SY0-301 Practice Questions

Which of the following is the difference between identification and authentication of a user?

The marketing department wants to distribute pens with embedded USB drives to clients. In the past this client has been victimized by social engineering attacks which led to a loss...

A technician is investigating intermittent switch degradation. The issue only seems to occur when the buildings roof air conditioning system runs. Which of the following would redu...

According to company policy an administrator must logically keep the Human Resources department separated from the Accounting department. Which of the following would be the simple...

Which of the following tools will allow a technician to detect security-related TCP connection anomalies?

A technician is reviewing the logical access control method an organization uses. One of the senior managers requests that the technician prevent staff members from logging on duri...

An administrator notices that former temporary employees accounts are still active on a domain. Which of the following can be implemented to increase security and prevent this from...

An administrator wishes to hide the network addresses of an internal network when connecting to the Internet. The MOST effective way to mask the network address of the users would...

Which of the following allows a technician to scan for missing patches on a device without actually attempting to exploit the security problem?

By default, which of the following uses TCP port 22? (Select THREE).

Access mechanisms to data on encrypted USB hard drives must be implemented correctly otherwise.

Which of the following would allow the organization to divide a Class C IP address range into several ranges?

The security administrator is currently unaware of an incident that occurred a week ago. Which of the following will ensure the administrator is notified in a timely manner in the...

An access point has been configured for AES encryption but a client is unable to connect to it. Which of the following should be configured on the client to fix this issue?

The system administrator is tasked with changing the administrator password across all 2000 computers in the organization. Which of the following should the system administrator im...

A network administrator wants to block both DNS requests and zone transfers coming from outside IP addresses. The company uses a firewall which implements an implicit allow and is...

Which of the following attacks would cause all mobile devices to lose their association with corporate access points while the attack is underway?

Which of the following is a security concern regarding users bringing personally-owned devices that they connect to the corporate network?

Due to issues with building keys being duplicated and distributed, a security administrator wishes to change to a different security control regarding a restricted area. The goal i...

A security administrator has concerns regarding employees saving data on company provided mobile devices. Which of the following would BEST address the administrator's concerns?

Identifying residual risk is MOST important to which of the following concepts?

The information security technician wants to ensure security controls are deployed and functioning as intended to be able to maintain an appropriate security posture. Which of the...

A small company can only afford to buy an all-in-one wireless router/switch. The company has 3 wireless BYOD users and 2 web servers without wireless access. Which of the following...

Due to hardware limitation, a technician must implement a wireless encryption algorithm that uses the RC4 protocol. Which of the following is a wireless encryption solution that th...

Joe, a user, wants to send an encrypted email to Ann. Which of the following will Ann need to use to verify that the email came from Joe and decrypt it? (Select TWO).

Joe, a user, wants to send an encrypted email to Ann. Which of the following will Ann need to use to verify the validity's of Joe's certificate? (Select TWO).

A technician wants to implement a dual factor authentication system that will enable the organization to authorize access to sensitive systems on a need-to-know basis. Which of the...

A security researcher wants to reverse engineer an executable file to determine if it is malicious. The file was found on an underused server and appears to contain a zero-day expl...

The business has an established relationship with an organization using the URL of following would BEST describe this type of attack?

A company has proprietary mission critical devices connected to their network which are configured remotely by both employees and approved customers. The administrator wants to mon...

An administrator has a network subnet dedicated to a group of users. Due to concerns regarding data and network security, the administrator desires to provide network access for th...

A security administrator forgets their card to access the server room. The administrator asks a co- worker if they could use their card for the day. Which of the following is the a...

A security administrator has implemented a policy to prevent data loss. Which of the following is the BEST method of enforcement?

Symmetric encryption utilizes __________, while asymmetric encryption utilizes _________.

The main corporate website has a service level agreement that requires availability 100% of the time, even in the case of a disaster. Which of the following would be required to me...

Which of the following is a vulnerability associated with disabling pop-up blockers?

A security technician needs to open ports on a firewall to allow for domain name resolution. Which of the following ports should be opened? (Select TWO).

During an anonymous penetration test, Jane, a system administrator, was able to identify a shared print spool directory, and was able to download a document from the spool. Which s...

An IT security technician is actively involved in identifying coding issues for her company. Which of the following is an application security technique that can be used to identif...

Which of the following data security techniques will allow Matt, an IT security technician, to encrypt a system with speed as its primary consideration?

Matt, a forensic analyst, wants to obtain the digital fingerprint for a given message. The message is 160-bits long. Which of the following hashing methods would Matt have to use t...

A system administrator is notified by a staff member that their laptop has been lost. The laptop contains the user's digital certificate. Which of the following will help resolve t...

A security engineer is given new application extensions each month that need to be secured prior to implementation. They do not want the new extensions to invalidate or interfere w...

During an audit, the security administrator discovers that there are several users that are no longer employed with the company but still have active user accounts. Which of the fo...

A system administrator has concerns regarding their users accessing systems and secured areas using others' credentials. Which of the following can BEST address this concern?

A network administrator has a separate user account with rights to the domain administrator group. However, they cannot remember the password to this account and are not able to lo...

Jane has implemented an array of four servers to accomplish one specific task. This is BEST known as which of the following?

Which of the following security account management techniques should a security analyst implement to prevent staff, who has switched company roles, from exceeding privileges?

To ensure compatibility with their flagship product, the security engineer is tasked to recommend an encryption cipher that will be compatible with the majority of third party soft...

After a new firewall has been installed, devices cannot obtain a new IP address. Which of the following ports should Matt, the security administrator, open on the firewall?