IT인증,IT자격증,IT자격증시험,IT인증시험

http://www.pass4test.net/

CompTIA SY0-301 (Security+ Certification Exam 2011 version) 덤프공부가이드

우리 Pass4Test 에는 최신의  CompTIA SY0-301 (Security+ Certification Exam 2011 version)  학습가이드가 있습니다. Pass4Test의 부지런한  IT전문가들이 자기만의 지식과 끊임없는 노력과 경험으로   제작한 최고의  CompTIA SY0-301 (Security+ Certification Exam 2011 version)  학습자료로 CompTIA SY0-301 (Security+ Certification Exam 2011 version)  인증시험을 응시하실 수 있습니다.CompTIA SY0-301 (Security+ Certification Exam 2011 version)  인증시험은 IT업계에서의 비중은 아주 큽니다. 시험 신청하시는 분들도 많아지고 또 많은 분들이 우리 Pass4Test의  CompTIA SY0-301 (Security+ Certification Exam 2011 version)  자료로 시험을 패스했습니다. 이미 패스한 분들의 리뷰가 우리 Pass4Test의 제품의 중요함과 정확함을 증명할수 있습니다. CompTIA SY0-301 (Security+ Certification Exam 2011 version)  시험을 응시하고 싶으시다면 우리의 최신  CompTIA SY0-301 (Security+ Certification Exam 2011 version)  자료로 시험을 준비하시면 됩니다. Pass4Test 의 학습가이드에는  CompTIA SY0-301 (Security+ Certification Exam 2011 version)  인증시험의 예상문제, 시험문제와 답이 포함되어 있음으로 100% 시험을 패스할 수 있습니다.

 

 

NO.1 Which of the following encrypts the body of a packet, rather than just the password, while sending
information?
A. LDAP
B. TACACS+
C. ACLs
D. RADIUS
Answer: B

NO.2 Which of the following is the BEST solution to securely administer remote servers?
A. SCP
B. SSH
C. Telnet
D. SFTP
Answer: B

NO.3 Pete, a security administrator, wants to secure remote telnet services and decides to use the services
over SSH. Which of the following ports should Pete allow on the firewall by default?
A. 21
B. 22
C. 23
D. 25
Answer: B

NO.4 Which of the following accurately describes the STRONGEST multifactor authentication?
A. Something you are, something you have
B. Something you have, something you know
C. Something you are near to, something you have
D. Something you have, someone you know
Answer: A

NO.5 Which of the following inspects traffic entering or leaving a network to look for anomalies against
expected baselines?
A. IPS
B. Sniffers
C. Stateful firewall
D. Stateless firewall
Answer: A

NO.6 Sara, an IT administrator, wants to protect a cluster of servers in a DMZ from zero day attacks. Which
of the following would provide the BEST level of protection?
A. NIPS
B. NIDS
C. ACL
D. Antivirus
Answer: A

NO.7 Which of the following risks could IT management be mitigating by removing an all-in-one device?
A. Continuity of operations
B. Input validation
C. Single point of failure
D. Single sign on
Answer: C

NO.8 Social networking sites are used daily by the marketing team for promotional purposes. However,
confidential company information, including product pictures and potential partnerships, have been
inadvertently exposed to the public by dozens of employees using social networking sites. Which of
following is the BEST response to mitigate this threat with minimal company disruption?
A. Mandate additional security awareness training for all employees.
B. Report each employee to Human Resources for termination for violation of security policies
C. Implement a data loss prevention program to filter email.
D. Block access to social networking sites from the corporate network
Answer: A

NO.9 Which of the following is similar to a smurf attack, but uses UDP instead to ICMP?
A. X-Mas attack
B. Fraggle attack
C. Vishing
D. Man-in-the-middle attack
Answer: B

NO.10 Sara and Jane, users, are reporting an increase in the amount of unwanted email that they are receiving
each day.
Which of the following would be the BEST way to respond to this issue without creating a lot of
administrative overhead.?
A. Deploy an anti-spam device to protect the network.
B. Update the anti-virus definitions and make sure that it is set to scan all received email
C. Set up spam filtering rules in each user's mail client.
D. Change the firewall settings to block SMTP relays so that the spam cannot get in.
Answer: A

NO.11 Which of the following is a valid server-role in a Kerberos authentication system?
A. Token issuing system
B. Security assertion server
C. Authentication agent
D. Ticket granting server
Answer: D

NO.12 Sara, a security analyst, discovers which operating systems the client devices on the network are
running by only monitoring a mirror port on the router. Which of the following techniques did Sara use?
A. Active fingerprinting
B. Passive finger printing
C. Protocol analyzing
D. Network enumerating
Answer: B

NO.13 The fundamental information security principals include confidentiality, availability and which of the
following?
A. The ability to secure data against unauthorized disclosure to external sources
B. The capacity of a system to resist unauthorized changes to stored information
C. The confidence with which a system can attest to the identity of a user
D. The characteristic of a system to provide uninterrupted service to authorized users
Answer: B

NO.14 Which of the following BEST allows Pete, a security administrator, to determine the type, source, and
flags of the packet traversing a network for troubleshooting purposes?
A. Switches
B. Protocol analyzers
C. Routers
D. Web security gateways
Answer: B

NO.15 Which of the following authentication protocols forces centralized wireless authentication?
A. WPA2-Personal
B. WPA2-Enterprise
C. WPA2-CCMP
D. WPA2-TKIP
Answer: B

NO.16 A company has sent all of its private keys to a third party. The third party company has created a
secure list of these keys. Which of the following has just been implemented?
A. Key escrow
B. CRL
C. CA
D. Recovery agent
Answer: A

NO.17 Which of the following BEST describes a software vulnerability that is actively being used by Sara and
Jane, attackers, before the vendor releases a protective patch or update?
A. Buffer overflow
B. IV attack
C. Zero day attack
D. LDAP injection
Answer: C

NO.18 Which of the following is an example of a false negative?
A. The IDS does not identify a buffer overflow
B. Anti-virus identifies a benign application as malware.
C. Anti-virus protection interferes with the normal operation of an application.
D. A user account is locked out after the user mistypes the password too many times.
Answer: A

NO.19 A company is performing internal security audits after a recent exploitation on one of their proprietary
applications. Sara, the security auditor, is given the workstation with limited documentation regarding the
application installed for the audit. Which of the following types of testing methods is this?
A. Sandbox
B. White box
C. Black box
D. Gray box
Answer: D

NO.20 A computer is put into a restricted VLAN until the computer's virus definitions are up-to-date. Which of
the following BEST describes this system type?
A. NAT
B. NIPS
C. NAC
D. DMZ
Answer: C
 

 

Pass4Test는 일년무료 업데이트서비스를 제공합니다.우리 Pass4Test가 제공하는 최신, 최고의  CompTIA SY0-301 (Security+ Certification Exam 2011 version)  시험관련 자료를 선택함으로 여러분은 이미 시험패스 성공이라고 보실수 있습니다.
Posted 2013/2/5 2:49:06  |  Category: 미분류  |  Tag: