Ensurepass

QUESTION 261

Which of the following is an authentication service that uses UDP as a transport medium?

A. TACACS+

B. LDAP

C. Kerberos

D. RADIUS

Correct Answer: D


QUESTION 262

Which of the following is true concerning WEP security?

A. WEP keys are transmitted in plain text.

B. The WEP key initialization process is flawed.

C. The pre-shared WEP keys can be cracked with rainbow tables.

D. WEP uses the weak RC4 cipher.

Correct Answer: B


QUESTION 263

Matt, a security administrator, wants to secure VoIP traffic on the internal network from eavesdropping. Which of the following would MOST likely be used?

49 / 78

The safer , easier way to help you pass any IT exams.

A. SSL

B. SSH

C. QoS

D. IPSec

Correct Answer: D


QUESTION 264

Pete works for a subsidiary company that processes secure transactions for the parent company. Which of the following can be employed to ensure the parent company has access to the subsidiary’s encrypted data in an emergency?

A. Trust model

B. Public key infrastructure

C. Symmetrical key encryption

D. Key escrow

Correct Answer: D


QUESTION 265

Which of the following can be used on a smartphone to BEST protect against sensitive data loss if the device is stolen? (Select TWO).

A. Tethering

B. Screen lock PIN

C. Remote wipe

D. Email password

E. GPS tracking

F. Device encryption

Correct Answer: CF


QUESTION 266

Which of the following social engineering attacks is meant for a high-ranking corporate employee?

A. Pharming

B. Whaling

C. Hoax

D. Vishing

Correct Answer: B


QUESTION 267

Which of the following is an advantage of using group policy to redirect users ?local folders to networked drives in regards to data loss prevention?

A. Sensitive data is not stored on a local computer.

B. Users can track their data for unauthorized revisions.

C. Incremental back-ups are stored locally for easy access.

D. The users are more aware of where their data is stored.

Correct Answer: A


QUESTION 268

In the case of laptop theft, which of the following is the BEST action to take to prevent data theft?

A. Use a third-party hard drive encryption product.

B. Install the operating system on a non-default partition letter.

C. Set a BIOS password that must be entered upon system boot.

50 / 78

The safer , easier way to help you pass any IT exams.

D. Enforce a strict complex operating system password.

Correct Answer: A


QUESTION 269

Pete, a security administrator, has implemented a policy to prevent data loss. Which of the following is the BEST method of enforcement?

A. Internet networks can be accessed via personally-owned computers.

B. Data can only be stored on local workstations.

C. Wi-Fi networks should use WEP encryption by default.

D. Only USB devices supporting encryption are to be used.

Correct Answer: D


QUESTION 270

Sara, a security administrator, needs to implement the equivalent of a DMZ at the datacenter entrance. Which of the following must she implement?

A. Video surveillance

B. Mantrap

C. Access list

D. Alarm

Correct Answer: B


QUESTION 271

Jane, a security analyst, is reviewing logs from hosts across the Internet which her company uses to gather data on new malware.

Which of the following is being implemented by Jane 痵 company?

A. Vulnerability scanner

B. Honeynet

C. Protocol analyzer

D. Port scanner

Correct Answer: B


QUESTION 272

Sara, a senior programmer for an application at a software development company, has also assumed an auditing role within the same company. She will be assessing the security of the application.

Which of the following will she be performing?

A. Blue box testing

B. Gray box testing

C. Black box testing

D. White box testing

Correct Answer: D


QUESTION 273

Which of the following procedures would be used to mitigate the risk of an internal developer embedding malicious code into a production system?

A. Audit management

B. Mobile device management

C. Incident management

D. Change management 51 / 78

The safer , easier way to help you pass any IT exams.

Correct Answer: D


QUESTION 274

Mike, a security analyst, is looking to reduce the number of phishing emails received by employees. Which of the following solutions helps prevent this from occurring?

A. HIDS

B. NIDS

C. Antivirus

D. Spam filter

Correct Answer: D


QUESTION 275

Which of the following BEST describes a directory traversal attack?

A. A malicious user can insert a known pattern of symbols in a URL to access a file in another section of the directory.

B. A malicious user can change permissions or lock out user access from a webroot directory or

subdirectories.

C. A malicious user can delete a file or directory in the webroot directory or subdirectories.

D. A malicious user can redirect a user to another website across the Internet.

Correct Answer: A


QUESTION 276

In her morning review of new vendor patches, Jane has identified an exploit that is marked as critical. Which of the following is the BEST course of action?

A. Jane should wait seven days before testing the patch to ensure that the vendor does not issue an updated version, which would require reapplying the patch.

B. Jane should download the patch and install it to her workstation to test whether it will be able to be applied to all workstations in the environment.

C. Jane should alert the risk management department to document the patch and add it to the next monthly patch deployment cycle.

D. Jane should download the patch to the test network, apply it to affected systems, and evaluate the results on the test systems.

Correct Answer: D


QUESTION 277

Matt, a security administrator, has noticed that the website and external systems have been subject to many attack attempts. To verify integrity of the website and critical files, Matt should:

A. require all visitors to the public web home page to create a username and password to view the pages in the website.

B. configure the web application firewall to send a reset packet to the incoming IP from where an attack or scan signature has been detected.

C. create file hashes for website and critical system files, and compare the current file hashes to the baseline at regular time intervals.

D. reboot the web server and database server nightly after the backup has been completed.

Correct Answer: C


QUESTION 278

Jane, a security technician, needs to open ports on a firewall to allow for domain name resolution. Which of the following ports should Jane open? (Select TWO).

52 / 78

The safer , easier way to help you pass any IT exams.

A. TCP 21

B. TCP 23

C. TCP 53

D. UDP 23

E. UDP 53

Correct Answer: CE


QUESTION 279

Pete, a security administrator, is working with Jane, a network administrator, to securely design a network at a new location. The new location will have three departments which should be isolated from each other to maintain confidentiality.

Which of the following design elements should Pete implement to meet this goal?

A. VLANs

B. Port security

C. VPNs

D. Flood guards

Correct Answer: A


QUESTION 280

Sara, a security administrator, is configuring a new firewall. She has entered statements into the firewall configuration as follows:

Allow all Web traffic Deny all Telnet traffic Allow all SSH traffic

Mike, a user on the network, tries unsuccessfully to use RDP to connect to his work computer at home. Which of the following principles BEST explains why Mike 痵 attempt to connect is not successful?

A. Explicit deny

B. Loop protection

C. Implicit deny

D. Implicit permit

Correct Answer: C


Download Latest SY0-301 Real Free Tests , help you to pass exam 100%.

Comments are closed.