[Free] Download New Updated (February 2016) CompTIA SY0-401 Practice Tests 321-330

Ensurepass

QUESTION 321

Pete, the system administrator, wishes to monitor and limit users’ access to external websites.

 

Which of the following would BEST address this?

 

A.

Block all traffic on port 80.

B.

Implement NIDS.

C.

Use server load balancers.

D.

Install a proxy server.

 

Correct Answer: D

 

 

QUESTION 322

Sara, the security administrator, must configure the corporate firewall to allow all public IP addresses on the internal interface of the firewall to be translated to one public IP address on the external interface of the same firewall. Which of the following should Sara configure?

 

A.

PAT

B.

NAP

C.

DNAT

D.

NAC

 

Correct Answer: A

 

 

 

 

QUESTION 323

Matt, a security analyst, needs to select an asymmetric encryption method that allows for the same level of encryption strength with a lower key length than is typically necessary. Which of the following encryption methods offers this capability?

 

A.

Twofish

B.

Diffie-Hellman

C.

ECC

D.

RSA

 

Correct Answer: C

 

 

QUESTION 324

Sara, a security analyst, is trying to prove t
o management what costs they could incur if their customer database was breached. This database contains 250 records with PII. Studies show that the cost per record for a breach is $300. The likelihood that their database would be breached in the next year is only 5%. Which of the following is the ALE that Sara should report to management for a security breach?

 

A.

$1,500

B.

$3,750

C.

$15,000

D.

$75,000

 

Correct Answer: B

 

 

QUESTION 325

Methods to test the responses of software and web applications to unusual or unexpected inputs is known as:

 

A.

Brute force.

B.

HTML encoding.

C.

Web crawling.

D.

Fuzzing.

 

Correct Answer: D

 

 

QUESTION 326

Pete needs to open ports on the firewall to allow for secure transmission of files. Which of the following ports should be opened on the firewall?

 

A.

TCP 23

B.

UDP 69

C.

TCP 22

D.

TCP 21

 

Correct Answer: C

 

 

 

QUESTION 327

Sara, a security architect, has developed a framework in which several authentication servers work together to increase processing power for an application. Which of the following does this represent?

 

A.

Warm site

B.

Load balancing

C.

Clustering

D.

RAID

 

Correct Answer: C

 

 

QUESTION 328

Which statement is TRUE about the operation of a packet sniffer?

 

A.

It can only have one interface on a management network.

B.

They are required for firewall operation and stateful inspection.

C.

The Ethernet card must be placed in promiscuous mode.

D.

It must be placed on a single virtual LAN interface.

 

Correct Answer: C

 

 

QUESTION 329

Which of the following firewall rules only denies DNS zone transfers?

 

A.

deny udp any any port 53

B.

deny ip any any

C.

deny tcp any any port 53

D.

deny all dns packets

 

Correct Answer: C

 

 

QUESTION 330

Which of the following BEST explains the use of an HSM within the company servers?

 

A.

Thumb drives present a significant threat which is mitigated by HSM.

B.

Software encryption can perform multiple functions required by HSM.

C.

Data loss by removable media can be prevented with DLP.

D.

Hardware encryption is faster than software encryption.

 

Correct Answer: D

 

Free VCE & PDF File for CompTIA SY0-401 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in SY0-401 Practice Tests (February 2016) and tagged , , , , , , , . Bookmark the permalink.