QUESTION 931
Without validating user input, an application becomes vulnerable to all of the following EXCEPT:
|
A. |
Buffer overflow. |
|
B. |
Command injection. |
|
C. |
Spear phishing. |
|
D. |
SQL injection. |
Correct Answer: C
QUESTION 932
To protect corporate data on removable media, a security policy should mandate that all removable devices use which
of the following?
|
A. |
Full disk encryption |
|
B. |
Application isolation |
|
C. |
Digital rights management |
|
D. |
Data execution prevention |
Correct Answer: A
QUESTION 933
Which of the following wireless security technologies continuously supplies new keys for WEP?
|
A. |
TKIP |
|
B. |
Mac filtering |
|
C. |
WPA2 |
|
D. |
WPA |
Correct Answer: A
QUESTION 934
Which of the following malware types is MOST likely to execute its payload after Jane, an employee, has left the company?
|
A. |
Rootkit |
|
B. |
Logic bomb |
|
C. |
Worm |
|
D. |
Botnet |
Correct Answer: B
QUESTION 935
Which of the following application security principles involves inputting random data into a program?
|
A. |
Brute force attack |
|
B. |
Sniffing |
|
C. |
Fuzzing |
|
D. |
Buffer overflow |
Correct Answer: C
QUESTION 936
Which of the following is an important step in the initial stages of deploying a host-based firewall?
|
A. |
Selecting identification versus authentication |
|
B. |
Determining the list of exceptions |
|
C. |
Choosing an encryption algorithm |
|
D. |
Setting time of day restrictions |
Correct Answer: B
QUESTION 937
Identifying a list of all approved software on a system is a step in which of the following practices?
|
A. |
Passively testing security controls |
|
B. |
Application hardening |
|
C. |
Host software baselining |
|
D. |
Client-side targeting |
Correct Answer: C
QUESTION 938
Which of the following BEST describes using a smart card and typing in a PIN to gain access to a system?
|
A. |
Biometrics |
|
B. |
PKI |
|
C. |
Single factor authentication |
|
D. |
Multifactor authentication |
Correct Answer: D
QUESTION 939
An administrator has advised against the use of Bluetooth phones due to bluesnarfing concerns. Which of the following is an example of this threat?
|
A. |
An attacker using the phone remotely for spoofing other phone numbers |
|
B. |
Unauthorized intrusions into the phone to access data |
|
C. |
The Bluetooth enabled phone causing signal interference with the network |
|
D. |
An attacker using exploits that allow the phone to be disabled |
Correct Answer: B
QUESTION 940
Which of the following is the difference between identification and authentication of a user?
|
A. |
Identification tells who the user is and authentication tells whether the user is allowed to logon to a system. |
|
B. |
Identification tells who the user is and authentication proves it. |
|
C. |
Identification proves who the user is and authentication is used to keep the users data secure. |
|
D. |
Identification proves who the user is and authentication tells the user what they are allowed to do. |
Correct Answer: B
Free VCE & PDF File for CompTIA SY0-401 Real Exam
Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …
100-105 Dumps VCE PDF
200-105 Dumps VCE PDF
300-101 Dumps VCE PDF
300-115 Dumps VCE PDF
300-135 Dumps VCE PDF
300-320 Dumps VCE PDF
400-101 Dumps VCE PDF
640-911 Dumps VCE PDF
640-916 Dumps VCE PDF
70-410 Dumps VCE PDF
70-411 Dumps VCE PDF
70-412 Dumps VCE PDF
70-413 Dumps VCE PDF
70-414 Dumps VCE PDF
70-417 Dumps VCE PDF
70-461 Dumps VCE PDF
70-462 Dumps VCE PDF
70-463 Dumps VCE PDF
70-464 Dumps VCE PDF
70-465 Dumps VCE PDF
70-480 Dumps VCE PDF
70-483 Dumps VCE PDF
70-486 Dumps VCE PDF
70-487 Dumps VCE PDF
220-901 Dumps VCE PDF
220-902 Dumps VCE PDF
N10-006 Dumps VCE PDF
SY0-401 Dumps VCE PDF