ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam SY0-501 All Questions

View all questions & answers for the SY0-501 exam
Go to Exam

Exam SY0-501 topic 1 question 711 discussion

Actual exam question from CompTIA's SY0-501
Question #: 711
Topic #: 1
[All SY0-501 Questions]

An administrator is implementing a secure web server and wants to ensure that if the web server application is compromised, the application does not have access to other parts of the server or network. Which of the following should the administrator implement? (Choose two.)

  • A. Mandatory access control
  • B. Discretionary access control
  • C. Rule-based access control
  • D. Role-based access control
  • E. Attribute-based access control
Show Suggested Answer Hide Answer
Suggested Answer: AC 🗳️
by Meredith at May 28, 2020, 8:33 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Duranio
Highly Voted 4 years, 8 months ago
This was on my exam (5 Aug 2020). I chose C by conviction, and A by faith. I don't know... Maybe C and E would make more sense. All I know is that I passed the exam so, these frustrating questions are no more my problem
upvoted 30 times
Teza
4 years, 8 months ago
Hi Duraino, please what materials were most helpful and can you share some of the strategies you used. Thank you
upvoted 1 times
Duranio
4 years, 8 months ago
I took two video courses, one from Jason Dion and one from Mike Meyers; both purchased on Udemy; I also bought the Practice Exams Simulations by Jason Dion which are a useful study tool after taking the courses. Plus I studied on two good Security+ books: "Get Certified get ahed" by Darril Gibson, and "CompTIA Security+ Certification Guide Exam SY0-501 2nd Edition" by Mike Meyers. Plus I used a free android app "CompTIA Security + Practice Test" from ABC E-Learning (you can find it on the play store) with 905 questions (which include all the ones on Gibson's book plus many more) divided in the 6 topics of the exam: the questions are generally well formulated so they are easier than the real exam's questions; nevertheless they are a useful study tool as all the answers are well explained. I also used some random material found on internet like some Professor Messer's videos on Youtube and some other good stuff. Lastly I used this dump together with other free dumps (for comparison) that you can easly find on internet.
upvoted 20 times
Not_My_Name
4 years, 6 months ago
I used exactly the same materials you you. Will be writing my exam in 3 days.
upvoted 4 times
...
...
Duranio
4 years, 8 months ago
I needed all those redundant material, because I started almost from scratch: I'm a Java programmer with no previous cybersecurity and networking knowledges or experiences. Anyway if I had to suggest just one or two study tool from the above I'd go with Darril Gibson's book; then maybe one of the two courses I cited and of course this dump. I forgot to cite one of the most underestimated but really precious tool : the official CompTIA Security+ Syllabus; you can download it here (https://www.comptia.jp/pdf/Security%2B%20SY0-501%20Exam%20Objectives.pdf); it's just a detailed list of the exam objectives but it's really important to understand the therminology used by CompTIA authors; trust me: when you have some doubts, check the syllabus and probably you'll manage to rule out some wrong answers just because they contain made-up terms that are NOT on the syllabus. Moreover at the end you'll find a complete list of the acronyms you are supposed to know for the exam.
upvoted 35 times
Hanzero
4 years, 7 months ago
You are a good guy, Duranio. Thanks for your help and insight.
upvoted 13 times
...
...
...
...
MelvinJohn
Highly Voted 4 years, 10 months ago
Mandatory access control (MAC) is a security strategy that restricts the ability individual resource owners have to grant or deny access to resource objects in a file system. Only the administrator manages the access controls. Contrast with Discretionary Access Control (DAC) which is determined by the data owner. Rule-Based Access Control is a type of access control system that where access requests are evaluated against a specified list of rules. ( If X then Y.) Role-Based access control provides access based on a user's defined role in the organization.
upvoted 14 times
who__cares123456789___
4 years, 3 months ago
COPY/PASTE FROM BELOW, But first a side note---in a server class, we migrated an IIS website to an LAMP stack and it was an involved process and we were required to turn off SELinux due to permission issues...THE PASTE>>From a purist perspective, SELinux provides a hybrid of concepts and capabilities drawn from mandatory access controls, mandatory integrity controls, role-based access control (RBAC), and type enforcement architecture.This info, coupled with Duranio's comment below, give me confidence to accept the given answers as correct!!
upvoted 2 times
wexal66954
4 years, 1 month ago
"role-based access control (RBAC)" and given answer is Rule-based access control shouldn't be AD then ?
upvoted 2 times
...
...
...
Eluis007
Most Recent 3 years, 5 months ago
I think C and E Attribute-based access control (ABAC) is the most fine-grained type of access control model. As the name suggests, an ABAC system is capable of making access decisions based on a combination of subject and object attributes plus any context-sensitive or system-wide attributes. As well as group/role memberships, these attributes could include information about the OS currently being used, the IP address, or the presence of up-to-date patches and anti-malware. An attribute-based system could monitor the number of events or alerts associated with a user account (in this case, if the web server application is compromised) or with a resource, or track access requests to ensure they are consistent in terms of timing of requests or geographic location. Conditional access is an example of rule-based access control. A conditional access system monitors account (in this case, service account) or device behavior throughout a session. If certain conditions are met (in this case, if the web server application is compromised), the account may be suspended (in this case, the application does not have access to other parts of the server or network).
upvoted 1 times
...
Dragi
4 years, 6 months ago
https://en.wikipedia.org/wiki/Security-Enhanced_Linux From a purist perspective, SELinux provides a hybrid of concepts and capabilities drawn from mandatory access controls, mandatory integrity controls, role-based access control (RBAC), and type enforcement architecture.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago