CompTIA SY0-301 Online Practice Questions and Exam Preparation

CompTIA SY0-301 Online Questions & Answers

• Question 121:

  Which of the following firewall rules only denies DNS zone transfers?

  A. deny udp any any port 53
  B. deny ip any any
  C. deny tcp any any port 53
  D. deny all dns packets
  C. deny tcp any any port 53

• Question 122:

  A merchant acquirer has the need to store credit card numbers in a transactional database in a high performance environment. Which of the following BEST protects the credit card data?

  A. Database field encryption
  B. File-level encryption
  C. Data loss prevention system
  D. Full disk encryption
  A. Database field encryption

• Question 123:

  End-user awareness training for handling sensitive personally identifiable information would include secure storage and transmission of customer:

  A. Date of birth.
  B. First and last name.
  C. Phone number.
  D. Employer name.
  A. Date of birth.

• Question 124:

  Which of the following techniques can be used to prevent the disclosure of system information resulting from arbitrary inputs when implemented properly?

  A. Fuzzing
  B. Patch management
  C. Error handling
  D. Strong passwords
  C. Error handling

• Question 125:

  Which of the following is a vulnerability associated with disabling pop-up blockers?

  A. An alert message from the administrator may not be visible
  B. A form submitted by the user may not open
  C. The help window may not be displayed
  D. Another browser instance may execute malicious code
  D. Another browser instance may execute malicious code

• Question 126:

  Which of the following symmetric key algorithms are examples of block ciphers? (Select THREE).

  A. RC4
  B. 3DES
  C. AES
  D. MD5
  E. PGP
  F. Blowfish
  B. 3DES
  C. AES
  F. Blowfish

• Question 127:

  Which of the following is an important step in the initial stages of deploying a host-based firewall?

  A. Selecting identification versus authentication
  B. Determining the list of exceptions
  C. Choosing an encryption algorithm
  D. Setting time of day restrictions
  B. Determining the list of exceptions

• Question 128:

  The network administrator is responsible for promoting code to applications on a DMZ web server. Which of the following processes is being followed to ensure application integrity?

  A. Application hardening
  B. Application firewall review
  C. Application change management
  D. Application patch management
  C. Application change management

• Question 129:

  A recent audit of a company's identity management system shows that 30% of active accounts belong to people no longer with the firm. Which of the following should be performed to help avoid this scenario? (Select TWO).

  A. Automatically disable accounts that have not been utilized for at least 10 days.
  B. Utilize automated provisioning and de-provisioning processes where possible.
  C. Request that employees provide a list of systems that they have access to prior to leaving the firm.
  D. Perform regular user account review / revalidation process.
  E. Implement a process where new account creations require management approval.
  B. Utilize automated provisioning and de-provisioning processes where possible.
  D. Perform regular user account review / revalidation process.

• Question 130:

  Which of the following provides the BEST explanation regarding why an organization needs to implement IT security policies?

  A. To ensure that false positives are identified
  B. To ensure that staff conform to the policy
  C. To reduce the organizational risk
  D. To require acceptable usage of IT systems
  C. To reduce the organizational risk