Ensurepass

QUESTION 631

Recent data loss on financial servers due to security breaches forced the system administrator to harden their systems. Which of the following algorithms with transport encryption would be implemented to provide the MOST secure web connections to manage and access these servers?

 

A.

SSL

B.

TLS

C.

HTTP

D.

FTP

 

Correct Answer: B

 

 

QUESTION 632

Which of the following provides a static record of all certificates that are no longer valid?

 

A.

Private key

B.

Recovery agent

C.

CRLs

D.

CA

 

Correct Answer: C

 

 

QUESTION 633

A company requires that a user’s credentials include providing something they know and something they are in order to gain access to the network. Which of the following types of authentication is being described?

 

A.

Biometrics

B.

Kerberos

C.

Token

D.

Two-factor

 

Correct Answer: D

 

 

QUESTION 634

A company wants to ensure that all credentials for various systems are saved within a central database so that users only have to login once for access to all systems. Which of the following would accomplish this?

 

A.

Multi-factor authentication

B.

Smart card access

C.

Same Sign-On

D.

Single Sign-On

 

Correct Answer: D

 

 

 

 

QUESTION 635

Physical documents must be incinerated after a set retention period is reached. Which of the following attacks does this action remediate?

 

A.

Shoulder Surfing

B.

Dumpster Diving

C.

Phishing

D.

Impersonation

 

Correct Answer: B

 

 

QUESTION 636

All executive officers have changed their monitor location so it cannot be easily viewed when passing by their offices. Which of the following attacks does this action remediate?

 

A.

Dumpster Diving

B.

Impersonation

C.

Shoulder Surfing

D.

Whaling

 

Correct Answer: C

 

 

QUESTION 637

Which of the following protocols is vulnerable to man-in-the-middle attacks by NOT using end to end TLS encryption?

 

A.

HTTPS

B.

WEP

C.

WPA

D.

WPA 2

 

Correct Answer: B

 

 

QUESTION 638

A security administrator has been tasked with setting up a new internal wireless network that must use end to end TLS. Which of the following may be used to meet this objective?

 

A.

WPA

B.

HTTPS

C.

WEP

D.

WPA 2

 

Correct Answer: D

 

 

 

 

 

 

 

QUESTION 639

A server administrator notes that a legacy application often stops running due to a memory error. When reviewing the debugging logs, they notice code being run calling an internal process to exploit the machine. Which of the following attacks does this describe?

 

A.

Zero-day

B.

Buffer overflow

C.

Cross site scripting

D.

Malicious add-on

 

Correct Answer: B

 

 

QUESTION 640

Key cards at a bank are not tied to individuals, but rather to organizational roles. After a break in, it becomes apparent that extra efforts must be taken to successfully pinpoint who exactly enters secure areas. Which of the following security measures can be put in place to mitigate the issue until a new key card system can be installed?

 

A.

Bollards

B.

Video surveillance

C.

Proximity readers

D.

Fencing

 

Correct Answer: B

 

Free VCE & PDF File for CompTIA SY0-401 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.