Ensurepass

QUESTION 471

Purchasing receives an automated phone call from a bank asking to input and verify credit card information. The phone number displayed on the caller ID matches the bank. Which of the following attack types is this?

 

A.

Hoax

B.

Phishing

C.

Vishing

D.

Whaling

 

Correct Answer: C

 

 

QUESTION 472

The IT department has setup a websi
te with a series of questions to allow end users to reset their own accounts. Which of the following account management practices does this help?

 

A.

Account Disablements

B.

Password Expiration

C.

Password Complexity

D.

Password Recovery

 

Correct Answer: D

 

 

QUESTION 473

An information bank has been established to store contacts, phone numbers and other records. A UNIX application needs to connect to the index server using port 389. Which of the following authentication services should be used on this port by default?

 

A.

RADIUS

B.

Kerberos

C.

TACACS+

D.

LDAP

 

Correct Answer: D

QUESTION 474

An internal auditor is concerned with privilege creep that is associated with transfers inside the company. Which mitigation measure would detect and correct this?

 

A.

User rights reviews

B.

Least privilege and job rotation

C.

Change management

D.

Change Control

 

Correct Answer: A

 

 

QUESTION 475

Which of the following is the default port for TFTP?

 

A.

20

B.

69

C.

21

D.

68

 

Correct Answer: B

 

 

QUESTION 476

Which of the following concepts are included on the three sides of the “security triangle”? (Select THREE).

 

A.

Confidentiality

B.

Availability

C.

Integrity

D.

Authorization

E.

Authentication

F.

Continuity

 

Correct Answer: ABC

 

 

QUESTION 477

Which of the following concepts allows an organization to group large numbers of servers together in order to deliver a common service?

 

A.

Clustering

B.

RAID

C.

Backup Redundancy

D.

Cold site

 

Correct Answer: A

 

 

 

 

 

 

QUESTION 478

Which of the following security concepts identifies input variables which are then used to perform boundary testing?

 

A.

Application baseline

B.

Application hardening

C.

Secure coding

D.

Fuzzing

 

Correct Answer: D

 

 

QUESTION 479

Users need to exchange a shared secret to begin communicating securely. Which of the following is another name for this symmetric key?

 

A.

Session Key

B.

Public Key

C.

Private Key

D.

Digital Signature

 

Correct Answer: A

 

 

QUESTION 480

Which of the following cryptographic related browser settings allows an organization to communicate securely?

 

C.

A.

SSL 3.0/TLS 1.0

B.

3DES

Trusted Sites

D.

HMAC

 

Correct Answer: A

 

Free VCE & PDF File for CompTIA SY0-401 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.