Latest CompTIA SY0-301 Real Exam Download 81-100

Ensurepass

QUESTION 81

Which of the following would MOST likely belong in the DMZ? (Select TWO).

A. Finance servers

B. Backup servers

C. Web servers

D. SMTP gateways

E. Laptops

Correct Answer: CD


QUESTION 82

Which of the following protocols would MOST likely be implemented if Pete, a user, wants to transfer files reliably from one location to another?

A. SNMP

B. SSH

C. ICMP

D. SFTP

Correct Answer: D


QUESTION 83

Which of the following is a strong cryptographic system used by Windows based systems for authentication?

A. SSO

B. DES

C. NTLMv2

D. LANMAN

Correct Answer: C


QUESTION 84

Which of the following algorithms has well documented collisions? (Select TWO).

A. AES

B. MD5

C. SHA

16 / 78

The safer , easier way to help you pass any IT exams.

D. SHA-256

E. RSA

Correct Answer: BC


QUESTION 85

Which of the following describes common concerns when implementing IPS?

A. Legitimate traffic will be incorrectly blocked

B. False negatives will disrupt network throughput

C. Incompatibilities with existing routers will result in a DoS

D. Security alerts will be minimal until adequate traffic is collected

Correct Answer: A


QUESTION 86

Which of the following describes an issue encountered when reconstructing a security incident through the examination of security logs collected from multiple servers?

A. Proprietary log formats prevent review of security alerts

B. Some operating systems do not natively export security logs

C. Security logs are often encrypted

D. Inconsistent time settings interfere with sequential event analysis

Correct Answer: D


QUESTION 87

When verifying file integrity on a remote system that is bandwidth limited, which of the following tool combinations provides the STRONGEST confidence?

A. MD5 and 3DES

B. MD5 and SHA-1

C. SHA-256 and RSA

D. SHA-256 and AES

Correct Answer: B


QUESTION 88

Jane, the security administrator, needs to be able to test malicious code in an environment where it will not harm the rest of the network.

Which of the following would allow Jane to perform this kind of testing?

A. Local isolated environment

B. Networked development environment

C. Infrastructure as a Service

D. Software as a Service

Correct Answer: A


QUESTION 89

A company is sending out a message to all users informing them that all internal messages need to be digitally signed. This is a form of which of the following concepts?

A. Availability

B. Non-repudiation

C. Authorization

D. Cryptography

Correct Answer: B


QUESTION 90

While performing basic forensic analysis of a hard drive in Sara 痵, the security administrator, possession,

which of the following should be verified during the analysis?

A. Witness statements

B. Image hashes

C. Chain of custody

D. Order of volatility

Correct Answer: B


QUESTION 91

A server containing critical data will cost the company $200/hour if it were to be unavailable due to DoS attacks. The security administrator expects the server to become unavailable for a total of two days next year.

Which of the following is true about the ALE?

A. The ALE is $48.

B. The ALE is $400.

C. The ALE is $4,800.

D. The ALE is $9,600.

Correct Answer: D


QUESTION 92

Jane, a user, installs software downloaded from a trusted website. The installed software causes unwanted pop-ups for pharmaceuticals.

Which of the following BEST describes the type of threat?

A. Trojan

B. Backdoor

C. Spyware

D. Adware

Correct Answer: D


QUESTION 93

Sara, a security administrator, notices a number of ports being scanned on the perimeter firewall. At first the scanning appears random, but after monitoring the logs for 30 minutes, she determines that the whole port range is being scanned and all TCP flags are being turned on. Which of the following BEST describes this type of threat?

A. Smurf attack

B. X-Mas attack

C. Spoofing

D. Malicious insider threat

Correct Answer: B


QUESTION 94

The Chief Information Officer (CIO) receives a call from an individual who states they are from the IT department. The caller wants to know the CIOs ID and password to validate their account as part of a yearly account revalidation process.

Which of the following BEST describes this scenario?

A. Spam

B. Hoax

C. Spoofing 18 / 78

The safer , easier way to help you pass any IT exams.

D. Vishing

Correct Answer: D


QUESTION 95

To reduce an organization 痵 risk exposure by verifying compliance with company policy, which of the

following should be performed periodically?

A. Qualitative analysis

B. Quantitative analysis

C. Routine audits

D. Incident management

Correct Answer: C


QUESTION 96

Which of the following can be implemented if a security administrator wants only certain devices connecting to the wireless network?

A. Disable SSID broadcast

B. Install a RADIUS server

C. Enable MAC filtering

D. Lowering power levels on the AP

Correct Answer: C


QUESTION 97

A system administrator decides to use SNMPv3 on the network router in AuthPriv mode. Which of the following algorithm combinations would be valid?

A. AES-RC4

B. 3DES-MD5

C. RSA-DSA

D. SHA1-HMAC

Correct Answer: B


QUESTION 98

Which of the following are encryption algorithms that can use a 128-bit key size? (Select TWO).

A. AES

B. RC4

C. Twofish

D. DES

E. SHA2

Correct Answer: AC


QUESTION 99

Unsolicited address items and messages are discovered on a Chief Information Officer 痵 (CIO’s)

smartphone. Additionally, files on an administrator’s smartphone are changed or missing. Which of the following BEST describes what may have happened?

A. The CIO and the Administrator were both bluesnarfed.

B. The CIO and the Administrator were both bluejacked.

C. The CIO was bluejacked and the Administrator was bluesnarfed.

D. The CIO was bluesnarfed and the Administrator was bluejacked.

Correct Answer: C


QUESTION 100

Which of the following devices, connected to an IDS, would allow capture of the MOST traffic?

A. Switch

B. Router

C. Firewall

D. Hub

Correct Answer: D


Download Latest SY0-301 Real Free Tests , help you to pass exam 100%.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.