A database server containing personal information and a file server containing non-critical information must be secured.

Which of the following would be a BEST practice to secure the servers? (Select TWO).

A. Place the file server behind a door requiring biometric authorization.

B. Place both servers under the system administrator 痵 desk.

C. Place the database server behind a door with a cipher lock.

D. Place the file server in an unlocked rack cabinet.

E. Place the database server behind a door requiring biometric authorization.

Correct Answer: AE


A company is experiencing an extraordinary amount of web traffic that is crippling the server. The web traffic suddenly stops. The mail server experiences the same amount of traffic as before then crashes. Which of the following attacks would this BEST describe?

A. DoS

B. Spam

C. Man-in-the-middle

D. Replay

Correct Answer: A


Which of the following would ensure confidentiality and authorization to the management interface of a


A. Enable an access list and RADIUS

B. Enable SSH and TACACS

C. Enable an access list and PKI 61 / 78

The safer , easier way to help you pass any IT exams.

D. Enable LDAP and strong passwords

Correct Answer: B


Which of the following BEST describes a demilitarized zone?

A. A buffer zone between protected and unprotected networks.

B. A network where all servers exist and are monitored.

C. A sterile, isolated network segment with access lists.

D. A private network that is protected by a firewall and a VLAN.

Correct Answer: A


Which of the following statements BEST describes the basic functionality of a network firewall?

A. Improves communication between trusted and non-trusted networks

B. Redirects accepted traffic to the proper VLAN

C. Provides stateful packet inspection of TCP traffic

D. Accepts and rejects data based on content

Correct Answer: C


Which of the following BEST describes the function of a protocol analyzer?

A. It allows a security technician to decrypt packets as they traverse the network.

B. It allows a security technician to encrypt packets as they traverse the network.

C. It allows a security technician to perform deep state packet inspection.

D. It allows a security technician to perform hardware device troubleshooting.

Correct Answer: C


Which of the following network solutions would BEST allow Jane, a security technician, to host an extranet application for her company?

A. Platform as a Service

B. Infrastructure as a Service

C. Storage as a Service

D. Software as a Service

Correct Answer: D


Which of the following network design elements BEST provides a testing environment to perform malware analysis?

A. Platform as a Service (PaaS)


C. Virtualization

D. Proxies

Correct Answer: C


Matt, a security technician, is attempting to explain why some of the company policies should be changed for high risk IT positions.

Which of the following concepts BEST explains his support for fraud detection?

A. Time of day restrictions is more likely to discover fraud than the other fraud detection methods.

62 / 78

The safer , easier way to help you pass any IT exams.

B. Least privilege principles allow internal audit teams to discover fraud while a staff member is out of the office.

C. Separation of duties is a better fraud detection method than mandatory vacations; therefore, it should be used.

D. Mandatory vacations support the company discovering fraud while staff members are out of the office.

Correct Answer: D


Jane, a security technician, is working with the network firewall team to implement access controls at the company 痵 demarc as part of the initiation of configuration management processes. One of the network

technicians asks Jane to explain the access control type found in a firewall. With which of the following should Jane respond?

A. Rule based access control

B. Role based access control

C. Discretionary access control

D. Mandatory access control

Correct Answer: A


Sara, a security administrator, has been tasked with explaining smart cards to the company 痵

management team.

Which of the following are smart cards? (Select TWO).


B. Tokens




Correct Answer: CE


Jane, a security architect, is implementing security controls throughout her organization. Which of the following BEST explains the vulnerability in the formula that a Risk = Threat x Vulnerability x Impact?

A. Vulnerability is related to the risk that an event will take place.

B. Vulnerability is related to value of potential loss.

C. Vulnerability is related to the probability that a control will fail.

D. Vulnerability is related to the probability of the event.

Correct Answer: C

Jane, a security analyst, has recently implemented a password complexity requirement within the company systems.

Which of the following BEST explains this requirement?

A. Accounts shall be required to adhere to no less than 15 characters for all personnel accounts.

B. Accounts shall have two uppercase, two lowercase, and one number or special character.

C. Accounts shall be changed no less than every ninety (90) days for service accounts.

D. Accounts shall be disabled after a period of thirty (30) days if the account has not logged on within that time period.

63 / 78

The safer , easier way to help you pass any IT exams.

Correct Answer: B


Pete, an email administrator, notices that Sara and Matt are exchanging image files back and forth. Pete opens an image and sees the image is from the company 痵 intranet. Pete checks the MD5 hash of the file

on the Internet page versus the file Sara and Matt are sending and the hash values do not match. Which of the following is this MOST likely an example of?

A. Key escrow

B. Steganography

C. Digital signature

D. Non-repudiation

Correct Answer: B


The HR department has been rotating positions in their own department and hiring new employees to fill positions. It is the end of the year and Pete, the CEO, is concerned about performance reviews and salaries being leaked from the corporate file server.

Which of the following should Pete request be done to ensure only the required employees have access to the performance reviews?

A. Perform an audit for access.

B. Encrypt the data.

C. Check the logs for access.

D. Move the data to a USB drive.

Correct Answer: A


Jane is building a new web server. Jane only wants to run a web server on a workstation so she disables the default web site, turns off FTP, adds a certificate, and enables port 443 on the web server.

Jane is performing which of the following?

A. Application patch management

B. Exception handling

C. Application hardening

D. Application baselining

Correct Answer: C


Pete 痵 boss is concerned with the amount of down time the shipping and receiving server is having. He

asks Pete to provide him with numbers on the mean time between failures. Which of the following equations could Pete perform to provide this information to his boss?

A. Calculate the Annual Loss Expectancy for the year.

B. Track the man hours and expenses of the system being down for a month.

C. The operational time of the server divided by the number of times the system went down.

D. Calculate the Annual Rate of Occurrence for the year.

Correct Answer: C


The information security department regularly walks the campus and around the buildings looking for unauthorized open wireless networks. This is an example of which of the following?

A. A site survey 64 / 78

The safer , easier way to help you pass any IT exams.

B. Antenna placement

C. War dialing

D. War driving

Correct Answer: D


Sara, an attacker, launches a man-in-the-middle attack against Pete. While sniffing Pete’s network traffic, Sara is able to acquire the current cookies Pete is using.

Which of the following can Sara use these cookies for?

A. Buffer overflow

B. Header manipulation

C. ARP poisoning

D. Session hijacking

Correct Answer: D


Users are reporting having trouble connecting to a certain web server. Pete, the security engineer, discovers the server appears to be running optimally at the OS level. Upon deeper investigation, Pete determines that the server is suspiciously flooding users with RST packets when they attempt to connect. Which of the following tools did Pete MOST likely use to discover this?

A. Honeynet

B. Network sniffer

C. Vulnerability scanner

D. Port scanner

Correct Answer: B

Download Latest SY0-301 Real Free Tests , help you to pass exam 100%.

Comments are closed.