Download New Updated (July) CompTIA SY0-401 Actual Test 691-700

Ensurepass

 

QUESTION 691

Which of the following is a Data Loss Prevention (DLP) strategy and is MOST useful for securing data in use?

 

A.

Email scanning

B.

Content discovery

C.

Database fingerprinting

D.

Endpoint protection

 

Correct Answer: D

 

 

 

QUESTION 692

Which of the following is a concern when encrypting wireless data with WEP?

 

A.

WEP displays the plain text entire key when wireless packet captures are reassembled

B.

WEP implements weak initialization vectors for key transmission

C.

WEP uses a very weak encryption algorithm

D.

WEP allows for only four pre-shared keys to be configured

 

Correct Answer: B

 

 

QUESTION 693

A security administrator is tasked with calculating the to
tal ALE on servers. In a two year period of time, a company has to replace five servers. Each server replacement has cost the company $4,000 with downtime costing $3,000. Which of the following is the ALE for the company?

 

A.

$7,000

B.

$10,000

C.

$17,500

D.

$35,000

 

Correct Answer: C

 

 

QUESTION 694

ABC company has a lot of contractors working for them. The provisioning team does not always get notified that a contractor has left the company. Which of the following policies would prevent contractors from having access to systems in the event a contractor has left?

 

A.

Annual account review

B.

Account expiration policy

C.

Account lockout policy

D.

Account disablement

 

Correct Answer: B

 

 

QUESTION 695

The practice of marking open wireless access points is called which of the following?

 

A.

War dialing

B.

War chalking

C.

War driving

D.

Evil twin

 

Correct Answer: B

 

 

QUESTION 696

Multi-tenancy is a concept found in which of the following?

 

A.

Full disk encryption

B.

Removable media

C.

Cloud computing

D.

Data loss prevention

 

Correct Answer: C

 

 

QUESTION 697

Which of the following is a common coding error in which boundary checking is not performed?

 

A.

Input validation

B.

Fuzzing

C.

Secure coding

D.

Cross-site scripting

 

Correct Answer: A

 

 

QUESTION 698

While previously recommended as a security measure, disabling SSID broadcast is not effective against most attackers because network SSIDs are:

 

A.

no longer used to authenticate to most wireless networks.

B.

contained in certain wireless packets in plaintext.

C.

contained in all wireless broadcast packets by default.

D.

no longer supported in 802.11 protocols.

 

Correct Answer: B

 

 

QUESTION 699

One of the most consistently reported software security vulnerabilities that leads to major exploits

is:

 

A.

Lack of malware detection.

B.

Attack surface decrease.

C.

Inadequate network hardening.

D.

Poor input validation.

 

Correct Answer: D

 

 

QUESTION 700

Public key certificates and keys that are compromised or were issued fraudulently are listed on which of the following?

 

A.

PKI

B.

ACL

C.

CA

D.

CRL

 

Correct Answer: D

 

 

 

Free VCE & PDF File for CompTIA SY0-401 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in SY0-401 Real Tests (July) and tagged , , , , , , . Bookmark the permalink.