SY0-301 Practice Questions

Which of the following provides a static record of all certificates that are no longer valid?

A company requires that a user's credentials include providing something they know and something they are in order to gain access to the network. Which of the following types of au...

A company wants to ensure that all credentials for various systems are saved within a central database so that users only have to login once for access to all systems. Which of the...

A server with the IP address of 10.10.2.4 has been having intermittent connection issues. The logs show repeated connection attempts from the following IP: 10.10.3.23 These attempt...

Physical documents must be incinerated after a set retention period is reached. Which of the following attacks does this action remediate?

All executive officers have changed their monitor location so it cannot be easily viewed when passing by their offices. Which of the following attacks does this action remediate?

Which of the following protocols is vulnerable to man-in-the-middle attacks by NOT using end to end TLS encryption?

A security administrator has been tasked with setting up a new internal wireless network that must use end to end TLS. Which of the following may be used to meet this objective?

After viewing wireless traffic, an attacker notices the following networks are being broadcasted by local access points: Corpnet Coffeeshop FreePublicWifi Using this information th...

A server administrator notes that a legacy application often stops running due to a memory error. When reviewing the debugging logs, they notice code being run calling an internal...

Key cards at a bank are not tied to individuals, but rather to organizational roles. After a break in, it becomes apparent that extra efforts must be taken to successfully pinpoint...

After running into the data center with a vehicle, attackers were able to enter through the hole in the building and steal several key servers in the ensuing chaos. Which of the fo...

Which of the following ciphers would be BEST used to encrypt streaming video?

A CA is compromised and attacks start distributing maliciously signed software updates. Which of the following can be used to warn users about the malicious activity?

After encrypting all laptop hard drives, an executive officer's laptop has trouble booting to the operating system. Now that it is successfully encrypted the helpdesk cannot retrie...

Which of the following devices is MOST likely being used when processing the following? 1 PERMIT IP ANY ANY EQ 80 2 DENY IP ANY ANY

The security administrator at ABC company received the following log information from an external party: 10:45:01 EST, SRC 10.4.3.7:3056, DST 8.4.2.1:80, ALERT, Directory traversal...

A user attempting to log on to a workstation for the first time is prompted for the following information before being granted access: username, password, and a four-digit security...

The security administrator is implementing a malware storage system to archive all malware seen by the company into a central database. The malware must be categorized and stored b...

The security administrator installed a newly generated SSL certificate onto the company web server. Due to a mis-configuration of the website, a downloadable file containing one of...

After analyzing and correlating activity from multiple sensors, the security administrator has determined that a group of very well organized individuals from an enemy country is r...

Which of the following was launched against a company based on the following IDS log? 122.41.15.252 - - [21/May/2012:00:17:20 +1200] "GET /index.php?username=AAAAAAAAAAAAAAAAAAAAAA...

The security administrator is analyzing a user's history file on a Unix server to determine if the user was attempting to break out of a rootjail. Which of the following lines in t...

A software development company has hired a programmer to develop a plug-in module to an existing proprietary application. After completing the module, the developer needs to test t...

A security administrator must implement all requirements in the following corporate policy: Passwords shall be protected against offline password brute force attacks. Passwords sha...

Which of the following is a best practice for error and exception handling?

A merchant acquirer has the need to store credit card numbers in a transactional database in a high performance environment. Which of the following BEST protects the credit card da...

A team of firewall administrators have access to a `master password list' containing service account passwords. Which of the following BEST protects the master password list?

An SSL/TLS private key is installed on a corporate web proxy in order to inspect HTTPS requests. Which of the following describes how this private key should be stored so that it i...

An insurance company requires an account recovery process so that information created by an employee can be accessed after that employee is no longer with the firm. Which of the fo...

A small company has a website that provides online customer support. The company requires an account recovery process so that customers who forget their passwords can regain access...

A bank has a fleet of aging payment terminals used by merchants for transactional processing. The terminals currently support single DES but require an upgrade in order to be compl...

A new MPLS network link has been established between a company and its business partner. The link provides logical isolation in order to prevent access from other business partners...

Which of the following authentication services should be replaced with a more secure alternative?

A financial company requires a new private network link with a business partner to cater for real- time and batched data flows. Which of the following activities should be performe...

A customer has provided an email address and password to a website as part of the login process. Which of the following BEST describes the email address?

Which of the following is designed to ensure high availability of web based applications?

After a number of highly publicized and embarrassing customer data leaks as a result of social engineering attacks by phone, the Chief Information Officer (CIO) has decided user tr...

Human Resources (HR) would like executives to undergo only two specific security training programs a year. Which of the following provides the BEST level of security training for t...

Which of the following provides data the best fault tolerance at the LOWEST cost?

The librarian wants to secure the public Internet kiosk PCs at the back of the library. Which of the following would be the MOST appropriate? (Select TWO).

Which of the following functions provides an output which cannot be reversed and converts data into a string of characters?

Which of the following encrypts data a single bit at a time?

A system administrator wants to enable WPA2 CCMP. Which of the following is the only encryption used?

Which of the following is used to verify data integrity?

Two programmers write a new secure application for the human resources department to store personal identifiable information. The programmers make the application available to them...

Everyone in the accounting department has the ability to print and sign checks. Internal audit has asked that only one group of employees may print checks while only two other empl...

The security department has implemented a new laptop encryption product in the environment. The product requires one user name and password at the time of boot up and also another...

The Human Resources department has a parent shared folder setup on the server. There are two groups that have access, one called managers and one called staff. There are many sub f...

The finance department works with a bank which has recently had a number of cyber attacks. The finance department is concerned that the banking website certificates have been compr...