Latest CompTIA SY0-301 Real Exam Download 301-320

Ensurepass

QUESTION 301

Which of the following is an authentication and accounting service that uses TCP for connecting to routers and switches?

A. DIAMETER

B. RADIUS

C. TACACS+

D. Kerberos

Correct Answer: C


QUESTION 302

Which of the following can BEST help prevent cross-site scripting attacks and buffer overflows on a production system?

A. Input validation

B. Network intrusion detection system

C. Anomaly-based HIDS

D. Peer review

Correct Answer: A


QUESTION 303

Pete, a security engineer, maintains up-to-date virus scan signatures on all systems. Which of the following should Pete do as well to prevent the exploiting of known vulnerabilities?

A. Application patching

B. White box penetration testing

C. Vulnerability assessment

D. Port scanning

Correct Answer: A


QUESTION 304

If Pete, the administrator, is blocking port 69, which of the following protocols will this affect?

57 / 78

The safer , easier way to help you pass any IT exams.

A. TFTP

B. FTP

C. RDP

D. DNS

Correct Answer: A


QUESTION 305

Which of the following should be connected to the fire alarm system in order to help prevent the spread of a fire in a server room without data loss to assist in an FM-200 deployment?

A. Water base sprinkler system

B. Electrical

C. HVAC

D. Video surveillance

Correct Answer: C


QUESTION 306

Pete, a home user, is trying to secure his wireless network from his technical neighbor. Which of the following should Pete implement on his access point to keep his neighbor from accessing his wireless

network and viewing Pete 痵 online chats?

A. WPA

B. RIPEMD

C. WEP

D. LEAP

Correct Answer: A


QUESTION 307

Matt, a security consultant, has been tasked with increasing server fault tolerance and has been given no budget to accomplish his task.

Which of the following can Matt implement to ensure servers will withstand hardware failure?

A. Hardware load balancing

B. RAID

C. A cold site

D. A host standby

Correct Answer: B


QUESTION 308

Pete has obtained a highly sensitive document and has placed it on a network drive which has been formatted with NTFS and is shared via CIFS.

Which of the following access controls apply to the sensitive file on the server?

A. Discretionary

B. Rule based

C. Role based

D. Mandatory

Correct Answer: A


QUESTION 309

Matt, the backup operator, is implementing a new backup plan. Which of the following is the MOST important step in a backup plan to ensure the disaster recovery plan is executed without any incidents?

58 / 78

The safer , easier way to help you pass any IT exams.

A. Verify that the data on the backup tapes can be restored on a test server.

B. Verify that the backup plan is stored in digital format on the backup tapes.

C. Verify that the data on the backup tapes can be restored on the web server.

D. Verify that all backup data is encrypted on the tape and store the encryption key offsite.

Correct Answer: A


QUESTION 310

Which of the following information should Pete, an employee at a pharmaceutical company, review during the company-wide information security awareness training, before handling customer data?

A. Acceptable use policy

B. Account management procedures

C. Laws and regulations

D. End user license agreement

Correct Answer: A


QUESTION 311

Matt has installed a new KDC for his corporate environment. Which of the following authentication protocols is Matt planning to implement across the organization?

A. LDAP

B. RADIUS

C. Kerberos

D. XTACACS

Correct Answer: C


QUESTION 312

Which of the following uses only a private key?

A. RSA

B. ECC

C. AES

D. SHA

Correct Answer: C


QUESTION 313

Sara, a security manager, received the results of a vulnerability assessment stating that several accounts were enabled, even though the employees had been terminated in months prior. Which of the following needs to be performed to ensure this issue is mitigated for future tests?

A. Change management reviews

B. Routine account audits

C. Incident management audits

D. User rights and permissions reviews

Correct Answer: B


QUESTION 314

Matt, a security manager, receives the results of a social engineering exercise. An attacker was able to successfully impersonate Sara, a company executive, over the phone when contacting the helpdesk and gained access to her password. After further research, it was determined that someone in the company

had thrown out printouts of Sara 痵 calendar for that week, showing when she would be traveling on business.

Which of the following should employees be trained on to help mitigate this issue in the future?

59 / 78

The safer , easier way to help you pass any IT exams.

A. Password behaviors

B. Help desk procedures

C. Secure disposal policy

D. Clean desk policies

Correct Answer: C


QUESTION 315

Sara is sniffing traffic on a wireless network configured with WEP. She obtains numerous packets and then attempts to breach the network.

Which of the following is Sara MOST likely attempting?

A. Bluejacking

B. IV attack

C. Evil twin

D. War driving

Correct Answer: B


QUESTION 316

Matt, a security technician, has been tasked with updating client anti-virus solutions. He makes sure that all of the workstations have been properly updated. Later that day, he receives a call from a user stating that their PC is unresponsive and the screen blanks out every few minutes. Matt goes to the website of the anti-virus vendor and sees that new virus definitions are available. Which of the following is the MOST likely cause of the behavior that the user is reporting?

A. A zero-day attack

B. IV attack

C. XML injection

D. Cross-site scripting

Correct Answer: A


QUESTION 317

Pete, a network administrator, needs to implement a VPN. Which of the following could he use to accomplish this objective? (Select TWO).

A. SMTP

B. SNMP

C. IPSec

D. SSL

E. SCP

F. SFTP

Correct Answer: CD


QUESTION 318

Matt has recently implemented a new network design at his organization and wishes to actively test security controls on the new network.

Which of the following should Matt perform?

A. Vulnerability assessment

B. Black box testing

C. White box testing

D. Penetration testing

Correct Answer: D


QUESTION 319

Jane has implemented an array of four servers to accomplish one specific task. This is BEST known as which of the following?

A. Clustering

B. RAID

C. Load balancing

D. Virtualization

Correct Answer: A


QUESTION 320

Pete, an employee, was recently indicted for fraud charges. Jane, a new security technician at the company, was tasked with collecting information from Pete 痵 workstation. Jane seized the hard drive from

the workstation without collecting any other information from the workstation. Which of the following principles did Jane violate?

A. Track man hours and expense

B. Order of volatility

C. Damage control

D. Preservation of evidence

Correct Answer: B


Download Latest SY0-301 Real Free Tests , help you to pass exam 100%.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.