[Free] Download New Updated (February 2016) CompTIA SY0-401 Practice Tests 831-840

Ensurepass

QUESTION 831

Which of the following is an attack vector that can cause extensive physical damage to a datacenter without physical access?

 

A.

CCTV system access

B.

Dial-up access

C.

Changing environmental controls

D.

Ping of death

 

Correct Answer: C

 

 

QUESTION 832

Which of the following policies is implemented in order to minimize data lo
ss or theft?

 

A.

PII handling

B.

Password policy

C.

Chain of custody

D.

Zero day exploits

 

Correct Answer: A

 

 

QUESTION 833

Which of the following provides the HIGHEST level of confidentiality on a wireless network?

 

A.

Disabling SSID broadcast

B.

MAC filtering

C.

WPA2

D.

Packet switching

 

Correct Answer: C

 

 

QUESTION 834

A security administrator is aware that a portion of the company’s Internet-facing network tends to be non-secure due to poorly configured and patched systems. The business owner has accepted the risk of those systems being compromised, but the administrator wants to determine the degree to which those systems can be used to gain access to the company intranet. Which of the following should the administrator perform?

 

A.

Patch management assessment

B.

Business impact assessment

C.

Penetration test

D.

Vulnerability assessment

 

Correct Answer: C

 

 

 

 

 

 

QUESTION 835

Which of the following should be implemented to stop an attacker from mapping out addresses and/or devices on a network?

 

A.

Single sign on

B.

IPv6

C.

Secure zone transfers

D.

VoIP

 

Correct Answer: C

 

 

QUESTION 836

Sara, the Chief Information Officer (CIO), has requested an audit take place to determine what services and operating systems are running on the corporate network. Which of the following should be used to complete this task?

 

A.

Fingerprinting and password crackers

B.

Fuzzing and a port scan

C.

Vulnerability scan and fuzzing

D.

Port scan and fingerprinting

 

Correct Answer: D

 

 

QUESTION 837

Matt, a systems security engineer, is determining which credential-type authentication to use within a planned 802.1x deployment. He is looking for a method that does not require a client certificate, has a server side certificate, and uses TLS tunnels for encryption. Which credential type authentication method BEST fits these requirements?

 

A.

EAP-TLS

B.

EAP-FAST

C.

PEAP-CHAP

D.

PEAP-MSCHAPv2

 

Correct Answer: D

 

 

QUESTION 838

Matt, the Chief Information Security Officer (CISO), tells the network administrator that a security company has been hired to perform a penetration test against his network. The security company asks Matt which type of testing would be most beneficial for him. Which of the following BEST describes what the security company might do during a black box test?

 

A.

The security company is provided with all network ranges, security devices in place, and logical maps of the network.

B.

The security company is provided with no information about the corporate network or physical locations.

C.

The security company is provided with limited information on the network, including all network diagrams.

D.

The security company is provided with limited information on the network, including some subnet ranges and logical network diagrams.

Correct Answer: B

 

 

QUESTION 839

Corporate IM presents multiple concerns to enterprise IT. Which of the following concerns should Jane, the IT security manager, ensure are under control? (Select THREE).

 

A.

Authentication

B.

Data leakage

C.

Compliance

D.

Malware

E.

Non-repudiation

F.

Network loading

 

Correct Answer: BCD

 

 

QUESTION 840

Account lockout is a mitigation strategy used by Jane, the administrator, to combat which of the following attacks? (Select TWO).

 

A.

Spoofing

B.

Man-in-the-middle

C.

Dictionary

D.

Brute force

E.

Privilege escalation

 

Correct Answer: CD

 

Free VCE & PDF File for CompTIA SY0-401 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in Uncategorized and tagged , , , , , , , . Bookmark the permalink.