CompTIA SY0-301 Study Guide Download, Download CompTIA SY0-301 Practice Exam Online
Welcome to download the newest Examwind PW0-071 dumps:
Flydumps practice test training resources are versatile and highly compatible with Microsoft exam formats. We provide up to date resources and comprehensive coverage on CompTIA SY0-301 exam dumps help you to advance your skills.
QUESTION 41
Data execution prevention is a feature in most operating systems intended to protect against which type of attack?
A. Cross-site scripting
B. Buffer overflow
C. Header manipulation
D. SQL injection
Correct Answer: B QUESTION 42
Use of group accounts should be minimized to ensure which of the following?
A. Password security
B. Regular auditing
C. Baseline management
D. Individual accountability
Correct Answer: D QUESTION 43
Privilege creep among long-term employees can be mitigated by which of the following procedures?
A. User permission reviews
B. Mandatory vacations
C. Separation of duties
D. Job function rotation
Correct Answer: A
QUESTION 44
In which of the following scenarios is PKI LEAST hardened?
A. The CRL is posted to a publicly accessible location.
B. The recorded time offsets are developed with symmetric keys.
C. A malicious CA certificate is loaded on all the clients.
D. All public keys are accessed by an unauthorized user.
Correct Answer: C
QUESTION 45
Configuring the mode, encryption methods, and security associations are part of which of the following?
A. IPSec
B. Full disk encryption
C. 802.1x
D. PKI
Correct Answer: A
QUESTION 46
Which of the following assessments would Pete, the security administrator, use to actively test that an application’s security controls are in place?
A. Code review
B. Penetration test
C. Protocol analyzer
D. Vulnerability scan
Correct Answer: B
QUESTION 47
A security administrator has just finished creating a hot site for the company. This implementation relates to which of the following concepts?
A. Confidentiality
B. Availability
C. Succession planning
D. Integrity
Correct Answer: B
QUESTION 48
In the initial stages of an incident response, Matt, the security administrator, was provided the hard drives in question from the incident manager. Which of the following incident response procedures would he need to perform in order to begin the analysis? (Select TWO).
A. Take hashes
B. Begin the chain of custody paperwork
C. Take screen shots
D. Capture the system image
E. Decompile suspicious files
Correct Answer: AD QUESTION 49
Which of the following is used to certify intermediate authorities in a large PKI deployment?
A. Root CA
B. Recovery agent
C. Root user
D. Key escrow
Correct Answer: A QUESTION 50
Which of the following components MUST be trusted by all parties in PKI?
A. Key escrow
B. CA
C. Private key
D. Recovery key
Correct Answer: B QUESTION 51
Which of the following should Matt, a security administrator, include when encrypting smartphones? (Select TWO).
A. Steganography images
B. Internal memory
C. Master boot records
D. Removable memory cards
E. Public keys
Correct Answer: BD QUESTION 52
Which of the following is the below pseudo-code an example of? IF VARIABLE (CONTAINS NUMBERS = TRUE) THEN EXIT
A. Buffer overflow prevention
B. Input validation
C. CSRF prevention
D. Cross-site scripting prevention
Correct Answer: B QUESTION 53
A system administrator is using a packet sniffer to troubleshoot remote authentication. The administrator detects a device trying to communicate to TCP port 49. Which of the following authentication methods is MOST likely being attempted?
A. RADIUS
B. TACACS+
C. Kerberos
D. LDAP Correct Answer: B QUESTION 54
Which of the following can use RC4 for encryption? (Select TWO).
A. CHAP
B. SSL
C. WEP
D. AES
E. 3DES
Correct Answer: BC
QUESTION 55
Which of the following defines a business goal for system restoration and acceptable data loss?
A. MTTR
B. MTBF
C. RPO
D. Warm site
Correct Answer: C
QUESTION 56
If Organization A trusts Organization B and Organization B trusts Organization C, then Organization A trusts Organization C. Which of the following PKI concepts is this describing?
A. Transitive trust
B. Public key trust
C. Certificate authority trust
D. Domain level trust
Correct Answer: A
QUESTION 57
Which of the following concepts is BEST described as developing a new chain of command in the event of a contingency?
A. Business continuity planning
B. Continuity of operations
C. Business impact analysis
D. Succession planning
Correct Answer: D
QUESTION 58
Which of the following allows a company to maintain access to encrypted resources when employee turnover is high?
A. Recovery agent
B. Certificate authority
C. Trust model
D. Key escrow
Correct Answer: A
QUESTION 59
Which of the following devices will help prevent a laptop from being removed from a certain location?
A. Device encryption
B. Cable locks
C. GPS tracking
D. Remote data wipes
Correct Answer: B
QUESTION 60
Which of the following is the MOST secure protocol to transfer files?
A. FTP
B. FTPS
C. SSH
D. TELNET
Correct Answer: B
QUESTION 61
Suspicious traffic without a specific signature was detected. Under further investigation, it was determined that these were false indicators. Which of the following security devices needs to be configured to disable future false alarms?
A. Signature based IPS
B. Signature based IDS
C. Application based IPS
D. Anomaly based IDS
Correct Answer: D
QUESTION 62
A company storing data on a secure server wants to ensure it is legally able to dismiss and prosecute staff who intentionally access the server via Telnet and illegally tamper with customer data. Which of the following administrative controls should be implemented to BEST achieve this?
A. Command shell restrictions
B. Restricted interface
C. Warning banners
D. Session output pipe to /dev/null
Correct Answer: C
QUESTION 63
Which of the following protocols is used to authenticate the client and server’s digital certificate?
A. PEAP
B. DNS
C. TLS
D. ICMP
Correct Answer: C
QUESTION 64
Which of the following can be used to mitigate risk if a mobile device is lost?
A. Cable lock
B. Transport encryption
C. Voice encryption
D. Strong passwords
Correct Answer: D
QUESTION 65
Which of the following security concepts would Sara, the security administrator, use to mitigate the risk of data loss?
A. Record time offset
B. Clean desk policy
C. Cloud computing
D. Routine log review
Correct Answer: B
QUESTION 66
Which of the following is an example of multifactor authentication?
A. Credit card and PIN
B. Username and password
C. Password and PIN
D. Fingerprint and retina scan
Correct Answer: A
QUESTION 67
After Matt, a user, enters his username and password at the login screen of a web enabled portal, the
following appears on his screen:
`Please only use letters and numbers on these fields’ Which of the following is this an example of?
A. Proper error handling
B. Proper input validation
C. Improper input validation
D. Improper error handling
Correct Answer: B
QUESTION 68
Which of the following should the security administrator implement to limit web traffic based on country of origin? (Select THREE).
A. Spam filter
B. Load balancer
C. Antivirus
D. Proxies
E. Firewall
F. NIDS
G. URL filtering
Correct Answer: DEG
QUESTION 69
Several bins are located throughout a building for secure disposal of sensitive information. Which of the following does this prevent?
A. Dumpster diving
B. War driving
C. Tailgating
D. War chalking
Correct Answer: A
QUESTION 70
Matt, a developer, recently attended a workshop on a new application. The developer installs the new application on a production system to test the functionality. Which of the following is MOST likely affected?
A. Application design
B. Application security
C. Initial baseline configuration
D. Management of interfaces
Correct Answer: C
QUESTION 71
Sara, a company’s security officer, often receives reports of unauthorized personnel having access codes to the cipher locks of secure areas in the building. Sara should immediately implement which of the following?
A. Acceptable Use Policy
B. Physical security controls
C. Technical controls
D. Security awareness training
Correct Answer: D
QUESTION 72
Mike, a network administrator, has been asked to passively monitor network traffic to the company’s sales websites. Which of the following would be BEST suited for this task?
A. HIDS
B. Firewall
C. NIPS
D. Spam filter
Correct Answer: C
QUESTION 73
Mike, a security professional, is tasked with actively verifying the strength of the security controls on a company’s live modem pool. Which of the following activities is MOST appropriate?
A. War dialing
B. War chalking
C. War driving
D. Bluesnarfing
Correct Answer: A
QUESTION 74
Users at a company report that a popular news website keeps taking them to a web page with derogatory content. This is an example of which of the following?
A. Evil twin
B. DNS poisoning
C. Vishing
D. Session hijacking
Correct Answer: B QUESTION 75
An encrypted message is sent using PKI from Sara, a client, to a customer. Sara claims she never sent the message. Which of the following aspects of PKI BEST ensures the identity of the sender?
A. CRL
B. Non-repudiation
C. Trust models
D. Recovery agents
Correct Answer: B QUESTION 76
Jane, a security administrator, has observed repeated attempts to break into a server. Which of the following is designed to stop an intrusion on a specific server?
A. HIPS
B. NIDS
C. HIDS
D. NIPS
Correct Answer: A QUESTION 77
Matt, the IT Manager, wants to create a new network available to virtual servers on the same hypervisor, and does not want this network to be routable to the firewall. How could this BEST be accomplished?
A. Create a VLAN without a default gateway.
B. Remove the network from the routing table.
C. Create a virtual switch.
D. Commission a stand-alone switch.
Correct Answer: C QUESTION 78
A security administrator implements access controls based on the security classification of the data and need-to-know information. Which of the following BEST describes this level of access control?
A. Implicit deny
B. Role-based Access Control
C. Mandatory Access Controls
D. Least privilege
Correct Answer: C QUESTION 79
A security administrator has configured FTP in passive mode. Which of the following ports should the security administrator allow on the firewall by default?
A. 20
B. 21
C. 22
D. 23 Correct Answer: B QUESTION 80
Which of the following could cause a browser to display the message below? “The security certificate presented by this website was issued for a different website’s address.”
A. The website certificate was issued by a different CA than what the browser recognizes in its trusted CAs.
B. The website is using a wildcard certificate issued for the company’s domain.
C. HTTPS://127.0.01 was used instead of HTTPS://localhost.
D. The website is using an expired self signed certificate.
Correct Answer: C QUESTION 81
A company that purchased an HVAC system for the datacenter is MOST concerned with which of the following?
A. Availability
B. Integrity
C. Confidentiality
D. Fire suppression
Correct Answer: A QUESTION 82
Which of the following pseudocodes can be used to handle program exceptions?
A. If program detects another instance of itself, then kill program instance.
B. If user enters invalid input, then restart program.
C. If program module crashes, then restart program module.
D. If user’s input exceeds buffer length, then truncate the input.
Correct Answer: C QUESTION 83
Which of the following technologies uses multiple devices to share work?
A. Switching
B. Load balancing
C. RAID
D. VPN concentrator
Correct Answer: B QUESTION 84
Which of the following protocols uses an asymmetric key to open a session and then establishes a symmetric key for the remainder of the session?
A. SFTP
B. HTTPS
C. TFTP
D. TLS
Correct Answer: B QUESTION 85
Which of the following describes how Sara, an attacker, can send unwanted advertisements to a mobile device?
A. Man-in-the-middle
B. Bluejacking
C. Bluesnarfing
D. Packet sniffing
Correct Answer: B
QUESTION 86
Pete, an employee, is terminated from the company and the legal department needs documents from his encrypted hard drive. Which of the following should be used to accomplish this task? (Select TWO).
A. Private hash
B. Recovery agent
C. Public key
D. Key escrow
E. CRL
Correct Answer: BD
QUESTION 87
Which of the following mitigation strategies is established to reduce risk when performing updates to business critical systems?
A. Incident management
B. Server clustering
C. Change management
D. Forensic analysis
Correct Answer: C
QUESTION 88
Which of the following can Pete, a security administrator, use to distribute the processing effort when generating hashes for a password cracking program?
A. RAID
B. Clustering
C. Redundancy
D. Virtualization
Correct Answer: B
QUESTION 89
Which of the following should Jane, a security administrator, perform before a hard drive is analyzed with forensics tools?
A. Identify user habits
B. Disconnect system from network
C. Capture system image
D. Interview witnesses
Correct Answer: C
QUESTION 90
Jane, an administrator, needs to make sure the wireless network is not accessible from the parking area of their office. Which of the following would BEST help Jane when deploying a new access point?
A. Placement of antenna
B. Disabling the SSID
C. Implementing WPA2
D. Enabling the MAC filtering
Correct Answer: A
QUESTION 91
Which of the following allows Pete, a security technician, to provide the MOST secure wireless implementation?
A. Implement WPA
B. Disable SSID
C. Adjust antenna placement
D. Implement WEP
Correct Answer: A
QUESTION 92
Which of the following is a management control?
A. Logon banners
B. Written security policy
C. SYN attack prevention
D. Access Control List (ACL)
Correct Answer: B
QUESTION 93
Which of the following security strategies allows a company to limit damage to internal systems and provides loss control?
A. Restoration and recovery strategies
B. Deterrent strategies
C. Containment strategies
D. Detection strategies
Correct Answer: C
QUESTION 94
In order for Sara, a client, to logon to her desktop computer, she must provide her username, password, and a four digit PIN. Which of the following authentication methods is Sara using?
A. Three factor
B. Single factor
C. Two factor
D. Four factor
Correct Answer: B
QUESTION 95
Using proximity card readers instead of the traditional key punch doors would help to mitigate:
A. Impersonation
B. Tailgating
C. Dumpster diving
D. Shoulder surfing
Correct Answer: D
QUESTION 96
Which of the following application attacks is used to gain access to SEH?
A. Cookie stealing
B. Buffer overflow
C. Directory traversal
D. XML injection
Correct Answer: B
Purchasing CompTIA SY0-301 exam sample questions at FLYDUMPS is coupled with CompTIA SY0-301 Lifecycle Services Advanced Security download instantly creating an actual testing environment. The product gives chance to the students to add Others CompTIA SY0-301 practice questions and access FLYDUMPS CompTIA SY0-301 exam sample questions at the same time. FLYDUMPS CompTIA SY0-301 exam sample questions along with Others study material prepares you for taking Others CompTIA SY0-301 Lifecycle Services Advanced Security exam and FLYDUMPS CompTIA SY0-301 exam sample questions cover the basics of the Others CompTIA SY0-301 real exam questions. Online training format is one of CompTIA SY0-301 exam sample questions more suitable for those who prefer to prepare for Others quiz and FLYDUMPS CompTIA SY0-301 exam sample questions on their own and possess self-determination indispensable to do so.