Copiar y Editar

SY0-301 Part 1

Descripción

Questions 1 - 50
Brooks Thornhill
Test por Brooks Thornhill, actualizado hace más de 1 año
Brooks Thornhill
Creado por Brooks Thornhill hace más de 7 años
12
0
0

Resumen del Recurso

Pregunta 1

Pregunta
Which of the following elements of PKI are found in a browser's trusted root CA?
Respuesta
  • Private key
  • Symmetric key
  • Recovery key
  • Public key

Pregunta 2

Pregunta
Which of the following protocols only encrypts password packets from client to server?
Respuesta
  • XTACACS
  • TACACS
  • RADIUS
  • TACACS+

Pregunta 3

Pregunta
Where are revoked certificates stored?
Respuesta
  • Recovery agent
  • Registration
  • Key escrow
  • CRL

Pregunta 4

Pregunta
DRPs should contain which of the following?
Respuesta
  • Hierarchical list of non-critical personnel
  • Hierarchical list of critical systems
  • Hierarchical access control lists
  • Identification of single points of failure

Pregunta 5

Pregunta
A system administrator could have a user level account and an administrator account to prevent:
Respuesta
  • password sharing
  • escalation of privileges
  • implicit deny
  • administrative account lockout

Pregunta 6

Pregunta
Which of the following is the BEST way to mitigate data loss if a portable device is compromised?
Respuesta
  • Full disk encryption
  • Common access card
  • Strong password complexity
  • Biometric authentication

Pregunta 7

Pregunta
Which of the following protocols should be blocked at the network perimeter to prevent host enumeration by sweep devices?
Respuesta
  • HTTPS
  • SSH
  • IPv4
  • ICMP

Pregunta 8

Pregunta
Which of the following is specific to a buffer overflow attack?
Respuesta
  • Memory addressing
  • Directory traversal
  • Initialization vector
  • Session cookies

Pregunta 9

Pregunta
Which of the following asymmetric encryption keys is used to encrypt data to ensure only the intended recipient can decrypt the ciphertext?
Respuesta
  • Private
  • Escrow
  • Public
  • Preshared

Pregunta 10

Pregunta
Which of the following should a security administrator implement to prevent users from disrupting network connectivity, if a user connects both ends of a network cable to different switch ports?
Respuesta
  • VLAN separation
  • Access control
  • Loop protection
  • DMZ

Pregunta 11

Pregunta
A new enterprise solution is currently being evaluated due to its potential to increase the company's profit margins. The security administrator has been asked to review its security implications. While evaluating the product, various vulnerability scans were performed. It was determined that the product is not a threat but has the potential to introduce additional vulnerabilities. Which of the following assessment types should the security administrator also take into consideration while evaluating this product?
Respuesta
  • Threat assessment
  • Vulnerability assessment
  • Code assessment
  • Risk assessment

Pregunta 12

Pregunta
Which of the following requires special handling and explicit policies for data retention and data distribution?
Respuesta
  • Personally identifiable information
  • Phishing attacks
  • Zero day exploits
  • Personal electronic devices

Pregunta 13

Pregunta
Centrally authenticating multiple systems and applications against a federated user database is an example of:
Respuesta
  • smart card
  • common access card
  • single sign-on
  • access control list

Pregunta 14

Pregunta
WEP is seen as an unsecure protocol based on its improper implementation and use of which of the following?
Respuesta
  • RC6
  • RC4
  • 3DES
  • AES

Pregunta 15

Pregunta
Which of the following should be performed if a smartphone is lost to ensure no data can be retrieved from it?
Respuesta
  • Device encryption
  • Remote wipe
  • Screen lock
  • GPS tracking

Pregunta 16

Pregunta
In an 802.11n network, which of the following provides the MOST secure method of both encryption and authorization?
Respuesta
  • WEP with 802.1x
  • WPA Enterprise
  • WPA2-PSK
  • WPA with TKIP

Pregunta 17

Pregunta
Which of the following methods of access, authentication, and authorization is the MOST secure by default?
Respuesta
  • Kerberos
  • TACACS
  • RADIUS
  • LDAP

Pregunta 18

Pregunta
Which of the following facilitates computing for heavily utilized systems and networks?
Respuesta
  • Remote access
  • Provider cloud
  • VPN concentrator
  • Telephony

Pregunta 19

Pregunta
With which of the following is RAID MOST concerned?
Respuesta
  • Integrity
  • Confidentiality
  • Availability
  • Baselining

Pregunta 20

Pregunta
Which of the following reduces the likelihood of a single point of failure when a server fails?
Respuesta
  • Clustering
  • Virtualization
  • RAID
  • Cold site

Pregunta 21

Pregunta
A user downloads a keygen to install pirated software. After running the keygen, system performance is extremely slow and numerous antivirus alerts are displayed. Which of the following BEST describes this type of malware?
Respuesta
  • Logic bomb
  • Worm
  • Trojan
  • Adware

Pregunta 22

Pregunta
Which of the following is used in conjunction with PEAP to provide mutual authentication between peers?
Respuesta
  • LEAP
  • MSCHAPv2
  • PPP
  • MSCHAPv1

Pregunta 23

Pregunta
A targeted email attack sent to the company's Chief Executive Officer (CEO) is known as which of the following?
Respuesta
  • Whaling
  • Bluesnarfing
  • Vishing
  • Dumpster diving

Pregunta 24

Pregunta
Which of the following uses TCP port 22 by default?
Respuesta
  • SSL, SCP, and TFTP
  • SSH, SCP, and SFTP
  • HTTPS, SFTP, and TFTP
  • TLS, TELNET, and SCP

Pregunta 25

Pregunta
Actively monitoring data streams in search of malicious code or behavior is an example of:
Respuesta
  • load balancing
  • an Internet proxy
  • URL filtering
  • content inspection

Pregunta 26

Pregunta
A user is no longer able to transfer files to the FTP server. The security administrator has verified the ports are open on the network firewall. Which of the following should the security administrator check?
Respuesta
  • Anti-virus software
  • ACLs
  • Anti-spam software
  • NIDS

Pregunta 27

Pregunta
A Human Resource manager is assigning access to users in their specific department performing the same job function. This is an example of:
Respuesta
  • role-based access control
  • rule-based access control
  • centralized access control
  • mandatory access control

Pregunta 28

Pregunta
Which of the following BEST describes the process of key escrow?
Respuesta
  • Maintains a copy of a user's public key for the sole purpose of recovering messages if it is lost
  • Maintains a secured copy of a user's private key to recover the certificate revocation list
  • Maintains a secured copy of a user's private key for the sole purpose of recovering the key if it is lost
  • Maintains a secured copy of a user's public key in order to improve network performance

Pregunta 29

Pregunta
Which of the following network devices would MOST likely be used to detect but not react to suspicious behavior on the network?
Respuesta
  • Firewall
  • NIDS
  • NIPS
  • HIDS

Pregunta 30

Pregunta
Which of the following is an example of allowing a user to perform a self-service password reset?
Respuesta
  • Password length
  • Password recovery
  • Password complexity
  • Password expiration

Pregunta 31

Pregunta
Which of the following wireless attacks uses a counterfeit base station with the same SSID name as a nearby intended wireless network?
Respuesta
  • War driving
  • Evil twin
  • Rogue access point
  • War chalking

Pregunta 32

Pregunta
A security administrator finished taking a forensic image of a computer's memory. Which of the following should the administrator do to ensure image integrity?
Respuesta
  • Run the image through AES128
  • Run the image through a symmetric encryption algorithm
  • Compress the image to a password protected archive
  • Run the image through SHA256

Pregunta 33

Pregunta
Which of the following BEST explains the security benefit of a standardized server image?
Respuesta
  • All current security updates for the operating system will have already been applied
  • Mandated security configurations have been made to the operating system
  • Anti-virus software will be installed and current
  • Operating system license use is easier to track

Pregunta 34

Pregunta
Which of the following is the primary purpose of using a digital signature? (Select TWO)
Respuesta
  • Encryption
  • Integrity
  • Confidentiality
  • Non-repudiation
  • Availability

Pregunta 35

Pregunta
Which of the following must a security administrator do when the private key of a web server has been compromised by an intruder?
Respuesta
  • Submit the public key to the CRL
  • Use the recovery agent to revoke the key
  • Submit the private key to the CRL
  • Issue a new CA

Pregunta 36

Pregunta
The security administrator often observes that an employee who entered the datacenter does not match the owner of the PIN that was entered into the keypad. Which of the following would BEST prevent this situation?
Respuesta
  • Multifactor authentication
  • Username and password
  • Mandatory access control
  • Biometrics

Pregunta 37

Pregunta
A programmer allocates 16 bytes for a string variable, but does not adequately ensure that more than 16 bytes cannot be copied into the variable. This program may be vulnerable to which of the following attacks?
Respuesta
  • Buffer overflow
  • Cross-site scripting
  • Session hijacking
  • Directory traversal

Pregunta 38

Pregunta
An administrator is updating firmware on routers throughout the company. Where should the administrator document this work?
Respuesta
  • Event Viewer
  • Router's System Log
  • Change Management System
  • Compliance Review System

Pregunta 39

Pregunta
The fundamental difference between symmetric and asymmetric key cryptographic systems is that symmetric key cryptography uses:
Respuesta
  • multiple keys for non-repudiation of bulk data
  • different keys on both ends of the transport medium
  • bulk encryption for data transmission over fiber
  • the same key on each end of the transmission medium

Pregunta 40

Pregunta
Which of the following allows a user to have a one-time password?
Respuesta
  • Biometrics
  • SSO
  • PIV
  • Tokens

Pregunta 41

Pregunta
Which of the following allows a security administrator to set device traps?
Respuesta
  • SNMP
  • TLS
  • ICMP
  • SSH

Pregunta 42

Pregunta
Which of the following is the BEST way to secure data for the purpose of retention?
Respuesta
  • Off-site backup
  • RAID 5 on-site backup
  • On-site clustering
  • Virtualization

Pregunta 43

Pregunta
In which of the following locations would a forensic analyst look to find a hooked process?
Respuesta
  • BIOS
  • Slack space
  • RAM
  • Rootkit

Pregunta 44

Pregunta
Several classified mobile devices have been stolen. Which of the following would BEST reduce the data leakage threat?
Respuesta
  • Use GPS tracking to find the devices
  • Use stronger encryption algorithms
  • Immediately inform local law enforcement
  • Remotely sanitize the devices

Pregunta 45

Pregunta
Which of the following is an example of requiring users to have a password of 16 characters or more?
Respuesta
  • Password recovery requirements
  • Password complexity requirements
  • Password expiration requirements
  • Password length requirements

Pregunta 46

Pregunta
Which of the following devices provides storage for RSA or asymmetric keys and may assist in user authentication? (Select TWO)
Respuesta
  • Trusted platform module
  • Hardware security module
  • Facial recognition scanner
  • Full disk encryption
  • Encrypted USB

Pregunta 47

Pregunta
A small company needs to invest in a new expensive database. The company's budget does not include the purchase of additional servers or personnel. Which of the following solutions would allow the small company to save money on hiring additional personnel and minimize the footprint in their current datacenter?
Respuesta
  • Allow users to telecommute
  • Setup a load balancer
  • Infrastructure as a Service
  • Software as a Service

Pregunta 48

Pregunta
A security administrator needs to implement a site-to-site VPN tunnel between the main office and a remote branch. Which of the following protocols should be used for the tunnel?
Respuesta
  • RTP
  • SNMP
  • IPSec
  • 802.1X

Pregunta 49

Pregunta
When examining HTTP server logs the security administrator notices that the company's online store crashes after a particular search string is executed by a single external user. Which of the following BEST describes this type of attack?
Respuesta
  • Spim
  • DDoS
  • Spoofing
  • DoS

Pregunta 50

Pregunta
Which of the following MUST a programmer implement to prevent cross-site scripting?
Respuesta
  • Validate input to remove shell scripts
  • Validate input to remove hypertext
  • Validate input to remove batch files
  • Validate input to remove Java bit code
Mostrar resumen completo Ocultar resumen completo

¿Quieres crear tus propios Tests gratis con GoConqr? Más información.

Similar

Teoria de la Empresa: Produccion y Costos
Ani Kimori Rosas
Ejemplos de Preguntas de Pensamiento Analítico
Raúl Fox
Cómo Calcular la Nota de Admisión en la Selectividad
maya velasquez
ÁRBOL DE PROBLEMAS
Natasha Zamora
Recursos de Biología para Selectividad
Diego Santos
BELLAS ARTES
Benjamin Martinez
PROPIEDADES DEL AGUA: FÍSICAS Y QUÍMICAS
Raúl Asael Vargas Gutiérrez
SOSTENIBILIDAD
Carlos Párraga
La desintegración del Renacimiento
amadis96
Lectura afectiva básica
darwin jaramillo
NIC 1
Diego Bejarano
Explorar la Librería