Ensurepass

QUESTION 1051

A system administrator is setting up a file transfer server. The goal is to encrypt the user authentication and the files the user is sending using only a user ID and a key pair. Which of the following methods would achieve this goal?

 

A.

AES

B.

IPSec

C.

PGP

D.

SSH

 

Correct Answer: D

 

 

QUESTION 1052

An administrator was aske
d to review user accounts. Which of the following has the potential to cause the MOST amount of damage if the account was compromised?

 

A.

A password that has not changed in 180 days

B.

A single account shared by multiple users

C.

A user account with administrative rights

D.

An account that has not been logged into since creation

 

Correct Answer: C

 

 

QUESTION 1053

Failure to validate the size of a variable before writing it to memory could result in which of the following application attacks?

 

A.

Malicious logic

B.

Cross-site scripting

C.

SQL injection

D.

Buffer overflow

 

Correct Answer: D

 

 

QUESTION 1054

A Human Resources user is issued a virtual desktop typically assigned to Accounting employees. A system administrator wants to disable certain services and remove the local accounting groups installed by default on this virtual machine. The system administrator is adhering to which of the following security best practices?

 

A.

Black listing applications

B.

Operating System hardening

C.

Mandatory Access Control

D.

Patch Management

 

Correct Answer: B

 

 

QUESTION 1055

A business has set up a Customer Service kiosk within a shopping mall. The location will be staffed by an employee using a laptop during the mall business hours, but there are still concerns regarding the physical safety of the equipment while it is not in use. Which of the following controls would BEST address this security concern?

 

A.

Host-based firewall

B.

Cable locks

C.

Locking cabinets

D.

Surveillance video

 

Correct Answer: C

 

 

 

QUESTION 1056

A security administrator wants to implement a solution which will allow some applications to run under the user’s home directory and only have access to files stored within the same user’s folder, while other applications have access to shared folders. Which of the following BEST addresses these requirements if the environment is concurrently shared by multiple users?

 

A.

OS Virtualization

B.

Trusted OS

C.

Process sandboxing

D.

File permission

 

Correct Answer: C

 

 

QUESTION 1057

A security technician would like to obscure sensitive data within a file so that it can be transferred without causing suspicion. Which of the following technologies would BEST be suited to accomplish this?

 

A.

Transport Encryption

B.

Stream Encryption

C.

Digital Signature

D.

Steganography

 

Correct Answer: D

 

 

QUESTION 1058

Which of the following should a company implement to BEST mitigate from zero-day malicious code executing on employees’ computers?

 

A.

Least privilege accounts

B.

Host-based firewalls

C.

Intrusion Detection Systems

D.

Application white listing

 

Correct Answer: D

 

 

QUESTION 1059

A company is concerned that a compromised certificate may result in a man-in-the-middle attack against backend financial servers. In order to minimize the amount of time a compromised certificate would be accepted by other servers, the company decides to add another validation step to SSL/TLS connections. Which of the following technologies provides the FASTEST revocation capability?

 

A.

Online Certificate Status Protocol (OCSP)

B.

Public Key Cryptography (PKI)

C.

Certificate Revocation Lists (CRL)

D.

Intermediate Certificate Authority (CA)

 

Correct Answer: A

 

QUESTION 1060

Joe, a user, wants to protect sensitive information stored on his hard drive. He uses a program that encrypted the whole hard drive. Once the hard drive is fully encrypted, he uses the same program to create a hidden volume within the encrypted hard drive and stores the sensitive information within the hidden volume. This is an example of which of the following? (Select TWO).

 

A.

Multi-pass encryption

B.

Transport encryption

C.

Plausible deniability

D.

Steganography

E.

Transitive encryption

F.

Trust models

 

Correct Answer: CD

 

Free VCE & PDF File for CompTIA SY0-401 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.