Ensurepass

QUESTION 1091

While securing a network it is decided to allow active FTP connections into the network. Which of the following ports MUST be configured to allow active FTP connections? (Select TWO).

 

A.

20

B.

21

C.

22

D.

68

E.

69

 

Correct Answer: AB

 

 

QUESTION 1092

An administrator needs to secure a wireless network and restrict access based on the hardware address of the device. Which of the following solutions should be implemented?

 

A.

Use a stateful firewall

B.

Enable MAC filtering

C.

Upgrade to WPA2 encryption

D.

Force the WAP to use channel 1

 

Correct Answer: B

 

 

QUESTION 1093

Which of the following helps to establish an accurate timeline for a network intrusion?

 

A.

Hashing images of compromised systems

B.

Reviewing the date of the antivirus definition files

C.

Analyzing network traffic and device logs

D.

Enforcing DLP controls at the perimeter

 

Correct Answer: C

 

 

QUESTION 1094

A security administrator must implement a firewall rule to allow remote employees to VPN onto the company network. The VPN concentrator implements SSL VPN over the standard HTTPS port. Which of the following is the MOST secure ACL to implement at the company’s gateway firewall?

 

A.

PERMIT TCP FROM ANY 443 TO 199.70.5.25 443

B.

PERMIT TCP FROM ANY ANY TO 199.70.5.23 ANY

C.

PERMIT TCP FROM 199.70.5.23 ANY TO ANY ANY

D.

PERMIT TCP FROM ANY 1024-65535 TO 199.70.5.23 443

 

Correct Answer: D

 

 

 

 

 

QUESTION 1095

A user has plugged in a wireless router from home with default configurations into a network jack at the office. This is known as:

 

A.

an evil twin.

B.

an IV attack.

C.

a rogue access point.

D.

an unauthorized entry point.

 

Correct Answer: C

 

 

QUESTION 1096

When confidentiality is the primary concern, and a secure channel for key exchange is not available, which of the following should be used for transmitting company documents?

 

A.

Digital Signature

B.

Symmetric

C.

Asymmetric

D.

Hashing

 

Correct Answer: C

 

 

QUESTION 1097

It is MOST important to make sure that the firewall is configured to do which of the following?

 

A.

Alert management of a possible intrusion.

B.

Deny all traffic and only permit by exception.

C.

Deny all traffic based on known signatures.

D.

Alert the administrator of a possible intrusion.

 

Correct Answer: B

 

 

QUESTION 1098

An administrator needs to secure RADIUS traffic between two servers. Which of the following is the BEST solution?

 

A.

Require IPSec with AH between the servers< /p>

B.

Require the message-authenticator attribute for each message

C.

Use MSCHAPv2 with MPPE instead of PAP

D.

Require a long and complex shared secret for the servers

 

Correct Answer: A

 

 

QUESTION 1099

A recent audit has revealed weaknesses in the process of deploying new servers and network devices. Which of the following practices could be used to increase the security posture during deployment? (Select TWO).

 

A.

Deploy a honeypot

B.

Disable unnecessary services

C.

Change default passwords

D.

Implement an application firewall

E.

Penetration testing

 

Correct Answer: BC

 

 

QUESTION 1100

Ann, the Chief Information Officer (CIO) of a company, sees cloud computing as a way to save money while providing valuable services. She is looking for a cost-effective solution to assist in capacity planning as well as visibility into the performance of the network. Which of the following cloud technologies should she look into?

 

A.

IaaS

B.

MaaS

C.

SaaS

D.

PaaS

 

Correct Answer: B

 

Free VCE & PDF File for CompTIA SY0-401 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.