SY0-301 Practice Questions

Which of the following would provide the STRONGEST encryption?

During a server audit, a security administrator does not notice abnormal activity. However, a network security analyst notices connections to unauthorized ports from outside the co...

A security administrator wants to ensure that the message the administrator sends out to their Chief Financial Officer (CFO) does not get changed in route. Which of the following i...

Which of the following can be performed when an element of the company policy cannot be enforced by technical means?

Timestamps and sequence numbers act as countermeasures against which of the following types of attacks?

Which of the following would be used as a secure substitute for Telnet?

Which of the following is described as an attack against an application using a malicious file?

Which of the following assessment techniques would a security administrator implement to ensure that systems and software are developed properly?

Which of the following would a security administrator implement in order to identify a problem between two applications that are not communicating properly?

Which of the following would a security administrator implement in order to identify change from the standard configuration on a server?

Which of the following tools would a security administrator use in order to identify all running services throughout an organization?

Which of the following protocols provides transport security for virtual terminal emulation?

Based on information leaked to industry websites, business management is concerned that unauthorized employees are accessing critical project information for a major, well-known ne...

A set of standardized system images with a pre-defined set of applications is used to build end- user workstations. The security administrator has scanned every workstation to crea...

A perimeter survey finds that the wireless network within a facility is easily reachable outside of the physical perimeter. Which of the following should be adjusted to mitigate th...

Which of the following would verify that a threat does exist and security controls can easily be bypassed without actively testing an application?

Connections using point-to-point protocol authenticate using which of the following? (Select TWO).

Which of the following will help prevent smurf attacks?

An advantage of virtualizing servers, databases, and office applications is:

A major security risk with co-mingling of hosts with different security requirements is:

Which of the following attacks targets high level executives to gain company information?

Which of the following can be used as an equipment theft deterrent?

At the outside break area, an employee, Ann, asked another employee to let her into the building because her badge is missing. Which of the following does this describe?

A company that has a mandatory vacation policy has implemented which of the following controls?

Ann, a company's security officer, often receives reports of unauthorized personnel having access codes to the cipher locks of secure areas in the building. Ann should immediately...

Which of the following is the MOST intrusive type of testing against a production system?

The IT department has installed new wireless access points but discovers that the signal extends far into the parking lot. Which of the following actions should be taken to correct...

The helpdesk reports increased calls from clients reporting spikes in malware infections on their systems. Which of the following phases of incident response is MOST appropriate as...

Which of the following protocols would be used to verify connectivity between two remote devices at the HIGHEST level of the OSI model?

Which of the following devices would be MOST useful to ensure availability when there are a large number of requests to a certain website?

Which of the following uses port 22 by default? (Select THREE).

Ann, a software developer, has installed some code to reactivate her account one week after her account has been disabled. Which of the following is this an example of? (Select TWO...

The string: ` or 1=1-- - represents which of the following?

Joe, an administrator, installs a web server on the Internet that performs credit card transactions for customer payments. Joe also sets up a second web server that looks like the...

Which of the following can Joe, a security administrator, implement on his network to capture attack details that are occurring while also protecting his production network?

Which of the following should Joe, a security manager, implement to reduce the risk of employees working in collusion to embezzle funds from his company?

Ann, a security technician, is reviewing the IDS log files. She notices a large number of alerts for multicast packets from the switches on the network. After investigation, she di...

Joe, a security analyst, asks each employee of an organization to sign a statement saying that they understand how their activities may be monitored. Which of the following BEST de...

A process in which the functionality of an application is tested without any knowledge of the internal mechanisms of the application is known as:

Which of the following tools would allow Ann, the security administrator, to be able to BEST quantify all traffic on her network?

Which of the following should an administrator implement to research current attack methodologies?

Which of the following consists of peer assessments that help identify security threats and vulnerabilities?

Ann is starting a disaster recovery program. She has gathered specifics and team members for a meeting on site. Which of the following types of tests is this?

An internal auditing team would like to strengthen the password policy to support special characters. Which of the following types of password controls would achieve this goal?

Which of the following can be implemented in hardware or software to protect a web server from cross-site scripting attacks?

Ann, the software security engineer, works for a major software vendor. Which of the following practices should be implemented to help prevent race conditions, buffer overflows, an...

Ann, a security analyst, is preparing for an upcoming security audit. To ensure that she identifies unapplied security controls and patches without attacking or compromising the sy...

Ann, the security administrator, received a report from the security technician, that an unauthorized new user account was added to the server over two weeks ago. Which of the foll...

Which of the following ports should be opened on a firewall to allow for NetBIOS communication? (Select TWO).

Joe, the systems administrator, is setting up a wireless network for his team's laptops only and needs to prevent other employees from accessing it. Which of the following would BE...