Ensurepass

QUESTION 101

Matt, an administrator, notices a flood fragmented packet and retransmits from an email server. After disabling the TCP offload setting on the NIC, Matt sees normal traffic with packets flowing in sequence again.

Which of the following utilities was he MOST likely using to view this issue?

A. Spam filter

B. Protocol analyzer

C. Web application firewall

D. Load balancer

Correct Answer: B


QUESTION 102

Which of the following devices can be used to terminate remote user 痵 established SSL or IPSec tunnels?

(Select TWO).

A. NIDS

B. HIPS

C. VPN concentrator

D. Hub

E. Firewall

Correct Answer: CE


QUESTION 103

Jane, a user, brings in a laptop from home and gets certificate warnings when connecting to corporate intranet sites. These warnings do not occur when using any of the companies’ workstations.

Which of the following is MOST likely the issue?

A. The laptop needs to VPN to bypass the NAC.

B. The corporate intranet servers do not trust the laptop.

C. The laptop’s CRL enrollment has expired.

D. The user’s certificate store does not trust the CA.

Correct Answer: D


QUESTION 104

Which of the following mitigates the loss of a private key in PKI? (Select TWO).

A. Certificate reissue

B. Key rotation

C. Key escrow

D. Auto enrollment

E. Recovery agent

Correct Answer: CE


QUESTION 105

Which of the following specifications would Sara, an administrator, implement as a network access

20 / 78

The safer , easier way to help you pass any IT exams.

control? A. 802.1q

B. 802.3 C. 802.11n D. 802.1x

Correct Answer: D


QUESTION 106

Which of the following malware types propagates automatically, does not typically hide, requires user interaction, and displays marketing ads?

A. Logic bombs

B. Rootkits

C. Spyware

D. Worms

Correct Answer: D


QUESTION 107

Which of the following malware types typically disguises itself within another piece of software, requires user interaction, and does not execute on a specific date?

A. Logic Bomb

B. Trojan

C. Worm

D. Botnet

Correct Answer: B


QUESTION 108

Which of the following is MOST commonly identified as an ARP spoofing attack where no email is sent, and flags within the TCP packet are irrelevant?

A. Xmas attack

B. Spam attack

C. Man-in-the-middle attack

D. DDoS attack

Correct Answer: C


QUESTION 109

Which of the following is characterized by an attacker attempting to map out an organization 痵 staff

hierarchy in order to send targeted emails?

A. Whaling

B. Impersonation

C. Privilege escalation

D. Spear phishing

Correct Answer: A


QUESTION 110

Which of the following is an attack where Pete spreads USB thumb drives throughout a bank 痵 parking lot

in order to have malware installed on the banking systems?

A. Tailgating

B. Replay attack

C. Virus

21 / 78

The safer , easier way to help you pass any IT exams.

D. Social engineering

Correct Answer: D


QUESTION 111

Which of the following attacks significantly relies on staff members wanting to be helpful and supportive of each other?

A. Spoofing

B. Tailgating

C. Dumpster diving

D. Xmas attack

Correct Answer: B


QUESTION 112

Which of the following is an attacker attempting to discover open wireless access points?

A. War driving

B. Packet sniffing

C. War chalking

D. Initialization vector

Correct Answer: A


QUESTION 113

Which of the following protocols provides Pete, an administrator, with the HIGHEST level of security for device traps?

A. ICMP

B. SNMPv3

C. SSH

D. IPSec

Correct Answer: B


QUESTION 114

Which of the following is designed to serve as a risk mitigation strategy?

A. Personally owned devices

B. Disaster recovery plan

C. Calculate proper ROI

D. Zero day exploits

Correct Answer: B


QUESTION 115

Who should be contacted FIRST in the event of a security breach?

A. Forensics analysis team

B. Internal auditors

C. Incident response team

D. Software vendors

Correct Answer: C


QUESTION 116

Which process will determine maximum tolerable downtime?

A. Business Continuity Planning

B. Contingency Planning

C. Business Impact Analysis 22 / 78

The safer , easier way to help you pass any IT exams.

D. Disaster Recovery Plan

Correct Answer: C


QUESTION 117

Which of the following provides the MOST protection against zero day attacks via email attachments?

A. Anti-spam

B. Anti-virus

C. Host-based firewalls

D. Patch management

Correct Answer: A


QUESTION 118

Which of the following access controls enforces permissions based on data labeling at specific levels?

A. Mandatory access control

B. Separation of duties access control

C. Discretionary access control

D. Role based access control

Correct Answer: A


QUESTION 119

A username provides which of the following?

A. Biometrics

B. Identification

C. Authorization

D. Authentication

Correct Answer: B


QUESTION 120

Use of group accounts should be minimized to ensure which of the following?

A. Password security

B. Regular auditing

C. Baseline management

D. Individual accountability

Correct Answer: D


Download Latest SY0-301 Real Free Tests , help you to pass exam 100%.

Comments are closed.