Ensurepass

QUESTION 341

The lobby of the hotel allows users to plug in their laptops to access the Internet. This network is also used for the IP based phones in the hotel lobby. Mike, the security engineer, wants to secure the phones so that guests cannot electronically eavesdrop on other guests. Which of the following would Mike MOST likely implement?

A. VLAN

B. Port security

C. MPLS

D. Separate voice gateway

Correct Answer: A

Jane, the security engineer, is tasked with hardening routers. She would like to ensure that network access to the corporate router is allowed only to the IT group and from authorized machines. Which of the following would MOST likely be implemented to meet this security goal? (Select TWO).

A. SNMP

B. HTTPS

C. ACL

D. Disable console

E. SSH

F. TACACS+

Correct Answer: CF


QUESTION 343

Jane, the network administrator, would like wireless users to authenticate to the network’s RADIUS server via EAP prior to connecting to the WLAN.

Which of the following would MOST likely be implemented to facilitate this authentication?

A. 802.1x

B. WPA2-PSK

C. WEP

D. TACACS+

Correct Answer: A


QUESTION 344

After a new firewall has been installed, devices cannot obtain a new IP address. Which of the following ports should Matt, the security administrator, open on the firewall?

A. 25

B. 68

C. 80

D. 443

Correct Answer: B


QUESTION 345

Which of the following could Sara, an administrator, use in a workplace to remove sensitive data at rest from the premises?

A. Network sniffer

B. Personally owned devices

C. Vulnerability scanner

D. Hardware locks

Correct Answer: B


QUESTION 346

Pete, the system administrator, has concerns regarding users losing their company provided smartphones. Pete 痵 focus is on equipment recovery.

Which of the following BEST addresses his concerns?

A. Enforce device passwords.

B. Use remote sanitation.

C. Enable GPS tracking.

D. Encrypt stored data.

Correct Answer: C


QUESTION 347

Pete, the system administrator, wishes to monitor and limit users ?access to external websites. Which of the following would BEST address this?

A. Block all traffic on port 80.

B. Implement NIDS.

C. Use server load balancers.

D. Install a proxy server.

Correct Answer: D


QUESTION 348

Sara, the security administrator, must configure the corporate firewall to allow all public IP addresses

66 / 78

The safer , easier way to help you pass any IT exams.

on the internal interface of the firewall to be translated to one public IP address on the external interface of the same firewall.

Which of the following should Sara configure?

A. PAT

B. NAP

C. DNAT

D. NAC

Correct Answer: A


QUESTION 349

An external company has notified Jane at ABC Co. that their web server was attacked by one of ABC ?s IP addresses. The external company provides the time of the attack and the following log information:

SRC IP: 182.45.88.12 SRC Port: TCP 1335 DST IP: 12.42.8.122 DST Port: TCP 443

Given that ABC uses PAT at their firewall, which of the following is true about this incident?

A. Jane cannot identify the ABC 痵 internal IP address that launched the attack because it happened over HTTPS.

B. The external company must provide the packet payload in order for Jane to identify the ABC 痵 IP that

launched the attack.

C. The external company did not provide enough information for Jane to be able to identify the ABC 痵

internal IP that launched the attack.

D. Jane can identify the ABC 痵 internal IP address that launched the attack by reviewing the Firewall

logs.

Correct Answer: D


QUESTION 350

Which of the following settings can Jane, the network administrator, implement in the computer lab to ensure that user credentials cannot be captured by the next computer user?

A. Implement full drive encryption on all lab computers.

B. Reverse the computer to its original state upon reboot.

C. Do not display last username in logon screen.

D. Deploy privacy screens on all lab computers.

Correct Answer: C


QUESTION 351

Jane, a security administrator, is reviewing the company 痵 official documentation to mitigate the risk of

data loss due to personally owned devices being connected to perform company related work. Which of the following documentation should Jane MOST likely review and update?

A. Acceptable risk

B. Data retention policy

C. Acceptable use policy

D. End user license agreement

Correct Answer: C


QUESTION 352

After a production outage, which of the following documents contains detailed information on the order in which the system should be restored to service?

67 / 78

The safer , easier way to help you pass any IT exams.

A. Succession planning

B. Disaster recovery plan

C. Information security plan

D. Business impact analysis

Correct Answer: B


QUESTION 353

Pete, a security administrator, has implemented SSH across all network infrastructure devices in the enterprise.

Which of the following protocols will be used to exchange keying material within SSH?

A. Transport layer protocol

B. IPSec

C. Diffie-Hellman

D. Secure socket layer

Correct Answer: C


QUESTION 354

A user has just returned from security awareness training, where users were encouraged to strengthen their passwords and voicemail codes.

Which of the following would be the MOST secure password for the user 痵 workstation?

A. H0me0nTh3Range

B. Letme1nNow

C. $3cur1#y

D. Passw0rd99

Correct Answer: C


QUESTION 355

Matt must come up with a design solution which will enable remote users to securely access network resources.

Which of the following design elements will enable Matt to meet this objective?

A. DMZ

B. VLAN

C. VPN

D. NAT

Correct Answer: C


QUESTION 356

Sara, a security technician, has been asked to design a solution which will enable external users to have access to a Web server, while keeping the internal network unaffected by this access.

Which of the following would BEST meet this objective?

A. Place the Web server on a VLAN

B. Place the Web server inside of the internal firewall

C. Place the Web server in a DMZ

D. Place the Web server on a VPN

Correct Answer: C


QUESTION 357

Pete needs to open ports on the firewall to allow for secure transmission of files. Which of the following ports should be opened on the firewall?

68 / 78

The safer , easier way to help you pass any IT exams.

A. TCP 23

B. UDP 69

C. TCP 22

D. TCP 21

Correct Answer: C


QUESTION 358

A company that provides streaming media has recently experienced latency during certain times of the day.

Which of the following would mitigate the latency issue?

A. Web security gateway

B. Firewall

C. Load balancing

D. VPN concentrator

Correct Answer: C


QUESTION 359

Matt, a security technician, notices a high number of ARP spoofing attacks on his network. Which of the following design elements would mitigate ARP spoofing attacks?

A. Flood guards

B. Implicit deny

C. VLANs

D. Loop protection

Correct Answer: A


QUESTION 360

Matt works for an organization that requires data to be recovered in the shortest amount of time possible. Which of the following backup types would BEST meet the organization 痵 needs?

A. Full backups daily

B. Differential backups monthly

C. Full backups weekly

D. Incremental backups monthly

Correct Answer: A


Download Latest SY0-301 Real Free Tests , help you to pass exam 100%.

Comments are closed.