Ensurepass

QUESTION 1

An achievement in providing worldwide Internet security was the signing of certificates associated with which of the following protocols?

 

A.

TCP/IP

B.

SSL

C.

SCP

D.

SSH

 

Correct Answer: B

 

 

QUESTION 2

A Chief Information Security Officer (CISO) wants to implement two-factor authentication within the company. Which of the follo
wing would fulfill the CISO’s requirements?

 

A.

Username and password

B.

Retina scan and fingerprint scan

C.

USB token and PIN

D.

Proximity badge and token

 

Correct Answer: C

 

 

QUESTION 3

Which of the following can a security administrator implement on mobile devices that will help prevent unwanted people from viewing the data if the device is left unattended?

 

A.

Screen lock

B.

Voice encryption

C.

GPS tracking

D.

Device encryption

 

Correct Answer: A

 

 

QUESTION 4

Which of the following would a security administrator implement in order to identify a problem between two systems that are not communicating properly?

 

A.

Protocol analyzer

B.

Baseline report

C.

Risk assessment

D.

Vulnerability scan

 

Correct Answer: A

 

 

QUESTION 5

Which of the following can result in significant administrative overhead from incorrect reporting?

 

A.

Job rotation

B.

Acceptable usage policies

C.

False positives

D.

Mandatory vacations

 

Correct Answer: C

 

 

QUESTION 6

A security administrator wants to perform routine tests on the network during working hours when certain applications are being accessed by the most people. Which of the following would allow the security administrator to test the lack of security controls for those applications with the least impact to the system?

 

A.

Penetration test

B.

Vulnerability scan

C.

Load testing

D.

Port scanner

 

Correct Answer: B

 

 

QUESTION 7

Which of the following risk concepts requires an organization to determine the number of failures per year?

 

A.

SLE

B.

ALE

C.

MTBF

D.

Quantitative analysis

 

Correct Answer: B

 

 

QUESTION 8

A system security analyst using an enterprise monitoring tool notices an unknown internal host exfiltrating files to several foreign IP addresses. Which of the following would be an appropriate mitigation technique?

 

A.

Disabling unnecessary accounts

B.

Rogue machine detection

C.

Encrypting sensitive files

D.

Implementing antivirus

 

Correct Answer: B

 

 

QUESTION 9

Three of the primary security control types that can be implemented are.

 

A.

Supervisory, subordinate, and peer.

B.

Personal, procedural, and legal.

C.

Operational, technical, and management.

D.

Mandatory, discretionary, and permanent.

 

Correct Answer: C

 

 

QUESTION 10

The helpdesk reports increased calls from clients reporting spikes in malware infections on their systems. Which of the following phases of incident response is MOST appropriate as a FIRST response?

 

A.

Recovery

B.

Follow-up

C.

Validation

D.

Identification

E.

Eradication

F.

Containment

 

Correct Answer: D

 

Free VCE & PDF File for CompTIA SY0-401 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.