QUESTION 41
Use of group accounts should be minimized to ensure which of the following?
A. Password security
B. Regular auditing
C. Baseline management
D. Individual accountability
Answer: D
QUESTION 42
Privilege creep among long-term employees can be mitigated by which of the following procedures?
A. User permission reviews
B. Mandatory vacations
C. Separation of duties
D. Job function rotation
Answer: A
QUESTION 43
In which of the following scenarios is PKI LEAST hardened?
A. The CRL is posted to a publicly accessible location.
B. The recorded time offsets are developed with symmetric keys.
C. A malicious CA certificate is loaded on all the clients.
D. All public keys are accessed by an unauthorized user.
Answer: C
QUESTION 44
Configuring the mode, encryption methods, and security associations are part of which of the following?
A. IPSec
B. Full disk encryption
C. 802.1x
D. PKI
Answer: A
QUESTION 45
Which of the following assessments would Pete, the security administrator, use to actively test that an application’s security controls are in place?
A. Code review
B. Penetration test
C. Protocol analyzer
D. Vulnerability scan
Answer: B
QUESTION 46
A security administrator has just finished creating a hot site for the company. This implementation relates to which of the following concepts?
A. Confidentiality
B. Availability
C. Succession planning
D. Integrity
Answer: B
QUESTION 47
In the initial stages of an incident response, Matt, the security administrator, was provided the hard drives in question from the incident manager. Which of the following incident response procedures would he need to perform in order to begin the analysis? (Select TWO).
A. Take hashes
B. Begin the chain of custody paperwork
C. Take screen shots
D. Capture the system image
E. Decompile suspicious files
Answer: AD
QUESTION 48
Which of the following is used to certify intermediate authorities in a large PKI deployment?
A. Root CA
B. Recovery agent
C. Root user
D. Key escrow
Answer: A
QUESTION 49
Which of the following components MUST be trusted by all parties in PKI?
A. Key escrow
B. CA
C. Private key
D. Recovery key
Answer: B
QUESTION 50
Which of the following should Matt, a security administrator, include when encrypting smartphones? (Select TWO).
A. Steganography images
B. Internal memory
C. Master boot records
D. Removable memory cards
E. Public keys
Answer: BD
http://www.passleader.com/sy0-301.html
QUESTION 51
Which of the following is the below pseudo-code an example of? IF VARIABLE (CONTAINS NUMBERS = TRUE) THEN EXIT
A. Buffer overflow prevention
B. Input validation
C. CSRF prevention
D. Cross-site scripting prevention
Answer: B
QUESTION 52
A system administrator is using a packet sniffer to troubleshoot remote authentication. The administrator detects a device trying to communicate to TCP port 49. Which of the following authentication methods is MOST likely being attempted?
A. RADIUS
B. TACACS+
C. Kerberos
D. LDAP
Answer: B
QUESTION 53
Which of the following can use RC4 for encryption? (Select TWO).
A. CHAP
B. SSL
C. WEP
D. AES
E. 3DES
Answer: BC
QUESTION 54
Which of the following defines a business goal for system restoration and acceptable data loss?
A. MTTR
B. MTBF
C. RPO
D. Warm site
Answer: C
QUESTION 55
If Organization A trusts Organization B and Organization B trusts Organization C, then Organization A trusts Organization C. Which of the following PKI concepts is this describing?
A. Transitive trust
B. Public key trust
C. Certificate authority trust
D. Domain level trust
Answer: A
QUESTION 56
Which of the following concepts is BEST described as developing a new chain of command in the event of a contingency?
A. Business continuity planning
B. Continuity of operations
C. Business impact analysis
D. Succession planning
Answer: D
QUESTION 57
Which of the following allows a company to maintain access to encrypted resources when employee turnover is high?
A. Recovery agent
B. Certificate authority
C. Trust model
D. Key escrow
Answer: A
QUESTION 58
Which of the following devices will help prevent a laptop from being removed from a certain location?
A. Device encryption
B. Cable locks
C. GPS tracking
D. Remote data wipes
Answer: B
QUESTION 59
Which of the following is the MOST secure protocol to transfer files?
A. FTP
B. FTPS
C. SSH
D. TELNET
Answer: B
QUESTION 60
Suspicious traffic without a specific signature was detected. Under further investigation, it was determined that these were false indicators. Which of the following security devices needs to be configured to disable future false alarms?
A. Signature based IPS
B. Signature based IDS
C. Application based IPS
D. Anomaly based IDS
Answer: D
PassLeader Offer The Highest Coverage Rate Of Real SY0-301 Exam Questions