SY0-301 Exam Questions
901 real SY0-301 exam questions with expert-verified answers and explanations. Page 1 of 19.
- Question #1General security concepts
Which of the following devices is BEST suited for servers that need to store private keys?
HSMprivate key storagehardware securitycryptographic hardware - Question #2General security concepts
All of the following are valid cryptographic hash functions EXCEPT:
hash functionsRC4stream ciphercryptography - Question #3Threats, vulnerabilities, and mitigations
In regards to secure coding practices, why is input validation important?
input validationbuffer overflowsecure codingapplication security - Question #4General security concepts
Which of the following would be used when a higher level of security is desired for encryption key storage?
TPMencryption key storagehardware securitytrusted platform module - Question #5Security operations
A security administrator needs to determine which system a particular user is trying to login to at various times of the day. Which of the following log types would the administrat...
security logsaudit logginguser authenticationlog analysis - Question #6Security operations
Which of the following MUST be updated immediately when an employee is terminated to prevent unauthorized access?
CRLcertificate revocationemployee terminationPKI - Question #7General security concepts
Employee badges are encoded with a private encryption key and specific personal information. The encoding is then used to provide access to the network. Which of the following desc...
smart cardmultifactor authenticationaccess controlphysical security - Question #8Security architecture
Which of the following devices would MOST likely have a DMZ interface?
DMZfirewallnetwork segmentationperimeter security - Question #9Threats, vulnerabilities, and mitigations
Which of the following application security testing techniques is implemented when an automated system generates random input data?
fuzzingapplication testingrandom inputvulnerability assessment - Question #10Threats, vulnerabilities, and mitigations
Which of the following can be used by a security administrator to successfully recover a user's forgotten password on a password protected file?
brute forcepassword recoverypassword attackscryptanalysis - Question #11Security operations
A security administrator wants to check user password complexity. Which of the following is the BEST tool to use?
password crackerpassword complexitypassword policycredential security - Question #12General security concepts
Certificates are used for: (Select TWO).
digital certificatesclient authenticationcode signingPKI - Question #13General security concepts
Which of the following is a hardware based encryption device?
TPMhardware encryptiontrusted platform modulekey storage - Question #14Threats, vulnerabilities, and mitigations
Which of the following BEST describes a protective countermeasure for SQL injection?
SQL injectioninput validationweb application securityinjection attacks - Question #15Security operations
Which of the following MOST interferes with network-based detection techniques?
SSL/TLSencrypted trafficIDS evasionnetwork monitoring - Question #16General security concepts
A certificate authority takes which of the following actions in PKI?
certificate authorityPKIroot certificatesdigital certificates - Question #17Threats, vulnerabilities, and mitigations
Use of a smart card to authenticate remote servers remains MOST susceptible to which of the following attacks?
smart cardmalicious codeauthentication attacksendpoint security - Question #18Security program management and oversight
Separation of duties is often implemented between developers and administrators in order to separate which of the following?
separation of dutieschange managementleast privilegeaccess control - Question #19Security program management and oversight
A security administrator needs to update the OS on all the switches in the company. Which of the following MUST be done before any actual switch configuration is performed?
change managementconfiguration managementpatch managementgovernance - Question #20Threats, vulnerabilities, and mitigations
Jane, an individual, has recently been calling various financial offices pretending to be another person to gain financial information. Which of the following attacks is being desc...
vishingsocial engineeringimpersonationphone-based attacks - Question #21Security program management and oversight
A user in the company is in charge of various financial roles but needs to prepare for an upcoming audit. They use the same account to access each financial system. Which of the fo...
separation of dutiesaccess controlaccount managementaudit compliance - Question #22General security concepts
A CRL is comprised of:
CRLPKIpublic key infrastructurecertificate management - Question #23Threats, vulnerabilities, and mitigations
Sara, a user, downloads a keygen to install pirated software. After running the keygen, system performance is extremely slow and numerous antivirus alerts are displayed. Which of t...
trojanmalware classificationsocial engineeringkeygen - Question #24Security architecture
Which of the following may significantly reduce data loss if multiple drives fail at the same time?
RAIDfault tolerancedata redundancyavailability - Question #25Security architecture
Which of the following should be considered to mitigate data theft when using CAT5 wiring?
EMI shieldingphysical securitydata interceptionnetwork cabling - Question #26General security concepts
To help prevent unauthorized access to PCs, a security administrator implements screen savers that lock the PC after five minutes of inactivity. Which of the following controls is...
technical controlsaccess controlscreen lockcontrol categories - Question #27Security architecture
Pete, a network administrator, is capturing packets on the network and notices that a large amount of the traffic on the LAN is SIP and RTP protocols. Which of the following should...
VLANnetwork segmentationVoIPSIP/RTP - Question #28Security architecture
Which of the following IP addresses would be hosts on the same subnet given the subnet mask 255.255.255.224? (Select TWO).
subnettingCIDRIPv4 addressingnetwork design - Question #29General security concepts
Which of the following algorithms has well documented collisions? (Select TWO).
hash collisionsMD5SHAcryptographic hash functions - Question #30General security concepts
Which of the following is BEST used as a secure replacement for TELNET?
SSHTELNETsecure remote accessprotocol replacement - Question #31General security concepts
An email client says a digital signature is invalid and the sender cannot be verified. The recipient is concerned with which of the following concepts?
digital signaturesintegrityCIA triadPKI - Question #32Security architecture
Which of the following is an effective way to ensure the BEST temperature for all equipment within a datacenter?
hot aisle cold aisledatacenter coolingenvironmental controlsphysical security - Question #33General security concepts
Which of the following transportation encryption protocols should be used to ensure maximum security between a web browser and a web server?
TLStransport encryptionSSLsecure protocols - Question #34Security program management and oversight
Developers currently have access to update production servers without going through an approval process. Which of the following strategies would BEST mitigate this risk?
change managementaccess controlproduction securitychange control - Question #35General security concepts
Which of the following is a difference between TFTP and FTP?
TFTPFTPUDP vs TCPnetwork protocols - Question #36Security operations
Matt, an administrator, notices a flood fragmented packet and retransmits from an email server. After disabling the TCP offload setting on the NIC, Matt sees normal traffic with pa...
protocol analyzerpacket capturenetwork troubleshootingtraffic analysis - Question #37Threats, vulnerabilities, and mitigations
Which of the following is characterized by an attacker attempting to map out an organization's staff hierarchy in order to send targeted emails?
whalingspear phishingsocial engineeringtargeted attacks - Question #38Threats, vulnerabilities, and mitigations
Which of the following would a security administrator implement in order to discover comprehensive security threats on a network?
vulnerability scanningsecurity assessmentthreat detectionnetwork security - Question #39Security operations
Which of the following is an example of a false positive?
false positiveantivirusintrusion detectionsecurity monitoring - Question #40Threats, vulnerabilities, and mitigations
Data execution prevention is a feature in most operating systems intended to protect against which type of attack?
DEPbuffer overflowmemory protectionOS security - Question #41Security operations
Use of group accounts should be minimized to ensure which of the following?
group accountsindividual accountabilityaccess controlaccount management - Question #42Security operations
Privilege creep among long-term employees can be mitigated by which of the following procedures?
privilege creepuser permission reviewsleast privilegeidentity management - Question #43Security architecture
In which of the following scenarios is PKI LEAST hardened?
PKI hardeningmalicious CA certificatecertificate authoritytrust chain - Question #44Security architecture
Configuring the mode, encryption methods, and security associations are part of which of the following?
IPSecsecurity associationsVPN protocolsencryption modes - Question #45Threats, vulnerabilities, and mitigations
Which of the following assessments would Pete, the security administrator, use to actively test that an application's security controls are in place?
penetration testingapplication security controlsvulnerability assessmentactive testing - Question #46Security architecture
A security administrator has just finished creating a hot site for the company. This implementation relates to which of the following concepts?
hot siteavailabilitydisaster recoverybusiness continuity - Question #47Security operations
In the initial stages of an incident response, Matt, the security administrator, was provided the hard drives in question from the incident manager. Which of the following incident...
incident responsedigital forensicssystem image capturefile hashing - Question #48General security concepts
Which of the following is used to certify intermediate authorities in a large PKI deployment?
root CAPKI hierarchyintermediate CAcertificate authority - Question #49General security concepts
Which of the following components MUST be trusted by all parties in PKI?
PKIcertificate authoritytrust modelpublic key infrastructure - Question #50Security architecture
Which of the following should Matt, a security administrator, include when encrypting smartphones? (Select TWO).
mobile device encryptionremovable mediainternal memoryendpoint security