Brooks Thornhill
Quiz por , criado more than 1 year ago

Questions 151 - 200

32
0
0
Brooks Thornhill
Criado por Brooks Thornhill quase 8 anos atrás
Fechar

SY0-301 Part 4

Questão 1 de 50

1

An administrator wants to setup their network with only one public IP address even thou there are 10 users
internally who needs access. Which of the following would allow for this?

Selecione uma das seguintes:

  • DMZ

  • VLAN

  • NIDS

  • NAT

Explicação

Questão 2 de 50

1

Which of the following would be the MOST secure choice to implement for authenticating remote connections?

Selecione uma das seguintes:

  • LDAP

  • 802.1x

  • RAS

  • RADIUS

Explicação

Questão 3 de 50

1

Which of the following is the BEST way to reduce the number of passwords a user must remember and
maintain?

Selecione uma das seguintes:

  • Kerberos

  • CHAP

  • SSO

  • MD5

Explicação

Questão 4 de 50

1

Which of the following can be used as a means for dual-factor authentication?

Selecione uma das seguintes:

  • RAS and username/password

  • RADIUS and L2TP

  • LDAP and WPA

  • Iris scan and proximity card

Explicação

Questão 5 de 50

1

Which of the following type of attacks requires an attacker to sniff the network?

Selecione uma das seguintes:

  • Man-in-the-Middle

  • DDoS attack

  • MAC flooding

  • DNS poisoning

Explicação

Questão 6 de 50

1

Which of the following redundancy solutions contains hardware systems similar to the affected organization, but
does not provide all of the equipment needed for redundancy?

Selecione uma das seguintes:

  • Hot site

  • Uninterruptible Power Supply (UPS)

  • Warm site

  • Cold site

Explicação

Questão 7 de 50

1

Which of the following security policies is BEST to use when trying to mitigate the risks involved with allowing a
user to access company email via their cell phone?

Selecione uma das seguintes:

  • The cell phone should require a password after a set period of inactivity

  • The cell phone should only be used for company related emails

  • The cell phone data should be encrypted according to NIST standards

  • The cell phone should have data connection abilities disabled

Explicação

Questão 8 de 50

1

Which of the following algorithms is the LEAST secure?

Selecione uma das seguintes:

  • NTLM

  • MD5

  • LANMAN

  • SHA-1

Explicação

Questão 9 de 50

1

A technician needs to detect staff members that are connecting to an unauthorized website. Which of the
following could be used?

Selecione uma das seguintes:

  • Protocol analyzer

  • Bluesnarfing

  • Host routing table

  • HIDS

Explicação

Questão 10 de 50

1

Which of the following is an example of security personnel that administer access control functions, but do not
administer audit functions?

Selecione uma das seguintes:

  • Access enforcement

  • Separation of duties

  • Least privilege

  • Account management

Explicação

Questão 11 de 50

1

Which of the following is used to perform denial of service (DoS) attacks?

Selecione uma das seguintes:

  • Privilege escalation

  • Botnet

  • Adware

  • Spyware

Explicação

Questão 12 de 50

1

Which of the following is an exploit against a device where only the hardware model and manufacturer are
known?

Selecione uma das seguintes:

  • Replay attack

  • Denial of service (DoS)

  • Privilege escalation

  • Default passwords

Explicação

Questão 13 de 50

1

Which of the following tools will allow the technician to find all open ports on the network?

Selecione uma das seguintes:

  • Performance monitor

  • Protocol analyzer

  • Router ACL

  • Network scanner

Explicação

Questão 14 de 50

1

Which of the following should a technician recommend to prevent physical access to individual office areas?
(Select TWO).

Selecione uma ou mais das seguintes:

  • Video surveillance

  • Blockade

  • Key card readers

  • Mantrap

  • Perimeter fence

Explicação

Questão 15 de 50

1

After issuance a technician becomes aware that some asymmetric keys were issued to individuals who are not
authorized to use them. Which of the following should the technician use to revoke the keys and informs others
they are no longer trusted?

Selecione uma das seguintes:

  • Recovery agent

  • Certificate revocation list

  • Key escrow

  • Public key recovery

Explicação

Questão 16 de 50

1

Which of following can BEST be used to determine the topology of a network and discover unknown devices?

Selecione uma das seguintes:

  • Vulnerability scanner

  • NIPS

  • Protocol analyzer

  • Network mapper

Explicação

Questão 17 de 50

1

Which of the following BEST describes the term war driving?

Selecione uma das seguintes:

  • Driving from point to point with a laptop and an antenna to find unsecured wireless access points

  • Driving from point to point with a wireless scanner to read other user emails through the access point

  • Driving from point to point with a wireless network card and hacking into unsecured wireless access points

  • Driving from point to point with a wireless scanner to use unsecured access points

Explicação

Questão 18 de 50

1

When is the BEST time to update antivirus definitions?

Selecione uma das seguintes:

  • At least once a week as part of system maintenance

  • As the definitions become available from the vendor

  • When a new virus is discovered on the system

  • When an attack occurs on the network

Explicação

Questão 19 de 50

1

Why would a technician use a password cracker?

Selecione uma das seguintes:

  • To look for weak passwords on the network

  • To change a user passwords when they leave the company

  • To enforce password complexity requirements

  • To change user passwords if they have forgotten them

Explicação

Questão 20 de 50

1

What would be a requirement before a technician begin his penetration test?

Selecione uma das seguintes:

  • When the technician suspects that weak passwords exist on the network

  • When the technician is trying to guess passwords on a network

  • When the technician has permission from the owner of the network

  • When the technician is war driving and trying to gain access

Explicação

Questão 21 de 50

1

Which of the following is the MOST secure alternative for remote administrative access to a router?

Selecione uma das seguintes:

  • SSH

  • Telnet

  • rlogin

  • HTTP

Explicação

Questão 22 de 50

1

Users are utilizing thumb drives to connect to USB ports on company workstations. A technician is concerned
that sensitive files can be copied to the USB drives. Which of the following mitigation techniques would address
this concern? (Select TWO).

Selecione uma ou mais das seguintes:

  • Disable the USB root hub within the OS

  • Install anti-virus software on the USB drives

  • Disable USB within the workstation BIOS

  • Apply the concept of least privilege to USB devices

  • Run spyware detection against all workstations

Explicação

Questão 23 de 50

1

A technician is testing the security of a new database application with a website front-end. The technician
notices that when certain characters are input into the application it will crash the server. Which of the following
does the technician need to do?

Selecione uma das seguintes:

  • Utilize SSL on the website

  • Implement an ACL

  • Lock-down the database

  • Input validation

Explicação

Questão 24 de 50

1

An administrator in a small office environment has implemented an IDS on the network perimeter to detect
malicious traffic patterns. The administrator still has a concern about traffic inside the network originating
between client workstations. Which of the following could be implemented?

Selecione uma das seguintes:

  • HIDS

  • A VLAN

  • A network router

  • An access list

Explicação

Questão 25 de 50

1

Which of the following is the primary purpose of a CA?

Selecione uma das seguintes:

  • LANMAN validation

  • Encrypt data

  • Kerberos authentication

  • Issue private/public keys

Explicação

Questão 26 de 50

1

A user is attempting to receive digitally signed and encrypted email messages from a remote office. Which of
the following protocols does the system need to support?

Selecione uma das seguintes:

  • SMTP

  • S/MIME

  • ISAKMP

  • IPSec

Explicação

Questão 27 de 50

1

Antivirus software products detect malware by comparing the characteristics of known instances against which
of the following type of file sets?

Selecione uma das seguintes:

  • Signature

  • Text

  • NIDS signature

  • Dynamic Library

Explicação

Questão 28 de 50

1

Which of the following is a reason why a company should disable the SSID broadcast of the wireless access
points?

Selecione uma das seguintes:

  • Rogue access points

  • War driving

  • Weak encryption

  • Session hijacking

Explicação

Questão 29 de 50

1

An administrator notices that former temporary employee's accounts are still active on a domain. Which of the
following can be implemented to increase security and prevent this from happening?

Selecione uma das seguintes:

  • Run a last logon script to look for inactive accounts

  • Implement an account expiration date for temporary employees

  • Implement a password expiration policy

  • Implement time of day restrictions for all temporary employees

Explicação

Questão 30 de 50

1

Which of the following algorithms have the smallest key space?

Selecione uma das seguintes:

  • IDEA

  • SHA-1

  • AES

  • DES

Explicação

Questão 31 de 50

1

Which of the following is the MOST recent addition to cryptography as a standard for the US Government?

Selecione uma das seguintes:

  • AES

  • DES

  • 3DES

  • PGP

Explicação

Questão 32 de 50

1

Which of the following allows for notification when a hacking attempt is discovered?

Selecione uma das seguintes:

  • NAT

  • NIDS

  • Netflow

  • Protocol analyzer

Explicação

Questão 33 de 50

1

When dealing with a 10BASE5 network, which of the following is the MOST likely security risk?

Selecione uma das seguintes:

  • An incorrect VLAN

  • SSID broadcasting

  • A repeater

  • A vampire tap

Explicação

Questão 34 de 50

1

Which of the following allows a technician to scan for missing patches on a device without actually attempting to
exploit the security problem?

Selecione uma das seguintes:

  • A vulnerability scanner

  • Security baselines

  • A port scanner

  • Group policy

Explicação

Questão 35 de 50

1

Which of the following uses a key ring?

Selecione uma das seguintes:

  • AES

  • DES

  • PGP

  • RSA

Explicação

Questão 36 de 50

1

Using an asymmetric key cryptography system, where can a technician get a third party to vouch for the identity
of the key pairs generated?

Selecione uma das seguintes:

  • A certificate authority

  • IETF

  • A key escrow service

  • A recovery agent

Explicação

Questão 37 de 50

1

Which of the following allows a file to have different security permissions for users that have the same roles or
user groups?

Selecione uma das seguintes:

  • Mandatory Access Control (MAC)

  • Role-Based Access Control (RBAC)

  • Discretionary Access Control (DAC)

  • Rule-Based Access Control (RBAC)

Explicação

Questão 38 de 50

1

Which of the following would be BEST to use to apply corporate security settings to a device?

Selecione uma das seguintes:

  • A security patch

  • A security hotfix

  • An OS service pack

  • A security template

Explicação

Questão 39 de 50

1

A technician suspects that one of the network cards on the internal LAN is causing a broadcast storm. Which of
the following would BEST diagnose which NIC is causing this problem?

Selecione uma das seguintes:

  • The NIDS log file

  • A protocol analyzer

  • The local security log file

  • The local firewall log file

Explicação

Questão 40 de 50

1

A CEO is concerned about staff browsing inappropriate material on the Internet via HTTPS. It has been
suggested that the company purchase a product which could decrypt the SSL session, scan the content and
then repackage the SSL session without staff knowing. Which of the following type of attacks is similar to this
product?

Selecione uma das seguintes:

  • Replay

  • Spoofing

  • TCP/IP hijacking

  • Man-in-the-middle

Explicação

Questão 41 de 50

1

After a system risk assessment was performed it was found that the cost to mitigate the risk was higher than
the expected loss if the risk was actualized. In this instance, which of the following is the BEST course of
action?

Selecione uma das seguintes:

  • Accept the risk

  • Mitigate the risk

  • Reject the risk

  • Run a new risk assessment

Explicação

Questão 42 de 50

1

A small call center business decided to install an email system to facilitate communications in the office. As part
of the upgrade the vendor offered to supply anti-malware software for a cost of 5,000 per year. The IT manager
read there was a 90% chance each year that workstations would be compromised if not adequately protected. If
workstations are compromised it will take three hours to restore services for the 30 staff. Staff members in the
call center are paid $90 per hour. If determining the risk, which of the following is the annual loss expectancy
(ALE)?

Selecione uma das seguintes:

  • $2,700

  • $4,500

  • $8,100

  • $7,290

Explicação

Questão 43 de 50

1

A small call center business decided to install an email system to facilitate communications in the office. As part
of the upgrade the vendor offered to supply anti-malware software for a cost of 5,000 per year. The IT manager
read there was a 90% chance each year that workstations would be compromised if not adequately protected. If
workstations are compromised it will take three hours to restore services for the 30 staff. Staff members in the
call center are paid $90 per hour. If the anti-malware software is purchased, which of the following is the
expected net savings?

Selecione uma das seguintes:

  • 9000

  • 2,290

  • 2,700

  • 5,000

Explicação

Questão 44 de 50

1

A flat or simple role-based access control (RBAC) embodies which of the following principles?

Selecione uma das seguintes:

  • Users assigned to roles, permissions are assigned to groups, controls applied to groups and permissions acquired by controls

  • Users assigned permissions, roles assigned to groups and users acquire additional permissions by being a member of a group

  • Roles applied to groups, users assigned to groups and users acquire permissions by being a member of the group

  • Users assigned to roles, permissions are assigned to roles and users acquire permissions by being a
    member of the role?

Explicação

Questão 45 de 50

1

Frequent signature updates are required by which of the following security applications? (Select TWO).

Selecione uma ou mais das seguintes:

  • Antivirus

  • PGP

  • Firewall

  • PKI

  • IDS

Explicação

Questão 46 de 50

1

Social engineering, password cracking and vulnerability exploitation are examples of which of the following?

Selecione uma das seguintes:

  • Vulnerability assessment

  • Fingerprinting

  • Penetration testing

  • Fuzzing

Explicação

Questão 47 de 50

1

Configuration baselines should be taken at which of the following stages in the deployment of a new system?

Selecione uma das seguintes:

  • Before initial configuration

  • Before loading the OS

  • After a user logs in

  • After initial configuration

Explicação

Questão 48 de 50

1

Which of the following describes the difference between a secure cipher and a secure hash?

Selecione uma das seguintes:

  • A hash produces a variable output for any input size, a cipher does not

  • A cipher produces the same size output for any input size, a hash does not

  • A cipher can be reversed, a hash cannot

  • A hash can be reversed, a cipher cannot

Explicação

Questão 49 de 50

1

To evaluate the security compliance of a group of servers against best practices, which of the following BEST
applies?

Selecione uma das seguintes:

  • Get a patch management report

  • Conduct a penetration test

  • Run a vulnerability assessment tool

  • Install a protocol analyzer

Explicação

Questão 50 de 50

1

Which of the following is a problem MOST often associated with UTP cable?

Selecione uma das seguintes:

  • Fuzzing

  • Vampire tap

  • Crosstalk

  • Refraction

Explicação