Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CompTIA Security+ > SYO-301 > Flashcards

SYO-301 Flashcards

1
Q

Which of the following is an example of a false negative?

  • A. The IDS does not identify a buffer overflow
  • B. Anti-virus identifies a benign application as malware.
  • C. Anti-virus protection interferes with the normal operation of an application.
  • D. A user account is locked out after the user mistypes the password too many times.
A

A. The IDS does not identify a buffer overflow

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Sara and Jane, users, are reporting an increase in the amount of unwanted email that they are
receiving each day. Which of the following would be the BEST way to respond to this issue without
creating a lot of administrative overhead?

  • A. Deploy an anti-spam device to protect the network.
  • B. Update the anti-virus definitions and make sure that it is set to scan all received email
  • C. Set up spam filtering rules in each user’s mail client.
  • D. Change the firewall settings to block SMTP relays so that the spam cannot get in.
A

A. Deploy an anti-spam device to protect the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following encrypts the body of a packet, rather than just the password, while sending
information?

  • A. LDAP
  • B. TACACS+
  • C. ACLs
  • D. RADIUS
A

B. TACACS+

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following is similar to a smurf attack, but uses UDP instead to ICMP?

  • A. X-Mas attack
  • B. Fraggle attack
  • C. Vishing
  • D. Man-in-the-middle attack
A

B. Fraggle attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Pete, a security administrator, wants to secure remote telnet services and decides to use the
services over SSH. Which of the following ports should Pete allow on the firewall by default?

  • A. 21
  • B. 22
  • C. 23
  • D. 25
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following accurately describes the STRONGEST multifactor authentication?

  • A. Something you are, something you have
  • B. Something you have, something you know
  • C. Something you are near to, something you have
  • D. Something you have, someone you know
A

A. Something you are, something you have

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following is a valid server-role in a Kerberos authentication system?

  • A. Token issuing system
  • B. Security assertion server
  • C. Authentication agent
  • D. Ticket granting server
A

D. Ticket granting server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A company is performing internal security audits after a recent exploitation on one of their
proprietary applications. Sara, the security auditor, is given the workstation with limited
documentation regarding the application installed for the audit. Which of the following types of
testing methods is this?

  • A. Sandbox
  • B. White box
  • C. Black box
  • D. Gray box
A

D. Gray box

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Sara, a security analyst, discovers which operating systems the client devices on the network are
running by only monitoring a mirror port on the router. Which of the following techniques did Sara
use?

  • A. Active fingerprinting
  • B. Passive finger printing
  • C. Protocol analyzing
  • D. Network enumerating
A

B. Passive Fingerprinting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following is the BEST solution to securely administer remote servers?

  • A. SCP
  • B. SSH
  • C. Telnet
  • D. SFTP
A

B. SSH

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A company has sent all of its private keys to a third party. The third party company has created a
secure list of these keys. Which of the following has just been implemented?

  • A. Key escrow
  • B. CRL
  • C. CA
  • D. Recovery agent
A

A. Key escrow

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which of the following authentication protocols forces centralized wireless authentication?

  • A. WPA2-Personal
  • B. WPA2-Enterprise
  • C. WPA2-CCMP
  • D. WPA2-TKIP
A

B. WPA2-Enterprise

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

The fundamental information security principals include confidentiality, availability and which of the
following?

  • A. The ability to secure data against unauthorized disclosure to external sources
  • B. The capacity of a system to resist unauthorized changes to stored information
  • C. The confidence with which a system can attest to the identity of a user
  • D. The characteristic of a system to provide uninterrupted service to authorized users
A

B. The capacity of a system to resist unauthorized changes to stored information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following risks could IT management be mitigating by removing an all-in-one device?

  • A. Continuity of operations
  • B. Input validation
  • C. Single point of failure
  • D. Single sign on
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Social networking sites are used daily by the marketing team for promotional purposes. However,
confidential company information, including product pictures and potential partnerships, have been
inadvertently exposed to the public by dozens of employees using social networking sites. Which
of following is the BEST response to mitigate this threat with minimal company disruption?

  • A. Mandate additional security awareness training for all employees.
  • B. Report each employee to Human Resources for termination for violation of security policies
  • C. Implement a data loss prevention program to filter email.
  • D. Block access to social networking sites from the corporate network
  • CompTIA SY0-301 Exam
A

A. Mandate additional security awareness training for all employees.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A computer is put into a restricted VLAN until the computer’s virus definitions are up-to-date.
Which of the following BEST describes this system type?

  • A. NAT
  • B. NIPS
  • C. NAC
  • D. DMZ
A

C. NAC (Network Access Control)

17
Q

Sara, an IT administrator, wants to protect a cluster of servers in a DMZ from zero day attacks.
Which of the following would provide the BEST level of protection?

  • A. NIPS
  • B. NIDS
  • C. ACL
  • D. Antivirus
A

A. NIPS

18
Q

Which of the following inspects traffic entering or leaving a network to look for anomalies against
expected baselines?

  • A. IPS
  • B. Sniffers
  • C. Stateful firewall
  • D. Stateless firewall
A

A. IPS (Intrusion Prevention System)

19
Q

Which of the following BEST describes a software vulnerability that is actively being used by Sara
and Jane, attackers, before the vendor releases a protective patch or update?

  • A. Buffer overflow
  • B. IV attack
  • C. Zero day attack
  • D. LDAP injection
A

C. Zero day attack

20
Q

Which of the following BEST allows Pete, a security administrator, to determine the type, source,
and flags of the packet traversing a network for troubleshooting purposes?

  • A. Switches
  • B. Protocol analyzers
  • C. Routers
  • D. Web security gateways
A

B. Protocol Analyzers

21
Q

Sara, an attacker, is recording a person typing in their ID number into a keypad to gain access to
the building. Sara then calls the helpdesk and informs them that their PIN no longer works and
would like to change it. Which of the following attacks occurred LAST?

  • A. Phishing
  • B. Shoulder surfing
  • C. Impersonation
A

C. Impersonation

22
Q

Sara, a security administrator, is noticing a slow down in the wireless network response. Sara
launches a wireless sniffer and sees a large number of ARP packets being sent to the AP. Which
of the following type of attacks is underway?

  • A. IV attack
  • B. Interference
  • C. Blue jacking
  • D. Packet sniffing
A

A. IV Attack

23
Q

Which of the following would Pete, a security administrator, change to limit how far a wireless
signal will travel?

  • A. SSID
  • B. Encryption methods
  • C. Power levels
  • D. Antenna placement
A

C. Power Levels

24
Q

Which of the following ports should be open in order for Sara and Pete, users, to identify websites
by domain name?

  • A. TCP 21
  • B. UDP22
  • C. TCP 23
  • D. UDP 53
A

D. UDP 53

25
Q

Sara, an administrator, suspects a denial of service attack on the network, but does not know
where the network traffic is coming from or what type of traffic it is. Which of the following would
help Sara further assess the situation?

  • A. Protocol analyzer
  • B. Penetration testing
  • C. HTTP interceptor
  • D. Port scanner
A

A. Protocol Analyzer

26
Q

Sara, a security administrator, has configured a trusted OS implementation on her servers. Which
of the following controls are enacted by the trusted OS implementation?

  • A. Mandatory Access Controls
  • B. Time-based Access Controls
  • C. Discretionary Access Controls
  • D. Role Based Access Controls
A

A. Mandatory Access Controls (MAC)

27
Q

Which of the following is a best practice when securing a switch from physical access?

  • A. Disable unnecessary accounts
  • B. Print baseline configuration
  • C. Enable access lists
  • D. Disable unused ports
A

D. Disable unused ports

28
Q

When Pete, an employee, leaves a company, which of the following should be updated to ensure
Pete’s security access is reduced or eliminated?

  • A. RSA
  • B. CA
  • C. PKI
  • D. CRL
A

D. CRL (Certificate Revocation List)

29
Q

Pete, a security administrator, has observed repeated attempts to break into the network. Which of
the following is designed to stop an intrusion on the network?

  • A. NIPS
  • B. HIDS
  • C. HIPS
  • D. NIDS
A

A. NIPS (Network Intrusion Prevention System)

30
Q

Which of the following controls mitigates the risk of Matt, an attacker, gaining access to a company
network by using a former employee’s credential?

  • A. Account expiration
  • B. Password complexity
  • C. Account lockout
  • D. Dual factor authentication
A

A. Account Expiration

31
Q

Jane, an IT security technician working at a bank, has implemented encryption between two
locations. Which of the following security concepts BEST exemplifies the protection provided by
this example?

  • A. Integrity
  • B. Confidentiality
  • C. Cost
  • D. Availability
A

B. Confidentiality

32
Q

Which of the following mitigates the risk of proprietary information being compromised?

  • A. Cloud computing
  • B. Digital signatures
  • C. File encryption
  • D. Virtualization
A

C. File encryption

33
Q

Which of the following should Pete, an administrator, use to verify the integrity of a downloaded
file?

  • A. CRL
  • B. CSR
  • C. AES
  • D. MD5
A

D. MD5

34
Q

While Sara is logging into the server from her workstation, she notices Pete watching her enter the
username and password. Which of the following social engineering attacks is Pete executing?

  • A. Impersonation
  • B. Tailgating
  • C. Piggybacking
  • D. Shoulder surfing
A

D. Shoulder Surfind

35
Q

Which of the following is the MOST important security requirement for mobile devices storing PII?

  • A. Remote data wipe
  • B. GPS location service
  • C. VPN pass-through
  • D. WPA2 wireless
A

A. Remote data wipe

36
Q

The log management system at Company A is inadequate to meet the standards required by their
corporate governance team. A new automated log management system has been put in place.
This is an example of which of the following?

  • A. Data integrity measurement
  • B. Network traffic analysis
  • C. Risk acceptance process
  • D. Continuous monitoring
A

D. Continuous Monitoring

CompTIA Security+ (1 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions