Ensurepass

QUESTION 1

Which of the following is the BEST filtering device capable of stateful packet inspection?

A. Switch

B. Protocol analyzer

C. Firewall

D. Router

Correct Answer: C

QUESTION 2

An employee 痵 workstation is connected to the corporate LAN. Due to content filtering restrictions, the

employee attaches a 3G Internet dongle to get to websites that are blocked by the corporate gateway. Which of the following BEST describes a security implication of this practice.?

A. A corporate LAN connection and a 3G Internet connection are acceptable if a host firewall is installed.

B. The security policy should be updated to state that corporate computer equipment should be dual- homed.

C. Content filtering should be disabled because it may prevent access to legitimate sites.

D. Network bridging must be avoided, otherwise it may join two networks of different classifications.

Correct Answer: D


QUESTION 3

In order to provide flexible working conditions, a company has decided to allow some employees remote access into corporate headquarters.

Which of the following security technologies could be used to provide remote access? (Select TWO).

A. Subnetting

B. NAT

C. Firewall

D. NAC

E. VPN

Correct Answer: CE


QUESTION 4

If a security issue is resolved, which of the following risk management strategies was used?

A. Deterrence

B. Acceptance

C. Mitigation

D. Avoidance

Correct Answer: C


QUESTION 5

Which of the following is the BEST approach to perform risk mitigation of user access control rights?

A. Conduct surveys and rank the results.

B. Perform routine user permission reviews.

C. Implement periodic vulnerability scanning.

D. Disable user accounts that have not been used within the last two weeks.

Correct Answer: B

Used in conjunction, which of the following are PII? (Select TWO).

A. Marital status

B. Favorite movie 2 / 78

The safer , easier way to help you pass any IT exams.

C. Pet 痵 name

D. Birthday E. Full name

Correct Answer: D


QUESTION 7

In a disaster recovery situation, operations are to be moved to an alternate site. Computers and network connectivity are already present; however, production backups are several days out-ofdate.

Which of the following site types is being described?

A. Cold site

B. High availability site

C. Warm site

D. Hot site

Correct Answer: C


QUESTION 8

Which of the following malware types is an antivirus scanner MOST unlikely to discover? (Select TWO).

A. Trojan

B. Pharming

C. Worms

D. Virus

E. Logic bomb

Correct Answer: BE


QUESTION 9

Which of the following threats corresponds with an attacker targeting specific employees of a company?

A. Spear phishing

B. Phishing

C. Pharming

D. Man-in-the-middle

Correct Answer: A


QUESTION 10

Which of the following attacks would password masking help mitigate?

A. Shoulder surfing

B. Brute force

C. Tailgating

D. Impersonation

Correct Answer: A


QUESTION 11

If cookies with non-random sequence numbers are issued upon authentication, which of the following attack types can occur?

A. Directory traversal

B. Session hijacking

C. Cross-site scripting

D. SQL injection

Correct Answer: B


QUESTION 12

Two systems are being designed. System A has a high availability requirement. System B has a high

3 / 78

The safer , easier way to help you pass any IT exams.

security requirement with less emphasis on system uptime. Which of the following configurations BEST fits the need for each system?

A. System A fails open. System B fails closed.

B. System A and System B both fail closed.

C. System A and System B both fail open.

D. System A fails closed. System B fails open.

Correct Answer: A


QUESTION 13

An existing application has never been assessed from a security perspective. Which of the following is the BEST assessment technique in order to identify the application 痵 security posture?

A. Baseline reporting

B. Protocol analysis

C. Threat modeling

D. Functional testing

Correct Answer: A


QUESTION 14

A security firm has been engaged to assess a software application. A production-like test environment, login details, production documentation and source code have been provided. Which of the following types of testing is being described?

A. White box

B. Gray box

C. Black box

D. Red teaming

Correct Answer: A


QUESTION 15

A user has forgotten their account password.

Which of the following is the BEST recovery strategy?

A. Upgrade the authentication system to use biometrics instead.

B. Temporarily disable password complexity requirements.

C. Set a temporary password that expires upon first use.

D. Retrieve the user password from the credentials database.

Correct Answer: C

All of the following are valid cryptographic hash functions EXCEPT:

A. RIPEMD.

B. RC4.

C. SHA-512.

D. MD4.

Correct Answer: B


QUESTION 17

When a certificate issuer is not recognized by a web browser, which of the following is the MOST common reason?

A. Lack of key escrow 4 / 78

The safer , easier way to help you pass any IT exams.

B. Self-signed certificate

C. Weak certificate pass-phrase

D. Weak certificate cipher

Correct Answer: B


QUESTION 18

Which of the following PKI components identifies certificates that can no longer be trusted?

A. CRL

B. CA public key

C. Escrow

D. Recovery agent

Correct Answer: A


QUESTION 19

Which of the following can prevent an unauthorized person from accessing the network by plugging into an open network jack?

A. 802.1x

B. DHCP C. 802.1q

D. NIPS

Correct Answer: A


QUESTION 20

MAC filtering is a form of which of the following?

A. Virtualization

B. Network Access Control

C. Virtual Private Networking

D. Network Address Translation

Correct Answer: B


Download Latest SY0-301 Real Free Tests , help you to pass exam 100%.

Comments are closed.