SY0-301 Practice Questions

A security specialist has been asked to evaluate a corporate network by performing a vulnerability assessment. Which of the following will MOST likely be performed?

A security technician is attempting to access a wireless network protected with WEP. The technician does not know any information about the network. Which of the following should t...

After an assessment, auditors recommended that an application hosting company should contract with additional data providers for redundant high speed Internet connections. Which of...

A router has a single Ethernet connection to a switch. In the router configuration, the Ethernet interface has three sub-interfaces, each configured with ACLs applied to them and 8...

Which of the following should be enabled in a laptop's BIOS prior to full disk encryption?

Company employees are required to have workstation client certificates to access a bank website. These certificates were backed up as a precautionary step before the new computer u...

Digital Signatures provide which of the following?

A user ID and password together provide which of the following?

RADIUS provides which of the following?

A recent intrusion has resulted in the need to perform incident response procedures. The incident response team has identified audit logs throughout the network and organizational...

A recent computer breach has resulted in the incident response team needing to perform a forensics examination. Upon examination, the forensics examiner determines that they cannot...

An IT staff member was entering the datacenter when another person tried to piggyback into the datacenter as the door was opened. While the IT staff member attempted to question th...

During a recent user awareness and training session, a new staff member asks the Chief Information Security Officer (CISO) why the company does not allow personally owned devices i...

A user has received an email from an external source which asks for details on the company's new product line set for release in one month. The user has a detailed spec sheet but i...

Which of the following techniques enables a highly secured organization to assess security weaknesses in real time?

Which of the following techniques can be used to prevent the disclosure of system information resulting from arbitrary inputs when implemented properly?

Encryption of data at rest is important for sensitive information because of which of the following?

Which of the following is synonymous with a server's certificate?

A network administrator noticed various chain messages have been received by the company. Which of the following security controls would need to be implemented to mitigate this iss...

Which of the following types of application attacks would be used to specifically gain unauthorized information from databases that did not have any input validation implemented?

Which of the following should be deployed to prevent the transmission of malicious traffic between virtual machines hosted on a singular physical device on a network?

A security administrator wants to get a real time look at what attackers are doing in the wild, hoping to lower the risk of zero-day attacks. Which of the following should be used...

Which of the following protocols is the security administrator observing in this packet capture? 12:33:43, SRC 192.168.4.3:3389, DST 10.67.33.20:8080, SYN/ACK

Which of the following is true about asymmetric encryption?

Which of the following is true about an email that was signed by User A and sent to User B?

The Chief Information Officer (CIO) is concerned with moving an application to a SaaS cloud provider. Which of the following can be implemented to provide for data confidentiality...

Which of the following protocols encapsulates an IP packet with an additional IP header?

A program has been discovered that infects a critical Windows system executable and stays dormant in memory. When a Windows mobile phone is connected to the host, the program infec...

A user has unknowingly gone to a fraudulent site. The security analyst notices the following system change on the user's host: Old `hosts' file: 127.0.0.1 localhost New `hosts' fil...

An investigator recently discovered that an attacker placed a remotely accessible CCTV camera in a public area overlooking several Automatic Teller Machines (ATMs). It is also beli...

A user commuting to work via public transport received an offensive image on their smart phone from another commuter. Which of the following attacks MOST likely took place?

An attacker attempted to compromise a web form by inserting the following input into the username field: admin)(|(password=*)) Which of the following types of attacks was attempted...

Which of the following is BEST carried out immediately after a security breach is discovered?

Which of the following BEST describes the type of attack that is occurring?

Which of the following BEST describes the type of attack that is occurring? (Select TWO).

Which of the following is a hardware-based security technology included in a computer?

Pete, an employee, attempts to visit a popular social networking site but is blocked. Instead, a page is displayed notifying him that this site cannot be visited. Which of the foll...

How often, at a MINIMUM, should Sara, an administrator, review the accesses and right of the users on her system?

An administrator is concerned that a company's web server has not been patched. Which of the following would be the BEST assessment for the administrator to perform?

An administrator notices that former temporary employees' accounts are still active on a domain. Which of the following can be implemented to increase security and prevent this fro...

A trojan was recently discovered on a server. There are now concerns that there has been a security breach that allows unauthorized people to access data. The administrator should...

Which of the following protocols uses TCP instead of UDP and is incompatible with all previous versions?

Which of the following symmetric key algorithms are examples of block ciphers? (Select THREE).

Which of the following must be kept secret for a public key infrastructure to remain secure?

Which of the following devices is BEST suited to protect an HTTP-based application that is susceptible to injection attacks?

Which of the following is best practice to put at the end of an ACL?

An achievement in providing worldwide Internet security was the signing of certificates associated with which of the following protocols?

A Chief Information Security Officer (CISO) wants to implement two-factor authentication within the company. Which of the following would fulfill the CISO's requirements?

Which of the following can a security administrator implement on mobile devices that will help prevent unwanted people from viewing the data if the device is left unattended?

Which of the following security concepts can prevent a user from logging on from home during the weekends?