CompTIA SYO-501 問題集

質問 1：
Which of the following BEST explains why a development environment should have the same database server secure baseline that exists in production even if there is no PII in the database?
A. Attackers can extract sensitive, personal information from lower development environment databases just as easily as they can from production databases.
B. Laws stipulate that databases with the ability to store personal information must be secured regardless of the environment or if they actually have PII
C. Databases are unique in their need to have secure configurations applied in all environments because they are attacked more often
D. Without the same configuration in both development and production, there are no assurances that changes made in development will have the same effect in production.
正解：A

質問 2：
An accountant is attempting to log in to the internal accounting system and receives a message that the website's certificate is fraudulent. The accountant finds instructions for manually installing the new trusted root onto the local machine. Which of the following would be the company's BEST option for this situation in the future?
A. Utilize a central CRL.
B. Use a stronger cipher suite.
C. Ensure access to KMS.
D. Implement certificate management.
正解：D
解説: (Topexam メンバーにのみ表示されます)

質問 3：
Which of the following is the main difference between symmetric and asymmetric cryptographic algorithms?
A. Only one key used in symmetric algorithms
B. Random vs. pseudo-random key generation
C. HSM-based key generation
D. The use of PKI in symmetric algorithms
正解：A

質問 4：
An organization has created a review process to determine how to best handle data with different sensitivity levels. The process includes the following requirements:
* Soft copy Pll must be encrypted.
* Hard copy Pll must be placed In a locked container.
* Soft copy PHI must be encrypted and audited monthly.
* Hard copy PHI must be placed in a locked container and inventoried monthly.
Locked containers must be approved and designated for document storage. Any violations must be reported to the Chief Security Officer {CSO}.
While searching for coffee in the kitchen, an employee unlocks a cabinet and discovers a list of customer names and phone numbers. Which of the following actions should the employee take?
A. Put the document back in the cabinet, lock the cabinet, and report the incident to the CSO.
B. Take custody of the document, secure it at a desk, and report the incident to the CSO.
C. Put the document back in the cabinet, inventory the contents, lock the cabinet, and report the incident to the CSO.
D. Take custody of the document and immediately report the incident to the CSO.
正解：A

質問 5：
The website of a bank that an organization does business with is being reported as untrusted by the organization's web browser. A security analyst has been assigned to Investigate. The analyst discovers the band recently merged with another local bank and combined names. Additionally, the user's bookmark automatically redirects to the website of the newly named bank. Which of the following Is the MOST likely cause of the Issue?
A. The website was created too recently to be trusted.
B. The website's certificate still has the old bank's name.
C. The company's web browser is not up to date
D. The website's certificate has expired
正解：A

質問 6：
Which of the following generates reports that show the number of systems that are associated with POODLE, 3DES, and SMBv1 listings?
A. A honeypot
B. A UTM appliance
C. A protocol analyzer
D. A vulnerability scanner
正解：D