CompTIA Security+ (2008 Edition) Exam

Similar documents
PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year


Exam : JK Title : CompTIA E2C Security+ (2008 Edition) Exam. Version : Demo

Comptia SY0-401 Exam Questions & Answers

CompTIA Security+(2008 Edition) Exam

Comptia.Certkey.SY0-401.v by.SANFORD.362q. Exam Code: SY Exam Name: CompTIA Security+ Certification Exam

CompTIA Security+ (Exam SY0-401)

jk0-022 Exam Questions Demo CompTIA Exam Questions jk0-022

CompTIA JK CompTIA Academic/E2C Security+ Certification. Download Full Version :

Ethical Hacking and Prevention

CompTIA Security+ Certification

Software Development & Education Center Security+ Certification

CASP CompTIA Advanced Security Practitioner Study Guide: (Exam CAS-001)

Security+ CompTIA Certification Boot Camp

PracticeDump. Free Practice Dumps - Unlimited Free Access of practice exam

Syllabus: The syllabus is broadly structured as follows:

Security+ SY0-501 Study Guide Table of Contents

Access Controls. CISSP Guide to Security Essentials Chapter 2

Comptia.Certkey.SY0-301.v by.NATASHA.150q

CompTIA E2C Security+ (2008 Edition) Exam Exam.

SY qa SY CompTIA Security+ Number: SY0-301 Passing Score: 800 Time Limit: 120 min File Version: 233

Curso: Ethical Hacking and Countermeasures

AURA ACADEMY Training With Expertised Faculty Call Us On For Free Demo

Question: 1 Who is responsible for establishing access permissions to network resources in the DAC access control model?

BraindumpsVCE. Best vce braindumps-exam vce pdf free download

n Learn about the Security+ exam n Learn basic terminology and the basic approaches n Implement security configuration parameters on network

CompTIA Security+ (Exam SY0-401) Course 01 Security Fundamentals

EXAM - CAS-002. CompTIA Advanced Security Practitioner (CASP) Exam. Buy Full Product.

CompTIA. SY0-501 EXAM CompTIA Security+ m/ Product: Demo. For More Information:

CS System Security 2nd-Half Semester Review

Certified Ethical Hacker (CEH)

CompTIA Security+ JK0-018 Exam

CompTIA SY CompTIA Security+

COPYRIGHTED MATERIAL. Contents. Part I: The Basics in Depth 1. Chapter 1: Windows Attacks 3. Chapter 2: Conventional and Unconventional Defenses 51

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation

MU2a Authentication, Authorization & Accounting Questions and Answers with Explainations

Google Cloud Platform: Customer Responsibility Matrix. April 2017

Payment Card Industry (PCI) Data Security Standard

CIS Controls Measures and Metrics for Version 7

Chapter 19 Security. Chapter 19 Security

Hacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK

CIS Controls Measures and Metrics for Version 7

BraindumpsIT. BraindumpsIT - IT Certification Company provides Braindumps pdf!

Pass4suresVCE. Pass4sures exam vce dumps for guaranteed success with high scores

Chapter 10: Security. 2. What are the two types of general threats to computer security? Give examples of each.

Chapter 9. Firewalls

SE420 Software Quality Assurance

CompTIA Security+ E2C (2011 Edition) Exam.

Dooblo SurveyToGo: Security Overview

Google Cloud Platform: Customer Responsibility Matrix. December 2018

CRYPTOGRAPHY AND NETWROK SECURITY-QUESTION BANK

SY0-401 comptia. Number: SY0-401 Passing Score: 800 Time Limit: 120 min.

Course overview. CompTIA Security+ Certification (Exam SY0-501) Study Guide (G635eng v107)

ACS / Computer Security And Privacy. Fall 2018 Mid-Term Review

SYLLABUS DATE OF LAST REVIEW: 012/2016 CIP CODE: Departmental Syllabus SEMESTER: Information Assurance COURSE TITLE: CIST0225 COURSE NUMBER:

CISCO EXAM QUESTIONS & ANSWERS

CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline

COMPUTER NETWORK SECURITY

CompTIA Security+ Malware. Threats and Vulnerabilities Vulnerability Management

Comptia RC CompTIA Security+ Recertification Exam. For More Information Visit link below: Version = Product

FRONT RUNNER DIPLOMA PROGRAM Version 8.0 INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months

Comptia.Test-inside.SY0-301.v by.253q

Exam Questions SY0-501

Information Security Training Needs Assessment Study. Dr. Melissa Dark CERIAS Assistant Professor Continuing Education Director

Internetwork Expert s CCNA Security Bootcamp. Common Security Threats

CSCE 715: Network Systems Security

CN!Express CX-6000 Single User Version PCI Compliance Status Version June 2005

SY0-501 Exam Questions Demo CompTIA. Exam Questions SY CompTIA Security+ Version:Demo

1. Which significant risk is introduced by running the file transfer protocol (FTP) service on a server in a demilitarized zone (DMZ)?

(2½ hours) Total Marks: 75

Chapter Three test. CompTIA Security+ SYO-401: Read each question carefully and select the best answer by circling it.

ACS-3921/ Computer Security And Privacy. Chapter 9 Firewalls and Intrusion Prevention Systems

GCIH. GIAC Certified Incident Handler.

Computer Forensics: Investigating Network Intrusions and Cyber Crime, 2nd Edition. Chapter 3 Investigating Web Attacks

CISCO EXAM QUESTIONS & ANSWERS

Exam : Title : Security Solutions for Systems Engineers. Version : Demo

E-Commerce Security Pearson Prentice Hall, Electronic Commerce 2008, Efraim Turban, et al.

PracticeDump. Free Practice Dumps - Unlimited Free Access of practice exam

Define information security Define security as process, not point product.

ECCouncil Exam v9 Certified Ethical Hacker Exam V9 Version: 7.0 [ Total Questions: 125 ]

CIH

Malware, , Database Security

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

COMPUTER NETWORK SECURITY

ETHICAL HACKING & COMPUTER FORENSIC SECURITY

Level 3 Principles of ICT Systems and Data Security ( / )

Vidder PrecisionAccess

Cyber Security & Ethical Hacking Training. Introduction to Cyber Security Introduction to Cyber Security. Linux Operating System and Networking: LINUX

Complete B-2: Comparing firewall-based secure topologies, complete questions 1 through 3 on

CompTIA Security+ CompTIA SY0-401 Dumps Available Here at:

CS System Security Mid-Semester Review

Network Security and Cryptography. 2 September Marking Scheme

ISC2. Exam Questions CISSP. Certified Information Systems Security Professional (CISSP) Version:Demo

Security Assessment Checklist

Security Principles for Stratos. Part no. 667/UE/31701/004

Erasable Programmable Read-Only Memory (EPROM) Electrically Erasable Programmable Read-Only Memory (EEPROM) CMOS 2.2.

Juniper Vendor Security Requirements

Introduction and Overview. Why CSCI 454/554?

Payment Card Industry Self-Assessment Questionnaire

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 5 Host, Application, and Data Security

Transcription:

CompTIA SY0-201 CompTIA Security+ (2008 Edition) Exam Version: 7.20

Topic 1, Volume A QUESTION NO: 1 Which of the following cryptography types provides the same level of security but uses smaller key sizes and less computational resources than logarithms which are calculated against a finite field? A. Elliptical curve B. Diffie-Hellman C. Quantum D. El Gamal Answer: A QUESTION NO: 2 Which of the following BEST describes the purpose of fuzzing? A. To decrypt network sessions B. To gain unauthorized access to a facility C. To hide system or session activity D. To discover buffer overflow vulnerabilities QUESTION NO: 3 A security administrator is reviewing remote access and website logs. The administrator notices that users have been logging in at odd hours from multiple continents on the same day. The security administrator suspects the company is the victim of which of the following types of attack? A. TCP/IP hijacking B. Spoofing C. Replay D. Domain name kiting Answer: C 2

QUESTION NO: 4 Which of the following is the default rule found in a corporate firewalls access control list? A. Anti-spoofing B. Permit all C. Multicast list D. Deny all QUESTION NO: 5 Which of the following is the BEST choice of cryptographic algorithms or systems for providing whole disk encryption? A. One time pad B. PGP C. MD5 D. TKIP Answer: C QUESTION NO: 6 Which of the following allows a malicious insider to covertly remove information from an organization? A. NAT traversal B. Steganography C. Non-repudiation D. Protocol analyzer 3

QUESTION NO: 7 The server log shows 25 SSH login sessions per hour. However, it is a large company and the administrator does not know if this is normal behavior or if the network is under attack. Where should the administrator look to determine if this is normal behavior? A. Change management B. Code review C. Baseline reporting D. Security policy Answer: C QUESTION NO: 8 Which of the following is the BEST approach to perform risk mitigation of user access control rights? A. Conduct surveys and rank the results. B. Perform routine user permission reviews. C. Implement periodic vulnerability scanning. D. Disable user accounts that have not been used within the last two weeks. QUESTION NO: 9 Which of the following software should a security administrator implement if several users are stating that they are receiving unwanted email containing advertisements? A. Host-based firewalls B. Anti-spyware C. Anti-spam D. Anti-virus 4

Answer: C QUESTION NO: 10 Adding a second firewall to the perimeter of a network would provide: A. user VLANs. B. failover capability. C. additional bandwidth. D. management of VLANs. QUESTION NO: 11 The security administrator is tasked with authenticating users to access an encrypted database. Authentication takes place using PKI and the encryption of the database uses a separate cryptographic process to decrease latency. Which of the following would describe the use of encryption in this situation? A. Private Key encryption to authenticate users and private keys to encrypt the database B. Private Key encryption to authenticate users and public keys to encrypt the database C. Public key encryption to authenticate users and public keys to encrypt the database D. Public key encryption to authenticate users and private keys to encrypt the database QUESTION NO: 12 A security device prevents certain users from accessing the network remotely with specific applications, but allows VPN connections without any issues. Which of the following access control models is being used? A. Mandatory B. Rule-based 5

C. Discretionary D. Role-based QUESTION NO: 13 Which of the following would provide the MOST reliable proof that a datacenter was accessed at a certain time of day? A. Video surveillance B. Security log C. Entry log D. Proximity readers Answer: A QUESTION NO: 14 Which of the following application attacks typically involves entering a string of characters and bypassing input validation to display additional information? A. Session hijacking B. Zero day attack C. SQL injection D. Cross-site scripting Answer: C QUESTION NO: 15 Which of the following IDS/IPS systems is used to protect individual servers? A. NIPS B. NAC 6

C. GRE D. HIPS QUESTION NO: 16 Which of the following technologies directly addresses the need to restrict employees from browsing inappropriate websites? A. Bastion host B. Firewall C. Proxy server D. Content filter QUESTION NO: 17 A security administrator working for a health insurance company needs to protect customer data by installing an HVAC system and a mantrap in the datacenter. Which of the following are being addressed? (Select TWO). A. Integrity B. Recovery C. Clustering D. Confidentiality E. Availability Answer: A,E QUESTION NO: 18 Which of the following camera types would allow a security guard to track movement from one spot throughout a data center? 7

A. CCTV system B. PTZ camera C. Analog camera D. Digital camera QUESTION NO: 19 A user reports they are receiving odd emails. Upon investigation, the administrator finds that most of the users email boxes appear to be full and bouncing inbound emails at an alarming rate. Which of the following is MOST likely causing the problem? A. There is a worm attacking the network. B. the SMTP relay is not secured. C. There is a virus attacking the email server. D. The network is infected by adware. QUESTION NO: 20 Which of the following describes when forensic hashing should occur on a drive? A. After the imaging process and before the forensic image is captured B. Before the imaging process and then after the forensic image is created C. After the imaging process and after the forensic image is captured D. Before and after the imaging process and then hash the forensic image QUESTION NO: 21 A new file share has been created to store confidential exit interviews. Which of the following employees should have access to the file share? 8

A. Human Resources Manager B. Chief Financial Officer C. Human Resources Recruiter D. System Administrator Answer: A QUESTION NO: 22 Which of the following is a valid three factor authentication combination? A. PIN, thumb print, proximity card B. PIN, proximity card, key C. Retina scan, thumb print, proximity card D. PIN, thumb print, retina scan Answer: A QUESTION NO: 23 A security administrator reviews the NIDS logs and notices fourteen unsuccessful logins with a subsequent successful login to a DMZ switch from a foreign IP address. Which of the following could have led to this network device being accessed? A. Default account B. Privilege escalation C. Denial of service D. Strong password QUESTION NO: 24 Which of the following has an embedded cryptographic token? 9

A. PKI certificate B. TACACS C. ID badge D. Smartcard QUESTION NO: 25 A company runs a site, which has a search option available to the general public. The administrator is reviewing the site logs and notices an external IP address searching on the site at a rate of two hits per second. This is an indication of which of the following? A. Man-in-the-middle attack B. Data mining C. Cross-site scripting attack D. Denial of Service (DoS) QUESTION NO: 26 Which of the following allows an attacker to identify vulnerabilities within a closed source software application? A. Fuzzing B. Compiling C. Code reviews D. Vulnerability scanning Answer: A QUESTION NO: 27 Using a combination of a fingerprint reader and retina scanner is considered how many factors of authentication? 10

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback