Ensurepass

QUESTION 381

An encryption method where the plain text and cipher text are always the same size is an example of which of the following types of encryption?

A. RC4

B. MD5

C. Steam Cipher

D. Block Cipher

Correct Answer: D


QUESTION 382

The information security team does a presentation on social media and advises the participants not to provide too much personal information on social media web sites. This advice would BEST protect people from which of the following?

A. Rainbow tables attacks

B. Brute force attacks

C. Birthday attacks

D. Cognitive passwords attacks

Correct Answer: D


QUESTION 383

The compliance team comes out with a new policy that all data stored on tapes over 3 years must be degaussed. This BEST describes which of the following types of policies?

A. Data handling

B. Data classification

C. Data labeling

D. Data disposal

Correct Answer: D


QUESTION 384

Pete’s corporation has outsourced help desk services to a large provider. Management has published a procedure that requires all users, when receiving support, to call a special number. Users then need to enter the code provided to them by the help desk technician prior to allowing the technician to work on

73 / 78

The safer , easier way to help you pass any IT exams.

their PC.

Which of the following does this procedure prevent?

A. Collusion

B. Impersonation

C. Pharming

D. Transitive Access

Correct Answer: B


QUESTION 385

Pete, the security engineer, would like to prevent wireless attacks on his network. Pete has implemented a security control to limit the connecting MAC addresses to a single port. Which of the following wireless attacks would this address?

A. Interference

B. Man-in-the-middle

C. ARP poisoning

D. Rogue access point

Correct Answer: D


QUESTION 386

Jane, the security administrator, is having issues with unauthorized users connecting to the wireless network. For administrative reasons, she cannot implement any wireless encryption methods. Which of the following can she implement to prevent unauthorized users from connecting to the network?

A. NIPS

B. Disable unused ports

C. MAC filtering

D. WEP

Correct Answer: C


QUESTION 387

Matt, the security administrator, wants to secure the wireless network. Which of the following encryption methods offers the MOST security?

A. WPA2 ENT AES

B. WPA2 PSK AES

C. WPA2 ENT TKIP

D. WPA2 PSK TKIP

Correct Answer: A


QUESTION 388

Sara, the IT administrator, wants to control which devices can connect to the wireless network. Which of the following can she implement to accomplish this task?

A. WPA2 Enterprise with AES encryption

B. Decrease the WAP 痵 power levels

C. Static IP addressing

D. MAC address filtering

Correct Answer: D


QUESTION 389

When a new network drop was installed, the cable was run across several fluorescent lights. The users of the new network drop experience intermittent connectivity.

74 / 78

The safer , easier way to help you pass any IT exams.

Which of the following environmental controls was MOST likely overlooked during installation?

A. Humidity sensors

B. EMI shielding

C. Channel interference

D. Cable kinking

Correct Answer: B


QUESTION 390

Pete, the Chief Security Officer, wishes to institute annual security policy training for all users. The training

痵 purpose is to educate users about access to sensitive data. Which of the following should be included in

the training?

A. Revalidation of user account privileges.

B. Review of guidelines for network stored data permissions.

C. Implementation of new password procedures.

D. Installation of disk-based encryption to protect data.

Correct Answer: C


QUESTION 391

Pete, the system administrator, has blocked users from accessing social media web sites. In addition to protecting company information from being accidentally leaked, which additional security benefit does this provide?

A. No competition with the company 痵 official social presence

B. Protection against malware introduced by banner ads

C. Increased user productivity based upon fewer distractions

D. Elimination of risks caused by unauthorized P2P file sharing

Correct Answer: B


QUESTION 392

Pete, the system administrator, is concerned about unauthorized access at all entrances into the building. PIN pad readers have been installed, but users have developed the habit of holding the door for others behind them.

Which of the following would BEST prevent this?

A. Install mantraps at every unmanned entrance.

B. Replace the PIN pad readers with card readers.

C. Implement video and audio surveillance equipment.

D. Require users to sign conduct policies forbidding these actions.

Correct Answer: A


QUESTION 393

Which of the following is a MAIN objective of implementing a clean desk user policy?

A. Coax users into accepting cloud computing as a viable option.

B. Enforce notions that other users cannot be trusted.

C. Verify that user accounts are strong and complex.

D. Ensure that no sensitive data is left unsupervised.

Correct Answer: D


QUESTION 394

Jane, a network administrator, has configured a 48-port switch to isolate four different departments. Which of the following has Jane MOST likely configured on the switch?

75 / 78

The safer , easier way to help you pass any IT exams.

A. NAC B. 802.1x

C. VLAN

D. DMZ

Correct Answer: C


QUESTION 395

A network stream needs to be encrypted. Sara, the network administrator, has selected a cipher which will encrypt 8 bits at a time before sending the data across the network.

Which of the following has Sara selected?

A. Block cipher

B. Stream cipher

C. CRC

D. Hashing algorithm

Correct Answer: A


QUESTION 396

Pete, a security auditor, has detected clear text passwords between the RADIUS server and the authenticator.

Which of the following is configured in the RADIUS server and what technologies should the authentication protocol be changed to?

A. PAP, MSCHAPv2

B. CHAP, PAP

C. MSCHAPv2, NTLMv2

D. NTLM, NTLMv2

Correct Answer: A


QUESTION 397

Which of the following BEST describes a SQL Injection attack?

A. The attacker attempts to have the receiving server pass information to a back-end database from which it can compromise the stored information.

B. The attacker attempts to have the receiving server run a payload using programming commonly found on web servers.

C. The attacker overwhelms a system or application, causing it to crash and bring the server down to cause an outage.

D. The attacker overwhelms a system or application, causing it to crash, and then redirects the memory address to read from a location holding the payload.

Correct Answer: A


QUESTION 398

Which of the following is a hardware-based security technology included in a computer?

A. Symmetric key

B. Asymmetric key

C. Whole disk encryption

D. Trusted platform module

Correct Answer: D


QUESTION 399

Jane, the administrator of a small company, wishes to track people who access the secured server

76 / 78

The safer , easier way to help you pass any IT exams.

room, which is secured only by a simple hardware key lock. Jane does not have much of a budget or the approval to make significant construction changes. Given the limitations, which of the following can she do in the meantime?

A. Implement an access log and a security guard

B. Install a 24/7 closed-circuit camera system

C. Install a separate hardware lock with limited keys

D. Implement a cipher key lock

Correct Answer: D


QUESTION 400

An administrator with a small company has begun to implement a backup strategy of the company 痵

critical financial data.

Which of the following is the MOST secure place to store the back-ups?

A. Near the data servers, for ease of restoration

B. Next to where the physical records (e.g. paper) are stored

C. At a remote off-site location

D. With the financial department

Correct Answer: C


QUESTION 401

In an enterprise environment, which of the following would be the BEST way to prevent users from accessing inappropriate websites when AUP requirements are constantly changing?

A. Deploy a network proxy server.

B. Configure Internet content filters on each workstation.

C. Deploy a NIDS.

D. Deploy a HIPS.

Correct Answer: A


QUESTION 402

Broadcast traffic is having a negative impact on network performance. Which of the following might help minimize this issue?

A. Use NAT to hide the IPs of each of the workstations.

B. Separate the network onto a number of different switches.

C. Separate the network into a number of different VLANs.

D. Route all the unicast traffic through the proxy server.

Correct Answer: C


QUESTION 403

A new wireless router has been compromised, blocking all of the company computers from using the router.

Which of the following is the MOST likely cause for this issue?

A. There was a backdoor account on the router.

B. The default password on the router was not changed.

C. The attacker discovered the WEP key of the router.

D. The attacker had gone dumpster diving to find the router 痵 credentials.

Correct Answer: B


QUESTION 404

A company wants to maintain a backup site, and is more concerned about site maintenance cost

77 / 78

The safer , easier way to help you pass any IT exams.

rather than high availability following a disaster. Which of the following is the BEST solution?

A. Cold site

B. Remote site

C. Hot site

D. Warm site

Correct Answer: A


QUESTION 405

Which of the following would be the MOST likely reason to use a cluster of host servers to support load balancing?

A. Confidentiality by distributing traffic across multiple host servers

B. Enhance security by obscuring the physical host of the guest server

C. Availability by distributing connections across multiple servers

D. Integrity by separating traffic across multiple guest servers

Correct Answer: C


QUESTION 406

Which of the following controls is considered to be the MOST effective type of physical security?

A. Access lists

B. Cipher lock

C. Chain link fence

D. Mantrap

Correct Answer: D


QUESTION 407

An administrator notices that former temporary employees ?accounts are still active on a domain. Which of the following can be implemented to increase security and prevent this from happening?

A. Implement a password expiration policy.

B. Implement an account expiration date for permanent employees.

C. Implement time of day restrictions for all temporary employees.

D. Run a last logon script to look for inactive accounts.

Correct Answer: D


QUESTION 408

Which of the following devices is used to capture and analyze data packets when Jane, an unauthorized user, is trying to gain access to a network?

A. Sniffer

B. VPN concentrator

C. Packet filtering firewall

D. Router

Correct Answer: A

 

Download Latest SY0-301 Real Free Tests , help you to pass exam 100%.

Comments are closed.