Ensurepass

 

QUESTION 491

After a recent internal audit, the security administrator was tasked to ensure that all credentials must be changed within 90 days, cannot be repeated, and cannot contain any dictionary words or patterns. All credentials will remain enabled regardless of the number of attempts made. Which of the following types of user account options were enforced? (Select TWO).

 

A.

Recovery

B.

User assigned privileges

C.

Lockout

D.

Disablement

E.

Group based privileges

F.

Password expiration

G.

Password complexity

 

Correct Answer: FG

 

 

QUESTION 492

A security analyst has been notified that trade secrets are being leaked from one of the executives in the corporation. When reviewing this executive’s laptop they notice several pictures of the employee’s pets are on the hard drive and on a cloud storage network. When the analyst hashes the images on the hard drive against the hashes on the cloud network they do not match. Which of the following describes how the employee is leaking these secrets?

 

A.

Social engineering

B.

Steganography

C.

Hashing

D.

Digital signatures

 

Correct Answer: B

 

 

 

 

QUESTION 493

During a routine audit a web server is flagged for allowing the use of weak ciphers. Which of the following should be disabled to mitigate this risk? (Select TWO).

 

A.

SSL 1.0

B.

RC4

C.

SSL 3.0

D.

AES

E.

DES

F.

TLS 1.0

 

Correct Answer: AE

 

 

QUESTION 494

Review the following diagram depicting communication between PC1 and PC2 on each side of a router. Analyze the network traffic logs which show communication between the two computers as captured by the computer with IP 10.2.2.10.

 

DIAGRAM

 

PC1 PC2

 

[192.168.1.30]——–[INSIDE 192.168.1.1 router OUTSIDE 10.2.2.1]———[10.2.2.10] LOGS

 

10:30:22, SRC 10.2.2.1:3030, DST 10.2.2.10:80, SYN

10:30:23, SRC 10.2.2.10:80, DST 10.2.2.1:3030, SYN/ACK

10:30:24, SRC 10.2.2.1:3030, DST 10.2.2.10:80, ACK

 

Given the above information, which of the following can be inferred about the above environment?

 

A.

192.168.1.30 is a web server.

B.

The web server listens on a non-standard port.

C.

The router filters port 80 traffic.

D.

The router implements NAT.

 

Correct Answer: D

 

 

QUESTION 495

The Chief Information Officer (CIO) wants to implement a redundant server location to which the production server images can be moved within 48 hours and services can be quickly restored, in case of a catastrophic failure of the primary datacenter’s HVAC. Which of the following can be implemented?

 

A.

Cold site

B.

Load balancing

C.

Warm site

D.

Hot site

 

Correct Answer: C

 

 

QUESTION 496

The security administrator is observing unusual network behavior from a workstation. The workstation is communicating with a known malicious destination over an encrypted tunnel. A full antivirus scan, with an updated antivirus definition file, does not show any signs of infection. Which of the following has happened on the workstation?

 

A.

Zero-day attack

B.

Known malware infection

C.

Session hijacking

D.

Cookie stealing

 

Correct Answer: A

 

 

QUESTION 497

Which of the following controls can be used to prevent the disclosure of sensitive information stored on a mobile device’s remova
ble media in the event that the device is lost or stolen?

 

A.

Hashing

B.

Screen locks

C.

Device password

D.

Encryption

 

Correct Answer: D

 

 

QUESTION 498

Which of the following should be performed to increase the availability of IP telephony by prioritizing traffic?

 

A.

Subnetting

B.

NAT

C.

Quality of service

D.

NAC

 

Correct Answer: C

 

 

QUESTION 499

A malicious program modified entries in the LMHOSTS file of an infected system. Which of the following protocols would have been affected by this?

 

A.

ICMP

B.

BGP

C.

NetBIOS

D.

DNS

 

Correct Answer: C

 

 

 

 

 

QUESTION 500

A victim is logged onto a popular home router forum site in order to troubleshoot some router configuration issues. The router is a fairly standard configuration and has an IP address of 192.168.1.1. The victim is logged into their router administrative interface in one tab and clicks a forum link in another tab. Due to clicking the forum link, the home router reboots. Which of the following attacks MOST likely occurred?

 

A.

Brute force password attack

B.

Cross-site request forgery

C.

Cross-site scripting

D.

Fuzzing

 

Correct Answer: B

Free VCE & PDF File for CompTIA SY0-401 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.