Ensurepass

 

QUESTION 381

After reviewing the firewall logs of her organization’s wireless Aps, Ann discovers an unusually high amount of failed authentication attempts in a particular segment of the building. She remembers that a new business moved into the office space across the street. Which of the following would be the BEST option to begin addressing the issue?

 

A.

Reduce the power level of the AP on the network segment

B.

Implement MAC filtering on the AP of the affected segment

C.

Perform a site survey to see what has changed on the segment

D.

Change the WPA2 encryption key of the AP in the affected segment

Correct Answer: A

 

 

QUESTION 382

A security administrator looking through IDS logs notices the following entry:

 

(where email=joe@joe.com and passwd= `or 1==1′)

 

Which of the following attacks had the administrator discovered?

 

A.

SQL injection

B.

XML injection

C.

Cross-site script

D.

Header manipulation

 

Correct Answer: C

 

 

QUESTION 383

A security administrator must implement a wireless security system, which will require users to enter a 30 character ASCII password on their clients. Additionally the system must support 3DS wireless encryption. Which of the following should be implemented?

 

A.

WPA2-CCMP with 802.1X

B.

WPA2-PSK

C.

WPA2-CCMP

D.

WPA2-Enterprise

 

Correct Answer: D

 

 

QUESTION 384

Ann a technician received a spear-phishing email asking her to update her personal information by clicking the link within the body of the email. Which of the following type of training would prevent Ann and other employees from becoming victims to such attacks?

 

A.

User Awareness

B.

Acceptable Use Policy

C.

Personal Identifiable Information

D.

Information Sharing

 

Correct Answer: C

 

 

QUESTION 385

A company wants to ensure that all aspects if data are protected when sending to other sites within the enterprise. Which of the following would ensure some type of encryption is performed while data is in transit?

 

A.

SSH

B.

SHA1

C.

TPM

D.

MD5

Correct Answer: C

 

 

QUESTION 386

A database administrator would like to start encrypting database exports stored on the SAN, but the storage administrator warms that this may drastically increase the amount of disk space used by the exports. Which of the following explains the reason for the increase in disk space usage?

 

A.

Deduplication is not compatible with encryption

B.

The exports are being stored on smaller SAS drives

C.

Encrypted files are much larger than unencrypted files

D.

The SAN already uses encryption at rest

 

Correct Answer: C

 

 

QUESTION 387

The Chief Information Officer (CIO) receives an anonymous threatening message that says “beware of the 1st of the year”. The CIO suspects the message may be from a former disgruntled employee planning an attack. Which of the following should the CIO be concerned with?

 

A.

Smurf Attack

B.

Trojan

C.

Logic bomb

D.

Virus

 

Correct Answer: C

 

 

QUESTION 388

Joe Has read and write access to his own home directory. Joe and Ann are collaborating on a project, and Joe would like to give Ann write access to one particular file in this home directory. Which of the following types of access control would this reflect?

 

A.

Role-based access control

B.

Rule-based access control

C.

Mandatory access control

D.

Discretionary access control

 

Correct Answer: A

 

 

QUESTION 389

Which of the following attacks could be used to initiate a subsequent man-in-the-middle attack?

 

A.

ARP poisoning

B.

DoS

C.

Replay

D.

Brute force

 

Correct Answer: C

 

 

QUESTION 390

Which of the following can only be mitigated through the use of technical controls rather that user security training?

 

A.

Shoulder surfing

B.

Zero-day

C.

Vishing

D.

Trojans

 

Correct Answer: B

 

Free VCE & PDF File for CompTIA SY0-401 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.