Ensurepass

 

 

QUESTION 461

A software development company wants to implement a digital rights management solution to protect its intellectual property. Which of the following should the company implement to enforce software digital rights?

 

A.

Transport encryption

B.

IPsec

C.

Non-repudiation

D.

Public key infrastructure

 

Correct Answer: D

 

 

 

 

QUESTION 462

Users are unable to connect to the web server at IP 192.168.0.20. Which of the following can be inferred of a firewall that is configured ONLY with the following ACL?

 

PERMIT TCP ANY HOST 192.168.0.10 EQ 80

PERMIT TCP ANY HOST 192.168.0.10 EQ 443

 

A.

It implements stateful packet filtering.

B.

It implements bottom-up processing.

C.

It failed closed.

D.

It implements an implicit deny.

 

Correct Answer: D

 

 

QUESTION 463

Which of the following security awareness training is BEST suited for data owners who are concerned with protecting the confidentiality of their data?

 

A.

Social networking use training

B.

Personally owned device policy training

C.

Tailgating awareness policy training

D.

Information classification training

 

Correct Answer: D


 

 

QUESTION 464

A security administrator is concerned about the strength of user’s passwords. The company does not want to implement a password complexity policy. Which of the following can the security Administrator implement to mitigate the risk of an online password attack against users with weak passwords?

 

A.

Increase the password length requirements

B.

Increase the password history

C.

Shorten the password expiration period

D.

Decrease the account lockout time

 

Correct Answer: C

 

 

QUESTION 465

A company has purchased an application that integrates into their enterprise user directory for account authentication. Users are still prompted to type in their usernames and passwords. Which of the following types of authentication is being utilized here?

 

A.

Separation of duties

B.

Least privilege

C.

Same sign-on

D.

Single sign-on

 

Correct Answer: C

 

QUESTION 466

Which of the following are Data Loss Prevention (DLP) strategies that address data in transit issues? (Select TWO).

 

A.

Scanning printing of documents.

B.

Scanning of outbound IM (Instance Messaging).

C.

Scanning copying of documents to USB.

D.

Scanning of SharePoint document library.

E.

Scanning of shared drives.

F.

Scanning of HTTP user traffic.

 

Correct Answer: BF

 

 

QUESTION 467

A user casually browsing the Internet is redirected to a warez site where a number of pop-ups appear. After clicking on a pop-up to complete a survey, a drive-by download occurs. Which of the following is MOST likely to be contained in the download?

 

A.

Backdoor

B.

Spyware

C.

Logic bomb

D.

DDoS

E.

Smurf

 

Correct Answer: B

 

 

QUESTION 468

A security administrator plans on replacing a critical business application in five years. Recently, there was a security flaw discovered in the application that will cause the IT department to manually re-enable user accounts each month at a cost of $2,000. Patching the application today would cost $140,000 and take two months to implement. Which of the following should the security administrator do in regards to the application?

 

A.

Avoid the risk to the user base allowing them to re-enable their own accounts

B.

Mitigate the risk by patching the application to increase security and saving money

C.

Transfer the risk replacing the application now instead of in five years

D.

Accept the risk and continue to enable the accounts each month saving money

 

Correct Answer: D

 

 

QUESTION 469

The IT department has setup a share point site to be used on the intranet. Security has established the groups and permissions on the site. No one may modify the permissions and all requests for access are centrally managed by the security team. This is an example of which of the following control types?

 

A.

Rule based access control

B.

Mandatory access control

C.

User assigned privilege

D.

Discretionary access control

Correct Answer: D

 

 

QUESTION 470

Purchasing receives a phone call from a vendor asking for a payment over the phone. The phone number displayed on the caller ID matches the vendor’s number. When the purchasing agent asks to call the vendor back, they are given a different phone number with a different area code. Which of the following attack types is this?

 

A.

Hoax

B.

Impersonation

C.

Spear phishing

D.

Whaling

 

Correct Answer: B

 

 

Free VCE & PDF File for CompTIA SY0-401 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.