Ensurepass

QUESTION 681

Which of the following practices reduces the management burden of access management?

 

A.

Password complexity policies

B.

User account audit

C.

Log analysis and review

D.

Group based privileges

 

Correct Answer: D

 

 

QUESTION 682

Which of the following helps to apply the proper security controls to information?

 

A.

Data classification

B.

Deduplication

C.

Clean desk policy

D.

Encryption

 

Correct Answer: A

 

 

QUESTION 683

Which of the following describes purposefully injecting extra input during testing, possibly causing an application to crash?

 

A.

Input validation

B.

Exception handling

C.

Application hardening

D.

Fuzzing

 

Correct Answer: D

 

 

QUESTION 684

Which of the following types of security services are used to support authentication for remote users and devices?

 

A.

Biometrics

B.

HSM

C.

RADIUS

D.

TACACS

 

Correct Answer: C

 

 

QUESTION 685

A Chief Information Security Officer (CISO) is tasked with outsourcing the analysis of security logs. These will need to still be reviewed on a regular basis to ensure the security of the company has not been breached. Which of the following cloud service options would support this requirement?

 

A.

SaaS

B.

MaaS

C.

IaaS

D.

PaaS

 

Correct Answer: B

 

 

QUESTION 686

A security administrator needs a locally stored record to remove the certificates of a terminated employee. Which of the following describes a service that could meet these requirements?

 

A.

OCSP

B.

PKI< /span>

C.

CA

D.

CRL

 

Correct Answer: D

 

 

QUESTION 687

A security analyst informs the Chief Executive Officer (CEO) that a security breach has just occurred. This results in the Risk Manager and Chief Information Officer (CIO) being caught unaware when the CEO asks for further information. Which of the following strategies should be implemented to ensure the Risk Manager and CIO are not caught unaware in the future?

 

A.

Procedure and policy management

B.

Chain of custody management

C.

Change management

D.

Incident management

 

Correct Answer: D

 

 

QUESTION 688

Which of the following relies on the use of shared secrets to protect communication?

 

A.

RADIUS

B.

Kerberos

C.

PKI

D.

LDAP

 

Correct Answer: A

 

 

QUESTION 689

A security administrator wants to test the reliability of an application which accepts user provided parameters. The administrator is concerned with data integrity and availability. Which of the following should be implemented to accomplish this task?

 

A.

Secure coding

B.

Fuzzing

C.

Exception handling

D.

Input validation

 

Correct Answer: B

 

 

QUESTION 690

Which of the following concepts is a term that directly relates to customer privacy considerations?

 

A.

Data handling policies

B.

Personally identifiable information

C.

Information classification

D.

Clean desk policies

 

Correct Answer: B

 

Free VCE & PDF File for CompTIA SY0-401 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.