Ensurepass

QUESTION 341

Pete, a developer, writes an application. Jane, the security analyst, knows some things about the overall application but does not have all the details. Jane needs to review the software before it is released to production. Which of the following reviews should Jane conduct?

 

A.

Gray Box Testing

B.

Black Box Testing

C.

Business Impact Analysis

D.

White Box Testing

 

Correct Answer: A

 

 

QUESTION 342

The information security team does a presentation on social media and advises the participants not to provide too much personal information on social media web sites. This advice would BEST protect people from which of the following?

 

A.

Rainbow tables attacks

B.

Brute force attacks

C.

Birthday attacks

D.

Cognitive passwords attacks

 

Correct Answer: D

 

 

QUESTION 343

Pete’s corporation has outsourced help desk services to a large provider. Management has published a procedure that requires all users, when receiving support, to call a special number. Users then need to enter the code provided to them by the help desk technician prior to allowing the technician to work on their PC. Which of the following does this procedure prevent?

< b> 

A.

Collusion

B.

Impersonation

C.

Pharming

D.

Transitive Access

 

Correct Answer: B

 

 

QUESTION 344

Pete, the security engineer, would like to prevent wireless attacks on his network. Pete has implemented a security control to limit the connecting MAC addresses to a single port. Which of the following wireless attacks would this address?

 

A.

Interference

B.

Man-in-the-middle

C.

ARP poisoning

D.

Rogue access point

 

Correct Answer: D

 

 

QUESTION 345

Which of the following can be implemented with multiple bit strength?

 

A.

AES

B.

DES

C.

SHA-1

D.

MD5

E.

MD4

 

Correct Answer: A

 

 

QUESTION 346

Pete, the system administrator, has blocked users from accessing social media web sites. In addition to protecting company information from being accidentally leaked, which additional security benefit does this provide?

 

A.

No competition with the company’s official social presence

B.

Protection against malware introduced by banner ads

C.

Increased user productivity based upon fewer distractions

D.

Elimination of risks caused by unauthorized P2P file sharing

 

Correct Answer: B

 

 

QUESTION 347

Pete, the system administrator, is reviewing his disaster recovery plans. He wishes to limit the downtime in the event of a disaster, but does not have the budget approval to implement or maintain an offsite location that ensures 99.99% availability. Which of the following would be Pete’s BEST option?

 

A.

Use hardware already at an offsite location and configure it to be quickly utilized.

B.

Move the servers and data to another part of the company’s main campus from the server room.

C.

Retain data back-ups on the main campus and establish redundant servers in a virtual environment.

D.

Move the data back-ups to the offsite location, but retain the hardware on the main campus for redundancy.

 

Correct Answer: A

 

 

 

 

 

 

 

QUESTION 348

A network stream needs to be encrypted. Sara, the network administrator, has selected a cipher which will encrypt 8 bits at a time before sending the data across the network. Which of the following has Sara selected?

 

A.

Block cipher

B.

Stream cipher

C.

CRC

D.

Hashing algorithm

 

Correct Answer: A

 

 

QUESTION 349

Which of the following is the BEST approach to perform risk mitigation of user access control rights?

 

A.

Conduct surveys and rank the results.

B.

Perform routine user permission reviews.

C.

Implement periodic vulnerability scanning.

D.

Disable user accounts that have not been used within the last two weeks.

 

Correct Answer: B

 

 

QUESTION 350

Which of the following devices is BEST suited for servers that need to store private keys?

 

A.

Hardware security module< /font>

B.

Hardened network firewall

C.

Solid state disk drive

D.

Hardened host firewall

 

Correct Answer: A

 

Free VCE & PDF File for CompTIA SY0-401 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.