Ensurepass

QUESTION 931

Without validating user input, an application becomes vulnerable to all of the following EXCEPT:

 

A.

Buffer overflow.

B.

Command injection.

C.

Spear phishing.

D.

SQL injection.

 

Correct Answer: C

 

 

QUESTION 932

To protect corporate data on removable media, a security policy should mandate that all removable devices use which
of the following?

 

A.

Full disk encryption

B.

Application isolation

C.

Digital rights management

D.

Data execution prevention

 

Correct Answer: A

 

 

QUESTION 933

Which of the following wireless security technologies continuously supplies new keys for WEP?

 

A.

TKIP

B.

Mac filtering

C.

WPA2

D.

WPA

 

Correct Answer: A

 

 

QUESTION 934

Which of the following malware types is MOST likely to execute its payload after Jane, an employee, has left the company?

 

A.

Rootkit

B.

Logic bomb

C.

Worm

D.

Botnet

 

Correct Answer: B

 

 

QUESTION 935

Which of the following application security principles involves inputting random data into a program?

 

A.

Brute force attack

B.

Sniffing

C.

Fuzzing

D.

Buffer overflow

 

Correct Answer: C

 

 

QUESTION 936

Which of the following is an important step in the initial stages of deploying a host-based firewall?

 

A.

Selecting identification versus authentication

B.

Determining the list of exceptions

C.

Choosing an encryption algorithm

D.

Setting time of day restrictions

 

Correct Answer: B

 

 

QUESTION 937

Identifying a list of all approved software on a system is a step in which of the following practices?

 

A.

Passively testing security controls

B.

Application hardening

C.

Host software baselining

D.

Client-side targeting

 

Correct Answer: C

 

 

QUESTION 938

Which of the following BEST describes using a smart card and typing in a PIN to gain access to a system?

 

A.

Biometrics

B.

PKI

C.

Single factor authentication

D.

Multifactor authentication

 

Correct Answer: D

 

 

QUESTION 939

An administrator has advised against the use of Bluetooth phones due to bluesnarfing concerns. Which of the following is an example of this threat?

 

A.

An attacker using the phone remotely for spoofing other phone numbers

B.

Unauthorized intrusions into the phone to access data

C.

The Bluetooth enabled phone causing signal interference with the network

D.

An attacker using exploits that allow the phone to be disabled

 

Correct Answer: B

 

 

 

 

QUESTION 940

Which of the following is the difference between identification and authentication of a user?

 

A.

Identification tells who the user is and authentication tells whether the user is allowed to logon to a system.

B.

Identification tells who the user is and authentication proves it.

C.

Identification proves who the user is and authentication is used to keep the users data secure.

D.

Identification proves who the user is and authentication tells the user what they are allowed to do.

 

Correct Answer: B

 

Free VCE & PDF File for CompTIA SY0-401 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.