Ensurepass

QUESTION 701

One of the most basic ways to protect the confidentiality of data on a laptop in the event the device is physically stolen is to implement which of the following?

 

A.

File level encryption with alphanumeric passwords

B.

Biometric authentication and cloud storage

C.

Whole disk encryption with two-factor authentication

D.

BIOS passwords and two-factor authentication

 

Correct Answer: C

 

 

QUESTION 702

Users report that after downloading several applications, their systems’ performance has noticeably decreased. Which of the following would be used to validate programs prior to installing them?

 

A.

Whole disk encryption

B.

SSH

C.

Telnet

D.

MD5

 

Correct Answer: D

 

 

QUESTION 703

A malicious user is sniffing a busy encrypted wireless network waiting for an authorized client to connect to it. Only after an authorized client has connected and the hacker was able to capture the client handshake with the AP can the hacker begin a brute force attack to discover the encryption key. Which of the following attacks is taking place?

 

A.

IV attack

B.

WEP cracking

C.

WPA cracking

D.

Rogue AP

 

Correct Answer: C

 

 

QUESTION 704

Which of the following protocols is used by IPv6 for MAC address resolution?

 

A.

NDP

B.

ARP

C.

DNS

D.

NCP

 

Correct Answer: A

 

 

 

 

 

QUESTION 705

Which of the following provides dedicated hardware-based cryptographic functions to an operating system and its applications running on laptops and desktops?

 

A.

TPM

B.

HSM

C.

CPU

D.

FPU

 

Correct Answer: A

 

 

QUESTION 706

Which of the following tests a number of security controls in the least invasive manner?

 

A.

Vuln
erability scan

B.

Threat assessment

C.

Penetration test

D.

Ping sweep

 

Correct Answer: A

 

 

QUESTION 707

When using PGP, which of the following should the end user protect from compromise? (Select TWO).

 

A.

Private key

B.

CRL details

C.

Public key

D.

Key password

E.

Key escrow

F.

Recovery agent

 

Correct Answer: AD

 

 

QUESTION 708

Which of the following disaster recovery strategies has the highest cost and shortest recovery time?

 

A.

Warm site

B.

Hot site

C.

Cold site

D.

Co-location site

 

Correct Answer: B

 

 

 

 

 

 

QUESTION 709

In the case of a major outage or business interruption, the security office has documented the expected loss of earnings, potential fines and potential consequence to customer service. Which of the following would include the MOST detail on these objectives?

 

A.

Business Impact Analysis

B.

IT Contingency Plan

C.

Disaster Recovery Plan

D.

Continuity of Operations

 

Correct Answer: A

 

 

QUESTION 710

After visiting a website, a user receives an email thanking them for a purchase which they did not request. Upon investigation the security administrator sees the following source code in a pop-up window:

 

<HTML>

 

<body onload=”document.getElementByID(‘badForm’).submit()”>

 

<form id=”badForm” action=”shoppingsite.company.com/purchase.php” method=”post”

 

<input name=”Perform Purchase” value=”Perform Purchase” />

 

</form></body></HTML>

 

Which of the following has MOST likely occurred?

 

A.

SQL injection

B.

Cookie stealing

C.

XSRF

D.

XSS

 

Correct Answer: C

 

Free VCE & PDF File for CompTIA SY0-401 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.