SY0-301 Practice Questions

Which of the following protocols allows for secure transfer of files? (Select TWO).

Which of the following passwords is the LEAST complex?

During a penetration test from the Internet, Jane, the system administrator, was able to establish a connection to an internal router, but not successfully log in to it. Which port...

Which of the following is an application security coding problem?

An IT security technician needs to establish host based security for company workstations. Which of the following will BEST meet this requirement?

Which of the following is the MOST specific plan for various problems that can arise within a system?

Which of the following BEST describes the weakness in WEP encryption?

Sara, the Chief Security Officer (CSO), has had four security breaches during the past two years. Each breach has cost the company $3,000. A third party vendor has offered to repai...

Which of the following is an authentication and accounting service that uses TCP for connecting to routers and switches?

Which of the following can BEST help prevent cross-site scripting attacks and buffer overflows on a production system?

Pete, an IT Administrator, needs to secure his server room. Which of the following mitigation methods would provide the MOST physical protection?

Which of the following should be connected to the fire alarm system in order to help prevent the spread of a fire in a server room without data loss to assist in an FM-200 deployme...

Matt, a security consultant, has been tasked with increasing server fault tolerance and has been given no budget to accomplish his task. Which of the following can Matt implement t...

Which of the following fire suppression systems is MOST likely used in a datacenter?

A security administrator has installed a new KDC for the corporate environment. Which of the following authentication protocols is the security administrator planning to implement...

While opening an email attachment, Pete, a customer, receives an error that the application has encountered an unexpected issue and must be shut down. This could be an example of w...

Jane has recently implemented a new network design at her organization and wishes to passively identify security issues with the new network. Which of the following should Jane per...

A security technician is working with the network firewall team to implement access controls at the company's demarc as part of the initiation of configuration management processes...

Jane, a security administrator, has been tasked with explaining authentication services to the company's management team. The company runs an active directory infrastructure. Which...

Pete, the compliance manager, wants to meet regulations. Pete would like certain ports blocked only on all computers that do credit card transactions. Which of the following should...

Pete, the system administrator, wants to restrict access to advertisements, games, and gambling web sites. Which of the following devices would BEST achieve this goal?

Pete, the system administrator, wishes to monitor and limit users' access to external websites. Which of the following would BEST address this?

Sara, the security administrator, must configure the corporate firewall to allow all public IP addresses on the internal interface of the firewall to be translated to one public IP...

Matt, a security analyst, needs to select an asymmetric encryption method that allows for the same level of encryption strength with a lower key length than is typically necessary....

Sara, a security analyst, is trying to prove to management what costs they could incur if their customer database was breached. This database contains 250 records with PII. Studies...

Methods to test the responses of software and web applications to unusual or unexpected inputs is known as:

Pete needs to open ports on the firewall to allow for secure transmission of files. Which of the following ports should be opened on the firewall?

Sara, a security architect, has developed a framework in which several authentication servers work together to increase processing power for an application. Which of the following...

Which statement is TRUE about the operation of a packet sniffer?

Which of the following firewall rules only denies DNS zone transfers?

Which of the following BEST explains the use of an HSM within the company servers?

Which of the following technologies can store multi-tenant data with different security requirements?

Matt, a security analyst, needs to implement encryption for company data and also prevent theft of company data. Where and how should Matt meet this requirement?

Which of the following types of encryption will help in protecting files on a PED?

Which of the following does full disk encryption prevent?

Pete, a security analyst, has been informed that the development team has plans to develop an application which does not meet the company's password policy. Which of the following...

Sara, a security manager, has decided to force expiration of all company passwords by the close of business day. Which of the following BEST supports this reasoning?

Which of the following presents the STRONGEST access control?

Which of the following encompasses application patch management?

Sara, an application developer, implemented error and exception handling alongside input validation. Which of the following does this help prevent?

Which of the following is the LEAST volatile when performing incident response procedures?

Pete, a developer, writes an application. Jane, the security analyst, knows some things about the overall application but does not have all the details. Jane needs to review the so...

The information security team does a presentation on social media and advises the participants not to provide too much personal information on social media web sites. This advice w...

Pete's corporation has outsourced help desk services to a large provider. Management has published a procedure that requires all users, when receiving support, to call a special nu...

Pete, the security engineer, would like to prevent wireless attacks on his network. Pete has implemented a security control to limit the connecting MAC addresses to a single port....

Which of the following can be implemented with multiple bit strength?

Pete, the system administrator, has blocked users from accessing social media web sites. In addition to protecting company information from being accidentally leaked, which additio...

Pete, the system administrator, is reviewing his disaster recovery plans. He wishes to limit the downtime in the event of a disaster, but does not have the budget approval to imple...

A network stream needs to be encrypted. Sara, the network administrator, has selected a cipher which will encrypt 8 bits at a time before sending the data across the network. Which...

Pete, a security auditor, has detected clear text passwords between the RADIUS server and the authenticator. Which of the following is configured in the RADIUS server and what tech...