CompTIA SY0-301 Online Practice Questions and Exam Preparation

CompTIA SY0-301 Online Questions & Answers

• Question 491:

  A Security administrator wants to implement strong security on the company smart phones and terminal servers located in the data center. Drag and Drop the applicable controls to each asset type. Instructions: Controls can be used multiple times and not all placeholders needs to be filled. When you have completed the simulation, Please select Done to submit.

  Select and Place:

  

  

• Question 492:

  Human Resources suspects an employee is accessing the employee salary database. The administrator is asked to find out who it is. In order to complete this task, which of the following is a security control that should be in place?

  A. Shared accounts should not be in use
  B. Account lockout should be enabled
  C. Privileges should be assigned to groups rather than individuals
  D. Time of day restrictions should be in use
  A. Shared accounts should not be in use

• Question 493:

  Which of the following can be implemented with multiple bit strength?

  A. AES
  B. DES
  C. SHA-1
  D. MD5
  E. MD4
  A. AES

• Question 494:

  Which of the following cryptographic related browser settings allows an organization to communicate securely?

  A. SSL 3.0/TLS 1.0
  B. 3DES
  C. Trusted Sites
  D. HMAC
  A. SSL 3.0/TLS 1.0

• Question 495:

  Mike, a security professional, is tasked with actively verifying the strength of the security controls on a company's live modem pool. Which of the following activities is MOST appropriate?

  A. War dialing
  B. War chalking
  C. War driving
  D. Bluesnarfing
  A. War dialing

• Question 496:

  A system administrator has been instructed by the head of security to protect their data at-rest. Which of the following would provide the strongest protection?

  A. Prohibiting removable media
  B. Incorporating a full-disk encryption system
  C. Biometric controls on data center entry points
  D. A host-based intrusion detection system
  B. Incorporating a full-disk encryption system

• Question 497:

  Key elements of a business impact analysis should include which of the following tasks?

  A. Develop recovery strategies, prioritize recovery, create test plans, post-test evaluation, and update processes.
  B. Identify institutional and regulatory reporting requirements, develop response teams and communication trees, and develop press release templates.
  C. Employ regular preventive measures such as patch management, change management, antivirus and vulnerability scans, and reports to management.
  D. Identify critical assets systems and functions, identify dependencies, determine critical downtime limit, define scenarios by type and scope of impact, and quantify loss potential.
  D. Identify critical assets systems and functions, identify dependencies, determine critical downtime limit, define scenarios by type and scope of impact, and quantify loss potential.

• Question 498:

  Ann, a company's security officer, often receives reports of unauthorized personnel having access codes to the cipher locks of secure areas in the building. Ann should immediately implement which of the following?

  A. Acceptable Use Policy
  B. Physical security controls
  C. Technical controls
  D. Security awareness training
  D. Security awareness training

• Question 499:

  Which of the following hardware based encryption devices is used as a part of multi-factor authentication to access a secured computing system?

  A. Database encryption
  B. USB encryption
  C. Whole disk encryption
  D. TPM
  B. USB encryption

• Question 500:

  Which of the following application security principles involves inputting random data into a program?

  A. Brute force attack
  B. Sniffing
  C. Fuzzing
  D. Buffer overflow
  C. Fuzzing