SY0-501 Free Practice Test

- (Exam Topic 3)
A security analyst has been asked to perform a review of an organization's software development lifecycle. The analyst reports that the lifecycle does not contain a phase in which team members evaluate and provide critical feedback of another developer's code. Which of the following assessment techniques is BEST described in the analyst's report?

1. A. Architecture evaluation
2. B. Baseline reporting
3. C. Whitebox testing
4. D. Peer review

Correct Answer: D

- (Exam Topic 1)
A security consultant discovers that an organization is using the PCL protocol to print documents, utilizing the default driver and print settings. Which of the following is the MOST likely risk in this situation?

1. A. An attacker can access and change the printer configuration.
2. B. SNMP data leaving the printer will not be properly encrypted.
3. C. An MITM attack can reveal sensitive information.
4. D. An attacker can easily inject malicious code into the printer firmware.
5. E. Attackers can use the PCL protocol to bypass the firewall of client computers.

Correct Answer: B

- (Exam Topic 5)
A bank uses a wireless network to transmit credit card purchases to a billing system.
Which of the following would be MOST appropriate to protect credit card information from being accessed by unauthorized individuals outside of the premises?

1. A. Air gap
2. B. Infrared detection
3. C. Faraday cage
4. D. Protected distributions

Correct Answer: C

- (Exam Topic 5)
A technician is configuring a load balancer for the application team to accelerate the network performance of their applications. The applications are hosted on multiple servers and must be redundant. Given this scenario, which of the following would be the BEST method of configuring the load balancer?

1. A. Round-robin
2. B. Weighted
3. C. Least connection
4. D. Locality-based

Correct Answer: D

- (Exam Topic 2)
The Chief Security Officer (CISO) at a multinational banking corporation is reviewing a plan to upgrade the entire corporate IT infrastructure. The architecture consists of a centralized cloud environment hosting the majority of data, small server clusters at each corporate location to handle the majority of customer transaction processing, ATMs, and a new mobile banking application accessible from smartphones, tablets, and the Internet via HTTP. The corporation does business having varying data retention and privacy laws.
Which of the following technical modifications to the architecture and corresponding security controls should be implemented to provide the MOST complete protection of data?

1. A. Revoke exiting root certificates, re-issue new customer certificates, and ensure all transactions are digitally signed to minimize fraud, implement encryption for data in-transit between data centers
2. B. Ensure all data is encryption according to the most stringent regulatory guidance applicable, implement encryption for data in-transit between data centers, increase data availability by replicating all data, transaction data, logs between each corporate location
3. C. Store customer data based on national borders, ensure end-to end encryption between ATMs, end users, and servers, test redundancy and COOP plans to ensure data is not inadvertently shifted from one legal jurisdiction to another with more stringent regulations
4. D. Install redundant servers to handle corporate customer processing, encrypt all customer data to ease the transfer from one country to another, implement end-to-end encryption between mobile applications and the cloud.

Correct Answer: C