Ensurepass

QUESTION 41

Employee badges are encoded with a private encryption key and specific personal information. The encoding is then used to provide access to the network.

Which of the following describes this access control type?

A. Smartcard

B. Token

C. Discretionary access control

D. Mandatory access control

Correct Answer: A


QUESTION 42

Which of the following devices would MOST likely have a DMZ interface?

A. Firewall

B. Switch

C. Load balancer

D. Proxy

Correct Answer: A


QUESTION 43

Which of the following is used to digitally sign an email?

A. Private key

B. Public key

C. Sender 痵 IP

D. Sender 痵 MAC address

Correct Answer: A


QUESTION 44

Pete, the company Chief Information Officer (CIO), has been receiving numerous emails from the help desk directing Pete to a link to verify credentials.

Which of the following attacks is underway?

A. Replay attack

B. Pharming

C. Privilege escalation

D. Spear phishing

Correct Answer: D


QUESTION 45

Pete, a security administrator, noticed that the network analyzer is displaying packets that have all the bits in the option field turned on.

Which of the following attacks is underway?

A. X-Mas

B. DDoS

C. Birthday

D. Smurf

Correct Answer: A


QUESTION 46

Which of the following tools would Matt, a security administrator, MOST likely use to analyze a

9 / 78

The safer , easier way to help you pass any IT exams.

malicious payload?

A. Vulnerability scanner

B. Fuzzer

C. Port scanner

D. Protocol analyzer

Correct Answer: D


QUESTION 47

Which of the following is Jane, a security administrator, MOST likely to install in order to capture and analyze zero day exploits?

A. Honeypot

B. Antivirus

C. IPS

D. IDS

Correct Answer: A


QUESTION 48

Which of the following can be implemented to detect file system variations?

A. EXT3

B. Hashing

C. Encryption

D. NIDS

Correct Answer: B


QUESTION 49

Which of the following threats is MOST likely to be mitigated by implementing cross-site scripting prevention tools?

A. Resource starvation

B. Insider threat

C. Spear phishing

D. Session hijacking

Correct Answer: D


QUESTION 50

An attacker has gained access to the corporate network and is attempting to brute force a password to gain access to the accounting system.

Which of the following, if implemented, will protect the server?

A. Single sign-on

B. Password history

C. Limit logon attempts

D. Directory services

Correct Answer: C


QUESTION 51

Pete, a security administrator, wants to check user password complexity. Which of the following is the BEST tool to use?

A. Password history

B. Password logging

C. Password cracker 10 / 78

The safer , easier way to help you pass any IT exams.

D. Password hashing

Correct Answer: C


QUESTION 52

Which of the following can hide confidential or malicious data in the whitespace of other files (e.g. JPEGs)?

A. Hashing

B. Transport encryption

C. Digital signatures

D. Steganography

Correct Answer: D


QUESTION 53

Certificates are used for: (Select TWO).

A. client authentication.

B. WEP encryption.

C. access control lists.

D. code signing.

E. password hashing.

Correct Answer: AD


QUESTION 54

When implementing SSL VPN, which of the following is the FASTEST cipher that Pete, an administrator, can use?

A. 3DES

B. AES

C. DES

D. RC4

Correct Answer: D


QUESTION 55

Which of the following network devices will prevent port scans?

A. Firewall

B. Load balancers

C. NIDS

D. Sniffer

Correct Answer: A


QUESTION 56

Which of the following is an operational control?

A. Concurrent session control

B. System security categorization

C. Contingency planning

D. Session locks

Correct Answer: C


QUESTION 57

Which of the following is a hardware based encryption device?

A. EFS

B. TrueCrypt 11 / 78

The safer , easier way to help you pass any IT exams.

C. TPM

D. SLE

Correct Answer: C


QUESTION 58

Which of the following is the MOST important step for preserving evidence during forensic procedures?

A. Involve law enforcement

B. Chain of custody

C. Record the time of the incident

D. Report within one hour of discovery

Correct Answer: B


QUESTION 59

Employees of a company have received emails that fraudulently claim to be from the company 痵 security

department. The emails ask the employees to sign-on to an Internet website to verify passwords and personal information. This is an example of which type of attack?

A. Spam

B. Pharming

C. Man-in-the-middle

D. Vishing

Correct Answer: B


QUESTION 60

A company has implemented software to enforce full disk and removable media encryption for all computers.

Which of the following threats can still expose sensitive data on these computers?

A. Spam

B. Botnet infection

C. Stolen laptop

D. Header manipulation

Correct Answer: B

Download Latest SY0-301 Real Free Tests , help you to pass exam 100%.

Comments are closed.