SY0-301 Practice Questions

After Ann, a user, logs into her banking websites she has access to her financial institution mortgage, credit card, and brokerage websites as well. Which of the following is being...

Which of the following means of wireless authentication is easily vulnerable to spoofing?

Which of the following is a way to implement a technical control to mitigate data loss in case of a mobile device theft?

The BEST methods for a web developer to prevent the website application code from being vulnerable to cross-site request forgery (XSRF) is to: (Select TWO).

When an order was submitted via the corporate website, an administrator noted special characters (e.g., ";--" and "or 1=1 --") were input instead of the expected letters and number...

When a communications plan is developed for disaster recovery and business continuity plans, the MOST relevant items to include would be: (Select TWO).

Key elements of a business impact analysis should include which of the following tasks?

End-user awareness training for handling sensitive personally identifiable information would include secure storage and transmission of customer:

Jane, a security administrator, needs to implement a secure wireless authentication method that uses a remote RADIUS server for authentication. Which of the following authenticatio...

Which of the following risk mitigation strategies will allow Ann, a security analyst, to enforce least privilege principles?

The security officer is preparing a read-only USB stick with a document of important personal phone numbers, vendor contacts, an MD5 program, and other tools to provide to employee...

To ensure proper evidence collection, which of the following steps should be preformed FIRST?

Joe, the security administrator, has determined that one of his web servers is under attack. Which of the following can help determine where the attack originated from?

Joe, the system administrator, is performing an overnight system refresh of hundreds of user computers. The refresh has a strict timeframe and must have zero downtime during busine...

A program displays: ERROR: this program has caught an exception and will now terminate. Which of the following is MOST likely accomplished by the program's behavior?

A security administrator wants to deploy a physical security control to limit an individual's access into a sensitive area. Which of the following should be implemented?

A network administrator uses an RFID card to enter the datacenter, a key to open the server rack, and a username and password to logon to a server. These are examples of which of t...

Which of the following results in datacenters with failed humidity controls? (Select TWO).

An online store wants to protect user credentials and credit card information so that customers can store their credit card information and use their card for multiple separate tra...

A network administrator is configuring access control for the sales department which has high employee turnover. Which of the following is BEST suited when assigning user rights to...

A security administrator is reviewing the below output from a password auditing tool: P@ss. @pW1. S3cU4 Which of the following additional policies should be implemented based on th...

Joe, a user, in a coffee shop is checking his email over a wireless network. An attacker records the temporary credentials being passed to Joe's browser. The attacker later uses th...

A security architect wishes to implement a wireless network with connectivity to the company's internal network. Before they inform all employees that this network is being put in...

Digital certificates can be used to ensure which of the following? (Select TWO).

A network administrator is looking for a way to automatically update company browsers so they import a list of root certificates from an online source. This online source will then...

A security administrator has concerns about new types of media which allow for the mass distribution of personal comments to a select group of people. To mitigate the risks involve...

A network administrator is responsible for securing applications against external attacks. Every month, the underlying operating system is updated. There is no process in place for...

The software developer is responsible for writing the code and promoting from the development network to the quality network. The network administrator is responsible for promoting...

A software developer is responsible for writing the code on an accounting application. Another software developer is responsible for developing code on a system in human resources....

A quality assurance analyst is reviewing a new software product for security, and has complete access to the code and data structures used by the developers. This is an example of...

The security consultant is assigned to test a client's new software for security, after logs show targeted attacks from the Internet. To determine the weaknesses, the consultant ha...

Which of the following types of cryptography should be used when minimal overhead is necessary for a mobile device?

The server administrator has noted that most servers have a lot of free disk space and low memory utilization. Which of the following statements will be correct if the server admin...

Which of the following implementation steps would be appropriate for a public wireless hotspot?

Configuring key/value pairs on a RADIUS server is associated with deploying which of the following?

Which of the following preventative controls would be appropriate for responding to a directive to reduce the attack surface of a specific host?

A security analyst performs the following activities: monitors security logs, installs surveillance cameras and analyzes trend reports. Which of the following job responsibilities...

A certificate used on an ecommerce web server is about to expire. Which of the following will occur if the certificate is allowed to expire?

An administrator needs to segment internal traffic between layer 2 devices within the LAN. Which of the following types of network design elements would MOST likely be used?

The security administrator needs to restrict traffic on a layer 3 device to support FTP from a new remote site. Which of the following secure network administration principles will...

After a network outage, a PC technician is unable to ping various network devices. The network administrator verifies that those devices are working properly and can be accessed se...

Which of the following ports is used for SSH, by default?

The security administrator has been tasked to update all the access points to provide a more secure connection. All access points currently use WPA TKIP for encryption. Which of th...

After a recent security breach, the network administrator has been tasked to update and backup all router and switch configurations. The security administrator has been tasked to e...

Various network outages have occurred recently due to unapproved changes to network and security devices. All changes were made using various system credentials. The security analy...

Which of the following concepts is used by digital signatures to ensure integrity of the data?

A security analyst discovered data such as images and word documents hidden within different types of files. Which of the following cryptographic concepts describes what was discov...

Which of the following concepts describes the use of a one way transformation in order to validate the integrity of a program?

A network administrator has been tasked with securing the WLAN. Which of the following cryptographic products would be used to provide the MOST secure environment for the WLAN?

Recent data loss on financial servers due to security breaches forced the system administrator to harden their systems. Which of the following algorithms with transport encryption...