[Free] Download New Updated (February 2016) CompTIA SY0-401 Practice Tests 991-1000

Ensurepass

QUESTION 991

Which of the following risks could IT management be mitigating by removing an all-in-one device?

 

A.

Continuity of operations

B.

Input validation

C.

Single point of failure

D.

Single sign on

 

Correct Answer: C

 

 

QUESTION 992

Which of the following could a security administrator implement to mitigate the risk of tailgating for
a large organization?

 

A.

Train employees on correct data disposal techniques and enforce policies.

B.

Only allow employees to enter or leave through one door at specified times of the day.

C.

Only allow employees to go on break one at a time and post security guards 24/7 at each entrance.

D.

Train employees on risks associated with social engineering attacks and enforce policies.

 

Correct Answer: D

 

 

QUESTION 993

Which of the following concepts defines the requirement for data availability?

 

A.

Authentication to RADIUS

B.

Non-repudiation of email messages

C.

Disaster recovery planning

D.

Encryption of email messages

 

Correct Answer: C

 

QUESTION 994

Pete, a security engineer, is trying to inventory all servers in a rack. The engineer launches RDP sessions to five different PCs and notices that the hardware properties are similar. Additionally, the MAC addresses of all five servers appear on the same switch port. Which of the following is MOST likely the cause?

 

A.

The system is running 802.1x.

B.

The system is using NAC.

C.

The system is in active-standby mode.

D.

The system is virtualized.

 

Correct Answer: D

 

 

QUESTION 995

Sara, a security administrator, is noticing a slow down in the wireless network response. Sara launches a wireless sniffer and sees a large number of ARP packets being sent to the AP. Which of the following type of attacks is underway?

 

A.

IV attack

B.

Interference

C.

Blue jacking

D.

Packet sniffing

 

Correct Answer: A

 

 

QUESTION 996

Pete, the security administrator, has been notified by the IDS that the company website is under attack. Analysis of the web logs show the following string, indicating a user is trying to post a comment on the public bulletin board.

 

INSERT INTO message `<script>source=http://evilsite</script>

 

This is an example of which of the following?

 

A.

XSS attack

B.

XML injection attack

C.

Buffer overflow attack

D.

SQL injection attack

 

Correct Answer: A

 

 

QUESTION 997

Which of the following techniques describes the use of application isolation during execution to prevent system compromise if the application is compromised?

 

A.

Least privilege

B.

Sandboxing

C.

Black box

D.

Application hardening

 

Correct Answer: B

 

 

QUESTION 998

Matt, an IT administrator, wants to protect a newly built server from zero day attacks. Which of the following would provide the BEST level of protection?

 

A.

HIPS

B.

Antivirus

C.

NIDS

D.

ACL

 

Correct Answer: A

 

 

QUESTION 999

Jane, an IT administrator, is implementing security controls on a Microsoft Windows based kiosk used at a bank branch. This kiosk is used by the public for Internet banking. Which of the following controls will BEST protect the kiosk from general public users making system changes?

 

A.

Group policy implementation

B.

Warning banners

C.

Command shell restrictions

D.

Host based firewall

 

Correct Answer: A

 

 

QUESTION 1000

Sara, the Chief Information Officer (CIO), has tasked the IT department with redesigning the network to rely less on perimeter firewalls, to implement a standard operating environment for client devices, and to disallow personally managed devices on the network. Which of the following is Sara’s GREATEST concern?

 

A.

Malicious internal attacks

B.

Data exfiltration

C.

Audit findings

D.

Incident response

 

Correct Answer: B

 

Free VCE & PDF File for CompTIA SY0-401 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in Uncategorized and tagged , , , , , , , . Bookmark the permalink.