrator has created network file shares for ...; Question 111: A newly hired Chief Security Officer (CSO) is reviewing the ...; Question 112: A company has just completed a vulnerability scan of its ser...; Question 113: A manufacturer creates designs for very high security produc...; Question 114: A network engineer has been asked to investigate why several...; Question 115: An analyst is reviewing the following web-server log after r...; Question 116: An organization has the following written policies: Users mu...; Question 117: Which of the following can occur when a scanning tool cannot...; Question 118: A large Industrial system's smart generator monitors the sys...; Question 119: A systems administrator just issued the ssh-keygen -t rsa co...; Question 120: An organization's IRP prioritizes containment over eradicati...; Question 121: An administrator is trying to inspect SSL traffic to evaluat...; Question 122: Which of the following are considered to be "something you d...; Question 123: An organization has the following password policies: * Passw...; Question 124: A security engineer implements multiple technical measures t...; Question 125: A company notices that at 10 a.m. every Thursday, three user...; Question 126: Which of the following is MOST likely the security impact of...; Question 127: Which of the following is the BEST example of a reputation i...; Question 128: A user contacts the help desk about getting a newly installe...; Question 129: Given the following: > md5.exe filel.txt > ADIFAB10377...; Question 130: A security analyst is investigating a report from an employe...; Question 131: A system uses an application server and database server Empl...; Question 132: After receiving an alert regarding an anomaly in network tra...; Question 133: A network technician needs to monitor and view the websites ...; Question 134: A security analyst wants to obfuscate some code and decides ...; Question 135: Which of the following generates reports that show the numbe...; Question 136: Poor inventory control practices can lead to undetected and ...; Question 137: A security analyst is specifying requirements for a wireless...; Question 138: A software development company needs to augment staff by hir...; Question 139: An analyst generates the following color-coded table shown i...; Question 140: A security analyst is implementing mobile device security fo...; Question 141: Which of the following BEST describes a security exploit for...; Question 142: A security analyst runs the c: \>netstat -b command on a ...; Question 143: A systems engineer is configuring a wireless network. The ne...; Question 144: A security administration a hardening a VPN connection. Rece...; Question 145: A security analyst is asked to check the configuration of th...; Question 146: An organization wishes to allow its users to select devices ...; Question 147: A company is implementing a remote access portal so employee...; Question 148: A security administrator is investigating a report that a us...; Question 149: Which of the following are examples of two-factor authentica...; Question 150: A company has users and porters in multiple geographic locat...; Question 151: A security administrator begins assessing a network with sof...; Question 152: While testing a new application, a developer discovers that ...; Question 153: A critical web application experiences slow response times d...; Question 154: The website of a bank that an organization does business wit...; Question 155: A developer has just finished coding a custom web applicatio...; Question 156: A security administrator plans to conduct a vulnerability sc...; Question 157: An IT manager is estimating the mobile device budget for the...; Question 158: The security administrator has installed a new firewall whic...; Question 159: A company has forbidden the use of external media within its...; Question 160: A company employee recently retired, and there was a schedul...; Question 161: A technician wants to implement PKI-based authentication on ...; Question 162: A company recently experienced a network security breach and...; Question 163: After entering a username and password, an administrator mus...; Question 164: A computer forensics team is performing an integrity check o...; Question 165: A NIPS administrator needs to install a new signature to obs...; Question 166: An organization is drafting an IRP and needs to determine wh...; Question 167: During a routine check, a security analyst discovered the sc...; Question 168: Which of the following is MOST likely caused by improper inp...; Question 169: A Chief Security Officer (CSO) has implemented a policy to p...; Question 170: A security analyst wants to prevent current employees who pr...; Question 171: A government organization recently contacted three different...; Question 172: An organization is struggling to differentiate threats from ...; Question 173: A company is performing an analysis of the corporate enterpr...; Question 174: A customer calls a technician and needs to remotely connect ...; Question 175: A company hired a firm to test the security posture of its d...; Question 176: Which of the following BEST describes the concept of persist...; Question 177: A user receives a security alert pop-up from the host-based ...; Question 178: Which of the following command line tools would be BEST to i...; Question 179: Which of the following is a symmetric encryption that applie...; Question 180: A startup company is using multiple SaaS and laaS platforms ...; Question 181: Users are attempting to access a company's website but are t...; Question 182: A security analyst is conducting a vulnerability scan and co...; Question 183: A university with remote campuses, which all use different s...; Question 184: A company uses WPA2-PSK, and it appears there are multiple u...; Question 185: A security administrator suspects there may be unnecessary s...; Question 186: When building a hosted datacenter, which of the following is...; Question 187: When conducting a penetration test, a pivot is used to descr...; Question 188: A company recently experienced a significant malware attack ...; Question 189: An employee workstation with an IP address of 204 211.38.211...; Question 190: A security engineer wants to further secure a sensitive VLAN...; Question 191: Which of the following has the potential to create a DoS att...; Question 192: A network technician discovered the usernames and passwords ...; Question 193: Which of the following is a type of attack in which a hacker...; Question 194: The website of a bank that an organization does business wit...; Question 195: An employee on the Internet facing part of a company's websi...; Question 196: A security engineer needs to obtain a recurring log of chang...; Question 197: A company uses WPA2-PSK. and it appears there are multiple u...; Question 198: A company is performing an analysis of which corporate units...; Question 199: Exercising various programming responses for the purpose of ...; Question 200: A user from the financial aid office is having trouble inter...; Question 201: A Security analyst has received an alert about PII being sen...; Question 202: Joe, a contractor, is hired by a firm to perform a penetrati...; Question 203: The security office has had reports of increased tailgating ...; Question 204: An organization has defined secure baselines for all servers...; Question 205: A government agency with sensitive information wants to virt...; Question 206: A company that processes sensitive information has implement...; Question 207: Joe recently assumed the role of data custodian for this org...; Question 208: Which of the following models is considered an iterative app...; Question 209: A company has forbidden the use of external media within its...; Question 210: After deploying an antivirus solution on some network-isolat...; Question 211: Company engineers regularly participate in a public Internet...; Question 212: A law office has been leasing dark fiber from a local teleco...; Question 213: A technician wants to implement PKI-based authentication on ...; Question 214: A security technician is configuring a new firewall applianc...; Question 215: A company needs to implement an on-premises system that allo...; Question 216: A penetration tester is testing passively for vulnerabilitie...; Question 217: An attacker is able to capture the payload for the following...; Question 218: A security analyst has identified malware that is propagatin...; Question 219: An organization is building a new customer services team, an...; Question 220: Which of the following BEST describes the concept of perfect...; Question 221: A network administrator needs to prevent users from accessin...; Question 222: A network technician is setting up a new branch for a compan...; Question 223: A coding error has been discovered on a customer-facing webs...; Question 224: The Chief financial Officer (CFO) of an insurance company re...; Question 225: Which of the following is an example of resource exhaustion?...; Question 226: A security team has completed the installation of a new serv...; Question 227: For each of the given items, select the appropriate authenti...; Question 228: An organization's Chief Executive Officer (CEO) directs a ne...; Question 229: A security administrator wants to implement strong security ...; Question 230: A newly purchased corporate WAP needs to be configured in th...; Question 231: Which of the following is a technical preventive control?...; Question 232: A network administrator wants to further secure the routers ...; Question 233: Select the appropriate attack from each drop down list to la...; Question 234: Ann, a new employee, received an email from an unknown sourc...; Question 235: Which of the following should a technician use to protect a ...; Question 236: Several systems and network administrators are determining h...; Question 237: An organization needs to integrate with a third-party cloud ...; Question 238: As a security measure, an organization has disabled all exte...; Question 239: A computer forensics analyst collected a flash drive that co...; Question 240: A systems administrator needs to configure an SSL remote acc...; Question 241: A systems administrator has implemented multiple websites us...; Question 242: A systems administrator is auditing the company's Active Dir...; Question 243: Which of the following provides PFS?...; Question 244: A network administrator wants to gather information on the s...; Question 245: A retail executive recently accepted a job with a major comp...; Question 246: Joe, an employee, asks a coworker how long ago Ann started w...; Question 247: An organization handling highly confidential information nee...; Question 248: To further secure a company's email system, an administrator...; Question 249: A corporation wants to allow users who work for its affiliat...; Question 250: An analyst is currently looking at the following output: (Ex...

Question 217/250

LEAVE A REPLY

Download PDF File