Ensurepass

 

QUESTION 421

Which of the following types of authentication solutions use tickets to provide access to various resources from a central location?

 

A.

Biometrics

B.

PKI

C.

ACLs

D.

Kerberos

 

Correct Answer: D

 

 

 

 

 

QUESTION 422

A corporation is looking to expand their data center but has run out of physical space in which to store hardware. Which of the following would offer the ability to expand while keeping their current data center operated by internal staff?

 

A.

Virtualization

B.

Subnetting

C.

IaaS

D.

SaaS

 

Correct Answer: A

 

 

QUESTION 423

After viewing wireless traffic, an attacker notices the following networks are being broadcasted by local access points:

 

Corpnet

Coffeeshop

FreePublicWifi

 

Using this information the attacker spoofs a response to make nearby laptops connect back to a malicious device. Which of the following has the attacker created?

 

A.

Infrastructure as a Service

B.

Load balancer

C.

Evil twin

D.

Virtualized network

 

Correct Answer: C

 

 

QUESTION 424

Which of the following concepts is enforced by certifying that email communications have been sent by who the message says it has been sent by?

 

A.

Key escrow

B.

Non-repudiation

C.

Multifactor authentication

D.

Hashing

 

Correct Answer: B

 

 

QUESTION 425

After a recent breach, the security administrator performs a wireless survey of the corporate network. The security administrator notices a problem with the following output:

 

MAC SSID ENCRYPTION POWER BEACONS

 

00:10:A1:36:12:CC MYCORP WPA2 CCMP 60 1202

00:10:A1:49:FC:37 MYCORP WPA2 CCMP 70 9102

FB:90:11:42:FA:99 MYCORP WPA2 CCMP 40 3031

00:10:A1:AA:BB:CC MYCORP WPA2 CCMP 55 2021

00:10:A1:FA:B1:07 MYCORP WPA2 CCMP 30 6044

 

Given that the corporate wireless network has been standardized, which of the following attacks is underway?

 

A.

Evil twin

B.

IV attack

< font style="font-size: 10pt" color="#000000">C.

Rogue AP

D.

DDoS

 

Correct Answer: A

 

 

QUESTION 426

Input validation is an important security defense because it:

 

A.

rejects bad or malformed data.

B.

enables verbose error reporting.

C.

protects mis-configured web servers.

D.

prevents denial of service attacks.

 

Correct Answer: A

 

 

QUESTION 427

In order to maintain oversight of a third party service provider, the company is going to implement a Governance, Risk, and Compliance (GRC) system. This system is promising to provide overall security posture coverage. Which of the following is the MOST important activity that should be considered?

 

A.

Continuous security monitoring

B.

Baseline configuration and host hardening

C.

Service Level Agreement (SLA) monitoring

D.

Security alerting and trending

 

Correct Answer: A

 

 

QUESTION 428

A recent audit of a company’s identity management system shows that 30% of active accounts belong to people no longer with the firm. Which of the following should be performed to help avoid this scenario? (Select TWO).

 

A.

Automatically disable accounts that have not been utilized for at least 10 days.

B.

Utilize automated provisioning and de-provisioning processes where possible.

C.

Request that employees provide a list of systems that they have access to prior to leaving the firm.

D.

Perfo
rm regular user account review / revalidation process.

E.

Implement a process where new account creations require management approval.

 

Correct Answer: BD

 

 

QUESTION 429

The Chief Information Officer (CIO) has mandated web based Customer Relationship Management (CRM) business functions be moved offshore to reduce cost, reduce IT overheads, and improve availability. The Chief Risk Officer (CRO) has agreed with the CIO’s direction but has mandated that key authentication systems be run within the organization’s network. Which of the following would BEST meet the CIO and CRO’s requirements?

 

A.

Software as a Service

B.

Infrastructure as a Service

C.

Platform as a Service

D.

Hosted virtualization service

 

Correct Answer: A

 

 

QUESTION 430

Which of the following provides the BEST application availability and is easily expanded as demand grows?

 

A.

Server virtualization

B.

Load balancing

C.

Active-Passive Cluster

D.

RAID 6

 

Correct Answer: B

Free VCE & PDF File for CompTIA SY0-401 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.