SY0-301 Practice Questions

Which of the following are examples of network segmentation? (Select TWO).

Which of the following provides the strongest authentication security on a wireless network?

Which of the following provides the BEST explanation regarding why an organization needs to implement IT security policies?

An incident response team member needs to perform a forensics examination but does not have the required hardware. Which of the following will allow the team member to perform the...

Which of the following allows an organization to store a sensitive PKI component with a trusted third party?

Which of the following security devices can be replicated on a Linux based computer using IP tables to inspect and properly handle network based traffic?

A software firm posts patches and updates to a publicly accessible FTP site. The software firm also posts digitally signed checksums of all patches and updates. The firm does this...

An administrator has successfully implemented SSL on srv4.comptia.com using wildcard certificate *.comptia.com, and now wishes to implement SSL on srv5.comptia.com. Which of the fo...

When reviewing security logs, an administrator sees requests for the AAAA record of

Which of the following practices reduces the management burden of access management?

Which of the following helps to apply the proper security controls to information?

Which of the following describes purposefully injecting extra input during testing, possibly causing an application to crash?

Which of the following types of security services are used to support authentication for remote users and devices?

A Chief Information Security Officer (CISO) is tasked with outsourcing the analysis of security logs. These will need to still be reviewed on a regular basis to ensure the security...

A security administrator needs a locally stored record to remove the certificates of a terminated employee. Which of the following describes a service that could meet these require...

A security analyst informs the Chief Executive Officer (CEO) that a security breach has just occurred. This results in the Risk Manager and Chief Information Officer (CIO) being ca...

Which of the following relies on the use of shared secrets to protect communication?

A security administrator wants to test the reliability of an application which accepts user provided parameters. The administrator is concerned with data integrity and availability...

Which of the following concepts is a term that directly relates to customer privacy considerations?

Which of the following is a Data Loss Prevention (DLP) strategy and is MOST useful for securing data in use?

Which of the following is a concern when encrypting wireless data with WEP?

A security administrator is tasked with calculating the total ALE on servers. In a two year period of time, a company has to replace five servers. Each server replacement has cost...

ABC company has a lot of contractors working for them. The provisioning team does not always get notified that a contractor has left the company. Which of the following policies wo...

The practice of marking open wireless access points is called which of the following?

Multi-tenancy is a concept found in which of the following?

Which of the following is a common coding error in which boundary checking is not performed?

While previously recommended as a security measure, disabling SSID broadcast is not effective against most attackers because network SSIDs are:

One of the most consistently reported software security vulnerabilities that leads to major exploits is:

Public key certificates and keys that are compromised or were issued fraudulently are listed on which of the following?

One of the most basic ways to protect the confidentiality of data on a laptop in the event the device is physically stolen is to implement which of the following?

Users report that after downloading several applications, their systems' performance has noticeably decreased. Which of the following would be used to validate programs prior to in...

Ann, a security analyst, has been notified that trade secrets are being leaked from one of the executives in the corporation. When reviewing this executive's laptop she notices sev...

A malicious user is sniffing a busy encrypted wireless network waiting for an authorized client to connect to it. Only after an authorized client has connected and the hacker was a...

Which of the following protocols is used by IPv6 for MAC address resolution?

Which of the following provides dedicated hardware-based cryptographic functions to an operating system and its applications running on laptops and desktops?

Which of the following tests a number of security controls in the least invasive manner?

When using PGP, which of the following should the end user protect from compromise? (Select TWO).

Which of the following disaster recovery strategies has the highest cost and shortest recovery time?

In the case of a major outage or business interruption, the security office has documented the expected loss of earnings, potential fines and potential consequence to customer serv...

After visiting a website, a user receives an email thanking them for a purchase which they did not request. Upon investigation the security administrator sees the following source...

Which of the following ports should be used by a system administrator to securely manage a remote server?

Which of the following ports is used to securely transfer files between remote UNIX systems?

Which of the following is a security benefit of providing additional HVAC capacity or increased tonnage in a datacenter?

Fuzzing is a security assessment technique that allows testers to analyze the behavior of software applications under which of the following conditions?

Which of the following types of wireless attacks would be used specifically to impersonate another WAP in order to gain unauthorized information from mobile users?

Which of the following types of application attacks would be used to identify malware causing security breaches that have NOT yet been identified by any trusted sources?

Which of the following is built into the hardware of most laptops but is not setup for centralized management by default?

Which of the following is true about the recovery agent?

Which of the following MOST specifically defines the procedures to follow when scheduled system patching fails resulting in system outages?

A review of the company's network traffic shows that most of the malware infections are caused by users visiting gambling and gaming websites. The security manager wants to impleme...