Ensurepass

QUESTION 1121

Which of the following would be MOST appropriate if an organization’s requirements mandate complete control over the data and applications stored in the cloud?

 

A.

Hybrid cloud

B.

Community cloud

C.

Private cloud

D.

Public cloud

 

Correct Answer: C

 

 

QUESTION 1122

Joe, the information security manager, is tasked with calculat
ing risk and selecting controls to protect a new system. He has identified people, environmental conditions, and events that could affect the new system. Which of the following does he need to estimate NEXT in order to complete his risk calculations?

 

A.

Vulnerabilities

B.

Risk

C.

Likelihood

D.

Threats

 

Correct Answer: A

 

 

QUESTION 1123

The data security manager is notified that a client will be sending encrypted information on optical discs for import into the company database. Once imported, the information is backed up and the discs are no longer needed. Following the import, which of the following is the BEST action for the manager to take?

 

A.

Wipe the discs and place into inventory for future use

B.

Send the discs back to the client

C.

Contract with a third party to shred the discs

D.

Instruct employees to store the discs in a secure area

 

Correct Answer: B

 

 

QUESTION 1124

A network administrator identifies sensitive files being transferred from a workstation in the LAN to an unauthorized outside IP address in a foreign country. An investigation determines that the firewall has not been altered, and antivirus is up-to-date on the workstation. Which of the following is the MOST likely reason for the incident?

 

A.

MAC Spoofing

B.

Session Hijacking

C.

Impersonation

D.

Zero-day

 

Correct Answer: D

 

QUESTION 1125

Which of the following represents a cryptographic solution where the encrypted stream cannot be captured by a sniffer without the integrity of the stream being compromised?

 

A.

Elliptic curve cryptography.

B.

Perfect forward secrecy.

C.

Steganography.

D.

Quantum cryptography.

 

Correct Answer: D

 

 

QUESTION 1126

A security administrator must implement a network that is immune to ARP spoofing attacks. Which of the following should be implemented to ensure that a malicious insider will not be able to successfully use ARP spoofing techniques?

 

A.

UDP

B.

IPv6

C.

IPSec

D.

VPN

 

Correct Answer: B

 

 

QUESTION 1127

After working on his doctoral dissertation for two years, Joe, a user, is unable to open his dissertation file. The screen shows a warning that the dissertation file is corrupted because it is infected with a backdoor, and can only be recovered by upgrading the antivirus software from the free version to the commercial version. Which of the following types of malware is the laptop MOST likely infected with?

 

A.

Ransomware

B.

Trojan

C.

Backdoor

D.

Armored virus

 

Correct Answer: A

 

 

QUESTION 1128

An employee connects a wireless access point to the only jack in the conference room to provide Internet access during a meeting. The access point is configured to use WPA2-TKIP. A malicious user is able to intercept clear text HTTP communication between the meeting attendees and the Internet. Which of the following is the reason the malicious user is able to intercept and see the clear text communication?

 

A.

The malicious user has access to the WPA2-TKIP key.

B.

The wireless access point is broadcasting the SSID.

C.

The malicious user is able to capture the wired communication.

D.

The meeting attendees are using unencrypted hard drives.

 

Correct Answer: C

QUESTION 1129

A technician wants to securely collect network device configurations and statistics through a scheduled and automated process. Which of the following should be implemented if configuration integrity is most important and a credential compromise should not allow interactive logons?

 

A.

SNMPv3

B.

TFTP

C.

SSH

D.

TLS

 

Correct Answer: A

 

 

QUESTION 1130

Which of the following password attacks is MOST likely to crack the largest number of randomly generated passwords?

 

A.

Hybrid

B.

Birthday attack

C.

Dictionary

D.

Rainbow tables

 

Correct Answer: D

 

Free VCE & PDF File for CompTIA SY0-401 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.