SY0-301 Practice Questions

A network administrator has recently updated their network devices to ensure redundancy is in place so that:

A network administrator recently updated various network devices to ensure redundancy throughout the network. If an interface on any of the Layer 3 devices were to go down, traffic...

A system administrator needs to ensure that certain departments have more restrictive controls to their shared folders than other departments. Which of the following security contr...

A network analyst received a number of reports that impersonation was taking place on the network. Session tokens were deployed to mitigate this issue and defend against which of t...

Which of the following controls would prevent an employee from emailing unencrypted information to their personal email account over the corporate network?

Which of the following is a measure of biometrics performance which rates the ability of a system to correctly authenticate an authorized user?

A company with a US-based sales force has requested that the VPN system be configured to authenticate the sales team based on their username, password and a client side certificate...

A software development company wants to implement a digital rights management solution to protect its intellectual property. Which of the following should the company implement to...

Users are unable to connect to the web server at IP 192.168.0.20. Which of the following can be inferred of a firewall that is configured ONLY with the following ACL? PERMIT TCP AN...

Which of the following security awareness training is BEST suited for data owners who are concerned with protecting the confidentiality of their data?

A security administrator is concerned about the strength of user's passwords. The company does not want to implement a password complexity policy. Which of the following can the se...

A company has purchased an application that integrates into their enterprise user directory for account authentication. Users are still prompted to type in their usernames and pass...

Which of the following are Data Loss Prevention (DLP) strategies that address data in transit issues? (Select TWO).

A user casually browsing the Internet is redirected to a warez site where a number of pop-ups appear. After clicking on a pop-up to complete a survey, a drive-by download occurs. W...

A security administrator plans on replacing a critical business application in five years. Recently, there was a security flaw discovered in the application that will cause the IT...

The IT department has setup a share point site to be used on the intranet. Security has established the groups and permissions on the site. No one may modify the permissions and al...

Purchasing receives a phone call from a vendor asking for a payment over the phone. The phone number displayed on the caller ID matches the vendor's number. When the purchasing age...

Purchasing receives an automated phone call from a bank asking to input and verify credit card information. The phone number displayed on the caller ID matches the bank. Which of t...

The IT department has setup a website with a series of questions to allow end users to reset their own accounts. Which of the following account management practices does this help?

An information bank has been established to store contacts, phone numbers and other records. A UNIX application needs to connect to the index server using port 389. Which of the fo...

An internal auditor is concerned with privilege creep that is associated with transfers inside the company. Which mitigation measure would detect and correct this?

Which of the following is the default port for TFTP?

Which of the following concepts are included on the three sides of the "security triangle"? (Select THREE).

Which of the following concepts allows an organization to group large numbers of servers together in order to deliver a common service?

Which of the following security concepts identifies input variables which are then used to perform boundary testing?

Users need to exchange a shared secret to begin communicating securely. Which of the following is another name for this symmetric key?

Which of the following cryptographic related browser settings allows an organization to communicate securely?

Which of the following is the BEST reason to provide user awareness and training programs for organizational staff?

A firewall technician has been instructed to disable all non-secure ports on a corporate firewall. The technician has blocked traffic on port 21, 69, 80, and 137-139. The technicia...

A security administrator is responsible for performing periodic reviews of user permission settings due to high turnover and internal transfers at a corporation. Which of the follo...

A system administrator is responding to a legal order to turn over all logs from all company servers. The system administrator records the system time of all servers to ensure that...

While rarely enforced, mandatory vacation policies are effective at uncovering:

A company hires outside security experts to evaluate the security status of the corporate network. All of the company's IT resources are outdated and prone to crashing. The company...

A security administrator notices that a specific network administrator is making unauthorized changes to the firewall every Saturday morning. Which of the following would be used t...

A security administrator notices large amounts of traffic within the network heading out to an external website. The website seems to be a fake bank site with a phone number that w...

After a user performed a war driving attack, the network administrator noticed several similar markings where WiFi was available throughout the enterprise. Which of the following i...

The system administrator notices that their application is no longer able to keep up with the large amounts of traffic their server is receiving daily. Several packets are dropped...

After a recent internal audit, the security administrator was tasked to ensure that all credentials must be changed within 90 days, cannot be repeated, and cannot contain any dicti...

A security analyst has been notified that trade secrets are being leaked from one of the executives in the corporation. When reviewing this executive's laptop they notice several p...

During a routine audit a web server is flagged for allowing the use of weak ciphers. Which of the following should be disabled to mitigate this risk? (Select TWO).

Review the following diagram depicting communication between PC1 and PC2 on each side of a router. Analyze the network traffic logs which show communication between the two compute...

The Chief Information Officer (CIO) wants to implement a redundant server location to which the production server images can be moved within 48 hours and services can be quickly re...

The security administrator is observing unusual network behavior from a workstation. The workstation is communicating with a known malicious destination over an encrypted tunnel. A...

Which of the following controls can be used to prevent the disclosure of sensitive information stored on a mobile device's removable media in the event that the device is lost or s...

Which of the following should be performed to increase the availability of IP telephony by prioritizing traffic?

A malicious program modified entries in the LMHOSTS file of an infected system. Which of the following protocols would have been affected by this?

A victim is logged onto a popular home router forum site in order to troubleshoot some router configuration issues. The router is a fairly standard configuration and has an IP addr...

Which of the following assets is MOST likely considered for DLP?

In order to securely communicate using PGP, the sender of an email must do which of the following when sending an email to a recipient for the first time?

A hacker has discovered a simple way to disrupt business for the day in a small company which relies on staff working remotely. In a matter of minutes the hacker was able to deny r...