SY0-301 - CompTIA Security+ Certification Exam (2011)
Go back to CompTIA
Use of a smart card to authenticate remote servers remains MOST susceptible to which of the following attacks?
Malicious code on the local system
While setting up a secure wireless corporate network, which of the following should Pete, an administrator, avoid implementing?
Which of the following can be utilized in order to provide temporary IT support during a disaster, where the organization sets aside funds for contingencies, but does not necessarily have a dedicated site to restore those services?
Sara from IT Governance wants to provide a mathematical probability of an earthquake using facts and figures. Which of the following concepts would achieve this?
In planning for a firewall implementation, Pete, a security administrator, needs a tool to help him understand what traffic patterns are normal on his network. Which of the following tools would help Pete determine traffic patterns?
Sara, a user, downloads a keygen to install pirated software. After running the keygen, system performance is extremely slow and numerous antivirus alerts are displayed. Which of the following BEST describes this type of malware?
Developers currently have access to update production servers without going through an approval process. Which of the following strategies would BEST mitigate this risk?
Which of the following is an example of a smart card?
Which of the following BEST explains the security benefit of a standardized server image?
Mandated security configurations have been made to the operating system.
Matt, a corporate user, has volunteered to participate in a test group for full disk encryption on employees' laptops. After his laptop's hard drive has been fully encrypted, the network administrator is still able to access Matt's files across a SMB share. Which of the following is the MAIN reason why the files are still accessible to the administrator?
Full disk encryption only secures files when the laptop is powered off
Which of the following is used to digitally sign an email?
Which of the following accurately describes the STRONGEST multifactor authentication?
Something you are, something you have
In regards to secure coding practices, why is input validation important?
It mitigates buffer overflow attacks.
A username provides which of the following?
Why would a technician use a password cracker?
To look for weak passwords on the network
A team is developing a new application with many different screens that users can access. The team decides to simplify access by creating just two internal application roles. One role is granted read-only access to the summary screen. The other role is granted update access to all screens. This simplified access model may have a negative security impact on which of the following?
A programmer allocates 16 bytes for a string variable, but does not adequately ensure that more than 16 bytes cannot be copied into the variable. This program may be vulnerable to which of the following attacks?
A company has purchased an application that integrates into their enterprise user directory for account authentication. Users are still prompted to type in their usernames and passwords. Which of the following types of authentication is being utilized here?
An IT manager is concerned that the CRL list is not being updated in a timely manner. Which of the following technologies would BEST mitigate the problem?
Which of the following web application security weaknesses can be mitigated by preventing the se of HTML tags?
Routers are MOST often used as edge devices to:
filter high volumes of traffic efficiently.
Mike, a security professional, is tasked with actively verifying the strength of the security controls on a company's live modem pool. Which of the following activities is MOST appropriate?
A security analyst has been notified that trade secrets are being leaked from one of the executives in the corporation. When reviewing this executive's laptop they notice several pictures of the employee's pets are on the hard drive and on a cloud storage network. When the analyst hashes the images on the hard drive against the hashes on the cloud network they do not match. Which of the following describes how the employee is leaking these secrets?
Company employees are required to have workstation client certificates to access a bank website. These certificates were backed up as a precautionary step before the new computer upgrade. After the upgrade and restoration, users state they can access the bank's website, but not login. Which is the following is MOST likely the issue?
The certificates have not been installed on the workstations
Which of the following is true about the private key in a PKI?
It is used to encrypt the email hash in signed emails
Which of the following transportation encryption protocols should be used to ensure maximum security between a web browser and a web server?
An existing application has never been assessed from a security perspective. Which of the following is the BEST assessment technique in order to identify the application's security posture?
Which of the following protocols would be used to verify connectivity between two remote devices at the LOWEST level of the OSI model?
Which of the following implements two factor authentication based on something you know and something you have?
The system shall require users to authenticate to the system with a combination of a password or PIN and a smartcard
All of the following are valid cryptographic hash functions EXCEPT:
A security administrator notices large amounts of traffic within the network heading out to an external website. The website seems to be a fake bank site with a phone number that when called, asks for sensitive information. After further investigation, the security administrator notices that a fake link was sent to several users. This is an example of which of the following attacks?
Which of the following should be reviewed periodically to ensure a server maintains the correct security configuration?
Who should be contacted FIRST in the event of a security breach?
Incident response team
After Matt, a user, enters his username and password at the login screen of a web enabled portal, the following appears on his screen: `Please only use letters and numbers on these fields' Which of the following is this an example of?
Proper input validation
Matt, a security administrator, wants to implement a secure wireless network. Which of the following is the MOST secure wireless protocol?
Which of the following reduces the likelihood of a single point of failure when a server fails?
Which of the following network devices allows a security technician to perform malware inspection?
Sara, a security administrator, is configuring a new firewall. She has entered statements into the firewall configuration as follows: Allow all Web traffic Deny all Telnet traffic Allow all SSH traffic Mike, a user on the network, tries unsuccessfully to use RDP to connect to his work computer at home. Which of the following principles BEST explains why Mike's attempt to connect is not successful?
A database server containing personal information and a file server containing non-critical information must be secured. Which of the following would be a BEST practice to secure the servers? (Select TWO).
Place the file server behind a door requiring biometric authorization.
Place the database server behind a door requiring biometric authorization.
Which of the following can BEST help prevent cross-site scripting attacks and buffer overflows on a production system?
Which of the following increases proper airflow in a datacenter?
Hot and cold aisles
A security administrator implements access controls based on the security classification of the data and need-to-know information. Which of the following BEST describes this level of access control?
Mandatory Access Controls
Matt, a user, finds a flash drive in the parking lot and decides to see what is on it by using his company laptop. A few days later Matt reports his laptop is running slow and is unable to perform simple tasks. The security administrator notices several unauthorized applications have been installed. CPU usage is unusually high, and a collection of screenshots of Matt's recent activity has been transmitted over the network .This is an example of which of the following?
A computer is put into a restricted VLAN until the computer's virus definitions are up-to-date. Which of the following BEST describes this system type?
Jane, a security administrator, must be able to identify and validate every use of local administrative accounts across a large number of Windows and Linux servers. Which of the following offers the BEST solution?
Monitor LDAP and Active Directory for the use of Administrative accounts
Which of the following security controls enforces user permissions based on a job role?
Group based privileges
Which of the following would an antivirus company use to efficiently capture and analyze new and unknown malicious attacks?
Which of the following mitigation techniques is Pete, a security administrator, MOST likely to implement after the software has been released to the public?
An information bank has been established to store contacts, phone numbers and other records. A UNIX application needs to connect to the index server using port 389. Which of the following authentication services should be used on this port by default?