SYO-501 試験問題を無料オンラインアクセス

A large Industrial system's smart generator monitors the system status and sends alerts to third-party maintenance personnel when critical failures occur. While reviewing the network logs, the company's security manager notices the generator's IP is sending packets to an internal file server's IP. Which of the following mitigations would be BEST for the security manager to implement while maintaining alerting capabilities?

• A.firewall whitelisting
• B.Isolation
• C.Segmentation
• D.Containment

An organization has the following written policies:
Users must request approval for non-standard software installation.
Administrators will perform all software installations.
Software must be installed from a trusted repository.
A recent security audit identified crypto-currency software installed on one user's machine. There are no indications of compromise on this machine. Which of the following is the MOST likely cause of this policy violation and the BEST remediation to prevent a reoccurrence?

• A.Administrators downloaded the software from an untrusted repository; add a policy that requires integrity checking for all software.
• B.The user's machine was infected with malware; implement the organization's incident response
• C.The crypto-currency software was misidentified and is authorized; add the software to the organization's approved list
• D.The user installed the software on the machine; implement technical controls to enforce the written policies

Which of the following can occur when a scanning tool cannot authenticate to a server and has to rely on limited information obtained from service banners?

• A.False positive
• B.Privilege escalation
• C.Access violation
• D.Passive reconnaissance

Drag and drop the correct protocol to its default port.

正解：

FTP uses TCP port 21. Telnet uses port 23.
SSH uses TCP port 22.
All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22. Secure Copy Protocol (SCP) is a secure file-transfer facility based on SSH and Remote Copy Protocol (RCP).
Secure FTP (SFTP) is a secured alternative to standard file Transfer Protocol (FTP). SMTP uses TCP port 25.
Port 69 is used by TFTP.
SNMP makes use of UDP ports 161 and 162. http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

A security administrator has created a new group policy object that utilizes the trusted platform module to compute a hash of system files and compare the value to a known-good value. Which of the following security concepts is this an example of?

• A.Secure baseline
• B.Sandboxing
• C.Integrity measurement
• D.Immutable systems