Ensurepass

 

 

QUESTION 641

After running into the data center with a vehicle, attackers were able to enter through the hole in the building and steal several key servers in the ensuing chaos. Which of the following security measures can be put in place to mitigate the issue from occurring in the future?

 

A.

Fencing

B.

Proximity readers

C.

Video surveillance

D.

Bollards

 

Correct Answer: D

 

 

QUESTION 642

A CA is compromised and attacks start distributing maliciously signed software updates. Which of the following can be used to warn users about the malicious activity?

 

A.

Key escrow

B.

Private key verification

C.

Public key verification

D.

Certificate revocation list

 

Correct Answer: D

 

 

 

QUESTION 643

After encrypting all laptop hard drives, an executive officer’s laptop has trouble booting to the operating system. Now that it is successfully encrypted the helpdesk cannot retrieve the data. Which of the following can be used to decrypt the information for retrieval?

 

A.

Recovery agent

B.

Private key

C.

Trust models

D.

Public key

 

Correct Answer: A

 

 

QUESTION 644

Which of the following devices is MOST likely being used when processing the following?

 

1 PERMIT IP ANY ANY EQ 80

2 DENY IP ANY ANY

 

A.

Firewall

B.

NIPS

C.

Load balancer

D.

URL filter

 

Correct Answer: A

 

 

QUESTION 645

The security administrator at ABC company received the following log information f
rom an external party:

 

10:45:01 EST, SRC 10.4.3.7:3056, DST 8.4.2.1:80, ALERT, Directory traversal

10:45:02 EST, SRC 10.4.3.7:3057, DST 8.4.2.1:80, ALERT, Account brute force

10:45:03 EST, SRC 10.4.3.7:3058, DST 8.4.2.1:80, ALERT, Port scan

 

The external party is reporting attacks coming from abc-company.com. Which of the following is the reason the ABC company’s security administrator is unable to determine the origin of the attack?

 

A.

A NIDS was used in place of a NIPS.

B.

The log is not in UTC.

C.

The external party uses a firewall.

D.

ABC company uses PAT.

 

Correct Answer: D

 

 

QUESTION 646

The security administrator is implementing a malware storage system to archive all malware seen by the company into a central database. The malware must be categorized and stored based on similarities in the code. Which of the following should the security administrator use to identify similar malware?

 

A.

TwoFish

B.

SHA-512

C.

Fuzzy hashes

D.

HMAC

 

Correct Answer: C

 

 

QUESTION 647

The security administrator installed a newly generated SSL certificate onto the company web server. Due to a mis-configuration of the website, a downloadable file containing one of the pieces of the key was available to the public. It was verified that the disclosure did not require a reissue of the certificate. Which of the following was MOST likely compromised?

 

A.

The file containing the recovery agent’s keys.

B.

The file containing the public key.

C.

The file containing the private key.

D.

The file containing the server’s encrypted passwords.

 

Correct Answer: B

 

 

QUESTION 648

Which of the following was launched against a company based on the following IDS log?

 

122.41.15.252 – – [21/May/2012:00:17:20 +1200] “GET

/index.php?username=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAA HTTP/1.1″ 200 2731 “http://www.company.com/cgibin/

forum/commentary.pl/noframes/read/209″ “Mozilla/4.0 (compatible;

MSIE 6.0; Windows NT 5.1; Hotbar 4.4.7.0)”

 

A.

SQL injection

B.

Buffer overflow attack

C.

XSS attack

D.

Online password crack

 

Correct Answer: B

 

 

QUESTION 649

The security administrator is analyzing a user’s history file on a Unix server to determine if the user was attempting to break out of a rootjail. Which of the following lines in the user’s history log shows evidence that the user attempted to escape the rootjail?

 

A.

cd ../../../../bin/bash

B.

whoami

C.

ls /root

D.

sudo -u root

 

Correct Answer: A

 

 

 

 

QUESTION 650

A software development company has hired a programmer to develop a plug-in module to an existing proprietary application. After completing the module, the developer needs to test the entire application to ensure that the module did not introduce new vulnerabilities. Which of the following is the developer performing when testing the application?

 

A.

Black box testing

B.

White box testing

C.

Gray box testing

D.

Design review

 

Correct Answer: C

 

Free VCE & PDF File for CompTIA SY0-401 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.