CompTIA SY0-301 Exam Flashcards by Teddy CAMPBELL

Pete, a network administrator, is capturing packets on the network and notices that a large amount of the traffic on the LAN is SIP and RTP protocols. What should he do to segment that traffic from the other traffic?

Create a voice VLAN

How well did you know this?

Not at all

Perfectly

What security tools can Jane, a security administrator, use to deter theft?

Cable locks

How well did you know this?

Not at all

Perfectly

What can be implemented on a laptop hard drive to help prevent unauthorized access to data?

Full disk encryption

How well did you know this?

Not at all

Perfectly

What network devices allows Jane, a security technician, to perform malware inspection?

NIPS

How well did you know this?

Not at all

Perfectly

What is a valid server-role in a Kerberos authentication system?

Ticket granting server

How well did you know this?

Not at all

Perfectly

The accounting department needs access to network share A to maintain a number of financial reporting documents. The department also needs access to network share B in HR to view payroll documentation for cross-referencing items. Jane, an administrative assistant, needs access to view one document in network share A to gather data for management reports. What gives accounting and Jane the correct rights to these areas?

Accounting should be given read/write access to network share A and read access to network
share B. Jane should be given read access for the specific document on network share A.

How well did you know this?

Not at all

Perfectly

What creates ciphertext by changing the placement of characters?

Transposition cryptography

How well did you know this?

Not at all

Perfectly

What malware types uses stealth techniques to conceal itself, cannot install itself without user interaction, and cannot automatically propagate?

Rootkit

How well did you know this?

Not at all

Perfectly

When Pete, an employee, leaves a company, what should be updated to ensure Pete’s security access is reduced or eliminated?

CRL

How well did you know this?

Not at all

Perfectly

What should Matt, an administrator, change FIRST when installing a new access point?

Default password

How well did you know this?

Not at all

Perfectly

A datacenter has two rows of racks which are facing the same direction. Sara, a consultant, recommends the racks be faced away from each other. This is an example of what type of environmental concept?

Hot and cool aisles

How well did you know this?

Not at all

Perfectly

What password policy is the MOST effective against a brute force network attack?

Account lockout

How well did you know this?

Not at all

Perfectly

What would BEST be used by Sara, the security administrator, to calculate the likelihood of an event occurring?

ARO

How well did you know this?

Not at all

Perfectly

What should Matt, an administrator, implement in a server room to help prevent static electricity?

Humidity controls

How well did you know this?

Not at all

Perfectly

Sara, a company’s security officer, often receives reports of unauthorized personnel having access codes to the cipher locks of secure areas in the building Sara should immediately implement?

Security awareness training

How well did you know this?

Not at all

Perfectly

Pete, an IT security technician, has been tasked with implementing physical security controls for his company’s workstations. What BEST meets this need?

Cable locks

How well did you know this?

Not at all

Perfectly

What creates ciphertext by replacing one set of characters for another?

Substitution cryptography

How well did you know this?

Not at all

Perfectly

Sara, the IT Manager, would like to ensure that the router and switches are only available from the network administrator’s workstation. What would be the MOST cost effective solution to ensure that only the network administrator can access these devices?

Implement ACLs

How well did you know this?

Not at all

Perfectly

A company is performing internal security audits after a recent exploitation on one of their proprietary applications. Sara, the security auditor, is given the workstation with limited documentation regarding the application installed for the audit. What type of testing method is this?

Gray box

How well did you know this?

Not at all

Perfectly

A web server sitting in a secure DMZ has antivirus and anti-malware software which updates daily. The latest security patches are applied and the server does not run any database software. A day later, the web server is compromised and defaced. What is the MOST likely type of attack?

Zero day exploit

How well did you know this?

Not at all

Perfectly

What protocol is MOST likely associated with network audit logging?

D. SNMP

How well did you know this?

Not at all

Perfectly

Pete, a security administrator, is asked to install and configure centralized software to securely manage and collect statistics from all of the company’s network devices. What should the software support?

SNMPv3

How well did you know this?

Not at all

Perfectly

A network consists of various remote sites that connect back to two main locations. Pete, the security administrator, needs to block TELNET access into the network. What is, by default, would be the BEST choice to accomplish this goal?

Block port 23 on the network firewall

How well did you know this?

Not at all

Perfectly

Pete, a security administrator, is informed that people from the HR department should not have access to the accounting department’s server, and the accounting department should not have access to the HR department’s server. The network is separated by switches. What is designed to keep the HR department users from accessing the accounting department’s server and vice-versa?

VLANs

How well did you know this?

Not at all

Perfectly

What is BEST utilized to actively test security controls on a particular system?

Penetration test

Pete, an employee, attempts to visit a popular social networking site but is blocked. Instead, a page is displayed notifying him that this site cannot be visited. What is MOST likely blocking Pete's access to this site?

Internet content filter

What has serious security implications for large organizations and can potentially allow an attacker to capture conversations?

Jabber

Upper management decides which risk to mitigate based on cost. This is an example of:

Quantitative risk assessment

Isolation mode on an AP provides what functionality types?

Segmentation of each wireless user from other wireless users

Employees are reporting that unauthorized personnel are in secure areas of the building. This is MOST likely due to lack of security awareness in what areas?

Physical security controls

A forensic image of a hard drive has been created. What can be used to demonstrate the image has not been tampered with?

Hash of the image file

What secure protocols is MOST commonly used to remotely administer Unix/Linux systems?

SSH

What security concepts can Matt, a security administrator, implement to support integrity?

Digital signatures

What combinations represents multifactor authentication?

Cipher lock combination and proximity badge

Matt, a developer, recently attended a workshop on a new application. The developer installs the new application on a production system to test the functionality. What is MOST likely affected?

Initial baseline configuration

What is Jane, a security administrator, MOST likely implementing when deleting all the unneeded files and modules of a newly installed application?

Application hardening

Matt, a security administrator, wants to ensure that the message he is sending does not get intercepted or modified in transit. This concern relates to what kind of concept?

Integrity

What is used when a business needs a block cipher with minimal key size for internal encryption?

Blowfish

What is the best practices that makes a wireless network more difficult to find?

Disable SSD broadcast

Sara, a user, downloads a keygen to install pirated software. After running the keygen, system performance is extremely slow and numerous antivirus alerts are displayed. Which of the following BEST describes this type of malware?

Trojan

The use of social networking sites introduces the risk of:

Disclosure of proprietary information

What flags are used to establish a TCP connection? (Select TWO).

ACK | SYN

What is MOST likely to result in data loss?

Developers copying data from production to the test environments via a USB stick

Sara, a security administrator, sends an email to the user to verify their password has been reset. Threats is BEST mitigated by this action?

Impersonation

What describes a LDAP injection attack?

Manipulating an application's LDAP query to gain or alter access rights

What concepts defines the requirement for data availability?

Disaster recovery planning

What is an example of multifactor authentication?

Credit card and PIN

What is an attack designed to steal cell phone data and contacts?

Bluesnarfing

What best practices is commonly found at the end of router ACLs?

Implicit deny

What uses TCP / UDP port 53 by default?

DNS

An organization is recovering data following a datacenter outage and determines that backup copies of files containing personal information were stored in an unsecure location, because the sensitivity was unknown. Which of the following activities should occur to prevent this in the future?

Data classification

Sara, the network administrator, was alerted to an unauthorized email that was sent to specific VIPs in the company with a malicious attachment. Which of the following types of attacks is MOST likely being described?

Whaling

In the event of a mobile device being lost or stolen, which of the following BEST protects against sensitive information leakage?

Remote wipe

Which of the following should Sara, a security administrator, perform periodically to reduce an organization's risk exposure by verifying employee access?

Account revalidation

Which of the following is the MAIN benefit of server-side versus client-side input validation?

Server-side input validation results in a more secure system than client-side input validation.

Which of the following is MOST appropriate when storing backup tapes in a physically non-secure room?

Store the tapes in a locked safe.

Grandfather-Father-Son and Tower of Hanoi are common:

Backup tape rotation strategies.

``` Which of the following is the below pseudo-code an example of? IF VARIABLE (CONTAINS NUMBERS = TRUE) THEN EXIT ```

Input validation

Which of the following can BEST be implemented on a mobile phone to help prevent any sensitive data from being recovered if the phone is lost?

Device encryption

Which of the following security concepts would Sara, the security administrator, use to mitigate the risk of data loss?

Clean desk policy

If Organization A trusts Organization B and Organization B trusts Organization C, then Organization A trusts Organization C. Which of the following PKI concepts is this describing?

Transitive trust

Which of the following is BEST associated with PKI?

NTLMv2

Which of the following malware types is BEST described as protecting itself by hooking system processes and hiding its presence?

Rootkit

Sara, a security administrator, manually hashes all network device configuration files daily and compares them to the previous days' hashes. Which of the following security concepts is Sara using?

Integrity

Following a security failure incident, the chain of custody must be followed in order to:

Preserve and maintain evidence integrity.

Jane, an IT administrator, is implementing security controls on a Microsoft Windows based kiosk used at a bank branch. This kiosk is used by the public for Internet banking. Which of the following controls will BEST protect the kiosk from general public users making system changes?

Group policy implementation

After Matt, a user, enters his username and password at the login screen of a web enabled portal, the following appears on his screen: 'Please only use letters and numbers on these fields' Which of the following is this an example of?

Proper input validation

The corporate NIPS requires a daily download from its vendor with updated definitions in order to block the latest attacks. Which of the following describes how the NIPS is functioning?

Signature based

Pete, a security administrator, needs to update the community strings on the router since they have been compromised. Which of the following needs to be changed?

SNMP

Which of the following symmetric key algorithms are examples of block ciphers? (Select THREE)

3DES AES Blowfish

Matt, an account manager, arrives at work early in the morning and cannot log into his workstation. He calls the help desk an hour later to open a trouble ticket, but they tell him there is nothing wrong with his account. Matt tries his login once more and is granted access. Which of the following control types BEST explains this anomaly?

Time of day restrictions

A targeted email attack sent to Sara, the company's Chief Executive Officer (CEO), is known as which of the following?

Whaling

Which of the following network devices allows web traffic to be distributed amongst servers?

Load balancers

Which of the following provides the LEAST availability?

RAID 0

Sara, a security guard, reports that the side of the company building has been marked with spray paint. Which of the following could this be an example of?

War chalking

Matt, a security administrator, has the VPN tunnel application set up so that after multiple incorrect attempts, the VPN service is disabled. Which of the following deterrent techniques does this describe?

Failsafe

Sara, a user, receives a call and the caller asks if Sara would be willing to answer a few marketing questions, and in return be placed in the drawing to win a trip to Hawaii. After Sara agrees, she is transferred to an automated service which states that some personal information needs to be collected to verify her full name, birthday, address, and email to be eligible for the Hawaii trip. After providing the details Sara is then solicited for banking preferences, general purchasing preferences, and debit card details. Which of the following BEST describes this type of attack?

Vishing

Which of the following devices is BEST suited for servers that need to store private keys?

Hardware security module

Sara, the Chief Information Officer (CIO), has requested an audit take place to determine what services and operating systems are running on the corporate network. Which of the following should be used to complete this task?

Port scan and fingerprinting

Which of the following types of data encryption would Matt, a security administrator, use to encrypt a specific table?

Database

Which of the following security controls enforces user permissions based on a job role?

Group based privileges

A business has paper forms on hand in the event of a credit processing system failure. This is an example of which of the following?

Continuity of operations

By default, which of the following ports would Pete, an administrator, block to prevent incoming RDP connections to a Windows Server?

3389

Which of the following encrypts the body of a packet, rather than just the password, while sending information?

TACACS+

Which of the following should Matt, a security administrator, include when encrypting smartphones? (Select TWO).

Internal memory | Removable memory cards

Which of the following risk related concepts BEST supports the identification of fraud?

Job rotation

Which of the following would Pete, a security administrator, do to limit a wireless signal from penetrating the exterior walls?

Consider antenna placement

Which of the following are restricted to 64-bit block sizes? (Select TWO).

DES | 3DES

Which of the following would be implemented to create a network inside a network?

VLAN

Which of the following is a system designed to lure attackers away from production systems?

Honeypot

Sara, a security analyst, discovers which operating systems the client devices on the network are running by only monitoring a mirror port on the router. Which of the following techniques did Sara use?

Passive fingerprinting

Which of the following authentication services uses a ticket granting system to provide access?

Kerberos

Matt, the Chief Information Officer (CIO), wants to protect laptop users from zero day attacks. Which of the following would BEST achieve Matt’s goal?

Host based firewall

Which of the following is often rated based on its ability to increase the time it takes to perform an attack?

Safe

The human resources department of a company has requested full access to all network resources, including those of the financial department. Jane, the administrator, denies this, citing:

Separation of duties

Which of the following is a way to gain access to a protected system while another user is entering credentials?

Shoulder surfing

Which of the following would Pete, a security administrator, MOST likely implement in order to allow employees to have secure remote access to certain internal network services such as file servers?

VPN gateway

Jane, a security administrator, needs to deploy a wireless network where the wireless encryption key is negotiated automatically. Which of the following MUST be implemented?

WPA enterprise

Which of the following can be implemented on the company gateway router to prevent IP packets with a source IP of the internal company network from being routed by the external interface of the router into the company's network?

Access control lists

Which of the following BEST explains the security benefit of a standardized server image?

Mandated security configurations have been made to the operating system.

Jane, the security administrator for a company, needs to assign permissions for users on her network. Which of the following would allow Jane to give ONLY the appropriate permissions necessary?

Least privilege

Users in the marketing department are given a different level of access to files than users in the accounting department. Which of the following types of access control does this BEST describe?

Role based access control

Which of the following types of data encryption would Jane, a security administrator, use if MBR and the file systems needed to be included?

Full disk

Sara, an employee, enters the datacenter but does not ensure the door was fully closed afterwards. Which of the following could directly result from this situation?

Tailgating

CompTIA SY0-301 Exam Flashcards

(104 cards)