Latest CompTIA SY0-301 Real Exam Download 21-40

Ensurepass

QUESTION 21

Which of the following authentication protocols forces centralized wireless authentication?

A. WPA2-Personal

B. WPA2-Enterprise

C. WPA2-CCMP

D. WPA2-TKIP

Correct Answer: B


QUESTION 22

A company that purchases insurance to reduce risk is an example of which of the following?

A. Risk deterrence

B. Risk acceptance

C. Risk avoidance

D. Risk transference

Correct Answer: D


QUESTION 23

Which of the following is a method to prevent ad-hoc configuration mistakes?

A. Implement an auditing strategy

B. Implement an incident management strategy 5 / 78

The safer , easier way to help you pass any IT exams.

C. Implement a patch management strategy

D. Implement a change management strategy

Correct Answer: D


QUESTION 24

Which of the following risks may result from improper use of social networking and P2P software?

A. Shoulder surfing

B. Denial of service

C. Information disclosure

D. Data loss prevention

Correct Answer: C


QUESTION 25

Which of the following malware types is BEST described as protecting itself by hooking system processes and hiding its presence?

A. Botnet

B. Rootkit

C. Logic bomb

D. Virus

Correct Answer: B


QUESTION 26

A computer is put into a restricted VLAN until the computer 痵 virus definitions are up-to-date.

Which of the following BEST describes this system type?

A. NAT

B. NIPS

C. NAC

D. DMZ

Correct Answer: C


QUESTION 27

Which of the following would be used for secure remote terminal access?

A. SSH

B. TFTP

C. SCP

D. SFTP

Correct Answer: A


QUESTION 28

Without validating user input, an application becomes vulnerable to all of the following EXCEPT:

A. buffer overflow.

B. command injection.

C. spear phishing.

D. SQL injection.

Correct Answer: C


QUESTION 29

After verifying that the server and database are running, Jane, the administrator, is still unable to make a TCP connection to the database.

Which of the following is the MOST likely cause for this?

6 / 78

The safer , easier way to help you pass any IT exams.

A. The server has data execution prevention enabled

B. The server has TPM based protection enabled

C. The server has HIDS installed

D. The server is running a host-based firewall

Correct Answer: D


QUESTION 30

Which of the following is used to detect an unknown security vulnerability?

A. Application fuzzing

B. Application configuration baseline

C. Patch management

D. ID badge

Correct Answer: A


QUESTION 31

Which of the following is a best practice before deploying a new desktop operating system image?

A. Install network monitoring software

B. Perform white box testing

C. Remove single points of failure

D. Verify operating system security settings

Correct Answer: D


QUESTION 32

Securing mobile devices involves which of the following checklists?

A. Key escrow, trust model, CRL

B. Cross-site scripting, XSRF, fuzzing

C. Screen lock, encryption, remote wipe

D. Black box, gray box, white box testing

Correct Answer: C


QUESTION 33

Which of the following steps should follow the deployment of a patch?

A. Antivirus and anti-malware deployment

B. Audit and verification

C. Fuzzing and exploitation

D. Error and exception handling

Correct Answer: B


QUESTION 34

Lack of internal security resources and high availability requirements are factors that may lead a company to consider:

A. patch management.

B. encryption.

C. cloud computing.

D. anti-malware sotware.

Correct Answer: C


QUESTION 35

Which of the following would be used when a higher level of security is desired for encryption key storage?

7 / 78

The safer , easier way to help you pass any IT exams.

A. TACACS+

B. L2TP

C. LDAP

D. TPM

Correct Answer: D


QUESTION 36

Which of the following is the default port for SCP and SSH?

A. 21

B. 22

C. 404

D. 443

Correct Answer: B


QUESTION 37

Which of the following default ports does the hypertext transfer protocol use for non-secure network connections?

A. 20

B. 21

C. 80

D. 8080

Correct Answer: C


QUESTION 38

Which of the following BEST describes using a smart card and typing in a PIN to gain access to a system?

A. Biometrics

B. PKI

C. Single factor authentication

D. Multifactor authentication

Correct Answer: D


QUESTION 39

Which of the following result types would Jane, a security administrator, MOST likely look for during a penetration test?

A. Inability to gain administrative access

B. Open ports

C. Ability to bypass security controls

D. Incorrect configurations

Correct Answer: C


QUESTION 40

A small business owner has asked the security consultant to suggest an inexpensive means to deter physical intrusions at their place of business.

Which of the following would BEST meet their request?

A. Fake cameras

B. Proximity readers

C. Infrared cameras

D. Security guards 8 / 78

The safer , easier way to help you pass any IT exams.

Correct Answer: A

Download Latest SY0-301 Real Free Tests , help you to pass exam 100%.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.