SY0-301 Part 4

An administrator wants to setup their network with only one public IP address even thou there are 10 users
internally who needs access. Which of the following would allow for this?

Which of the following would be the MOST secure choice to implement for authenticating remote connections?

Which of the following is the BEST way to reduce the number of passwords a user must remember and
maintain?

Which of the following can be used as a means for dual-factor authentication?

Which of the following type of attacks requires an attacker to sniff the network?

Which of the following redundancy solutions contains hardware systems similar to the affected organization, but
does not provide all of the equipment needed for redundancy?

Which of the following security policies is BEST to use when trying to mitigate the risks involved with allowing a
user to access company email via their cell phone?

Which of the following algorithms is the LEAST secure?

A technician needs to detect staff members that are connecting to an unauthorized website. Which of the
following could be used?

Which of the following is an example of security personnel that administer access control functions, but do not
administer audit functions?

Which of the following is used to perform denial of service (DoS) attacks?

Which of the following is an exploit against a device where only the hardware model and manufacturer are
known?

Which of the following tools will allow the technician to find all open ports on the network?

After issuance a technician becomes aware that some asymmetric keys were issued to individuals who are not
authorized to use them. Which of the following should the technician use to revoke the keys and informs others
they are no longer trusted?

Which of following can BEST be used to determine the topology of a network and discover unknown devices?

Which of the following BEST describes the term war driving?

When is the BEST time to update antivirus definitions?

Why would a technician use a password cracker?

What would be a requirement before a technician begin his penetration test?

Which of the following is the MOST secure alternative for remote administrative access to a router?

A technician is testing the security of a new database application with a website front-end. The technician
notices that when certain characters are input into the application it will crash the server. Which of the following
does the technician need to do?

An administrator in a small office environment has implemented an IDS on the network perimeter to detect
malicious traffic patterns. The administrator still has a concern about traffic inside the network originating
between client workstations. Which of the following could be implemented?

Which of the following is the primary purpose of a CA?

A user is attempting to receive digitally signed and encrypted email messages from a remote office. Which of
the following protocols does the system need to support?

Antivirus software products detect malware by comparing the characteristics of known instances against which
of the following type of file sets?

Which of the following is a reason why a company should disable the SSID broadcast of the wireless access
points?

An administrator notices that former temporary employee's accounts are still active on a domain. Which of the
following can be implemented to increase security and prevent this from happening?

Which of the following algorithms have the smallest key space?

Which of the following is the MOST recent addition to cryptography as a standard for the US Government?

Which of the following allows for notification when a hacking attempt is discovered?

When dealing with a 10BASE5 network, which of the following is the MOST likely security risk?

Which of the following allows a technician to scan for missing patches on a device without actually attempting to
exploit the security problem?

Which of the following uses a key ring?

Using an asymmetric key cryptography system, where can a technician get a third party to vouch for the identity
of the key pairs generated?

Which of the following allows a file to have different security permissions for users that have the same roles or
user groups?

Which of the following would be BEST to use to apply corporate security settings to a device?

A technician suspects that one of the network cards on the internal LAN is causing a broadcast storm. Which of
the following would BEST diagnose which NIC is causing this problem?

A CEO is concerned about staff browsing inappropriate material on the Internet via HTTPS. It has been
suggested that the company purchase a product which could decrypt the SSL session, scan the content and
then repackage the SSL session without staff knowing. Which of the following type of attacks is similar to this
product?

After a system risk assessment was performed it was found that the cost to mitigate the risk was higher than
the expected loss if the risk was actualized. In this instance, which of the following is the BEST course of
action?

A small call center business decided to install an email system to facilitate communications in the office. As part
of the upgrade the vendor offered to supply anti-malware software for a cost of 5,000 per year. The IT manager
read there was a 90% chance each year that workstations would be compromised if not adequately protected. If
workstations are compromised it will take three hours to restore services for the 30 staff. Staff members in the
call center are paid $90 per hour. If determining the risk, which of the following is the annual loss expectancy
(ALE)?

A small call center business decided to install an email system to facilitate communications in the office. As part
of the upgrade the vendor offered to supply anti-malware software for a cost of 5,000 per year. The IT manager
read there was a 90% chance each year that workstations would be compromised if not adequately protected. If
workstations are compromised it will take three hours to restore services for the 30 staff. Staff members in the
call center are paid $90 per hour. If the anti-malware software is purchased, which of the following is the
expected net savings?

A flat or simple role-based access control (RBAC) embodies which of the following principles?

Social engineering, password cracking and vulnerability exploitation are examples of which of the following?

Configuration baselines should be taken at which of the following stages in the deployment of a new system?

Which of the following describes the difference between a secure cipher and a secure hash?

To evaluate the security compliance of a group of servers against best practices, which of the following BEST
applies?

Which of the following is a problem MOST often associated with UTP cable?