Ensurepass

 

QUESTION 81

During the analysis of a PCAP file, a security analyst noticed several communications with a remote server on port 53. Which of the following protocol types is observed in this traffic?

 

A.

FTP

B.

DNS

C.

Email

D.

NetBIOS

 

Correct Answer: B

 

 

QUESTION 82

A compromised workstation utilized in a Distributed Denial of Service (DDOS) attack has been removed from the network and an image of the hard drive has been created. However, the system administrator stated that the system was left unattended for several hours before the image was created. In the event of a court case, which of the following is likely to be an issue with this incident?

 

A.

Eye Witness

B.

Data Analysis of the hard drive

C.

Chain of custody

D.

Expert Witness

 

Correct Answer: C

 

 

QUESTION 83

During which of the following phases of the Incident Response process should a security administrator define and implement general defense against malware?

 

A.

Lessons Learned

B.

Preparation

C.

Eradication

D.

Identification

 

Correct Answer: B

 

QUESTION 84

Due to hardware limitation, a technician must implement a wireless encryption algorithm that uses the RC4 protocol. Which of the following is a wireless encryption solution that the technician should implement while ensuring the STRONGEST level of security?

 

A.

WPA2-AES

B.

802.11ac

C.

WPA-TKIP

D.

WEP

 

Correct Answer: C

 

 

QUESTION 85

Joe, a user, wants to send an encrypted email to Ann. Which of the following will Ann need to use to verify that the email came from Joe and decrypt it? (Select TWO).

 

A.

The CA’s public key

B.

Ann’s public key

C.

Joe’s private key

D.

Ann’s private key

E.

The CA’s private key

F.

Joe’s public key

 

Correct Answer: DF

 

 

QUESTION 86

Joe, a user, wants to send an encrypted email to Ann. Which of the following will Ann need to use to verify the validity’s of Joe’s certificate? (Select TWO).

 

A.

The CA’s public key

B.

Joe’s private key

C.

Ann’s public key

D.

The CA’s private key

E.

Joe’s public key

F.

Ann’s private key

 

Correct Answer: AE

 

 

QUESTION 87

A technician wants to implement a dual factor authentication system that will enable the organization to authorize access to sensitive systems on a need-to-know basis. Which of the following should be implemented during the authorization stage?

 

A.

Biometrics

B.

Mandatory access control

C.

Single sign-on

D.

Role-based access control

 

Correct Answer: A

 

QUESTION 88

A security researcher wants to reverse engineer an executable file to determine if it is malicious. The file was found on an underused server and appears to contain a zero-day exploit. Which of the following can the researcher do to determine if the file is malicious in nature?

 

A.

TCP/IP socket design review

B.

Executable code review

C.

OS Baseline comparison

D.

Software architecture review

 

Correct Answer: C

 

 

QUESTION 89

A recent spike in virus detections has been attributed to end-users visiting www.compnay.com. The business has an established relationship with an organization using the URL of www.company.com but not with the site that has been causing the infections. Which of the following would BEST describe this type of attack?

 

A.

Typo squatting

B.

Session hijacking

C.

Cross-site scripting

D.

Spear phishing

 

Correct Answer: A

 

 

QUESTION 90

A company has proprietary mission critical devices connected to their network which are configured remotely by both employees and approved customers. The administrator wants to monitor device security without changing their baseline configuration. Which of the following should be implemented to secure the devices without risking availability?

 

A.

Host-based firewall

B.

IDS

C.

IPS

D.

Honeypot

 

Correct Answer: B

Free VCE & PDF File for CompTIA SY0-401 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.