Purchasing receives a phone call from a vendor asking for a payment over the phone. The phone number displayed on the caller ID matches the vendor's number. When the purchasing agent asks to call the vendor back, they are given a
different phone number with a different area code.
Which of the following attack types is this?
A. HoaxWhich of the following security concepts would Sara, the security administrator, use to mitigate the risk of data loss?
A. Record time offsetMandatory vacations are a security control which can be used to uncover which of the following?
A. Fraud committed by a system administratorWhich of the following application attacks is used to gain access to SEH?
A. Cookie stealingMatt, a developer, recently attended a workshop on a new application. The developer installs the new application on a production system to test the functionality. Which of the following is MOST likely affected?
A. Application designAnn, a security analyst, has been notified that trade secrets are being leaked from one of the executives in the corporation. When reviewing this executive's laptop she notices several pictures of the employee's pets are on the hard drive and on a cloud storage network. When Ann hashes the images on the hard drive against the hashes on the cloud network they do not match. Which of the following describes how the employee is leaking these secrets?
A. Social engineeringPete, a security analyst, has been tasked with explaining the different types of malware to his colleagues. The two malware types that the group seems to be most interested in are botnets and viruses. Which of the following explains the difference between these two types of malware?
A. Viruses are a subset of botnets which are used as part of SYN attacks.Digital Signatures provide which of the following?
A. ConfidentialityA network administrator is looking for a way to automatically update company browsers so they import a list of root certificates from an online source. This online source will then be responsible for tracking which certificates are to be trusted or not trusted. Which of the following BEST describes the service that should be implemented to meet these requirements?
A. Trust modelPete, the security administrator, has been notified by the IDS that the company website is under attack. Analysis of the web logs show the following string, indicating a user is trying to post a comment on the public bulletin board. INSERT INTO message ` This is an example of which of the following?
A. XSS attackNowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SY0-301 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.