Vendor: CompTIA Exam Code: SY0-301 Exam Name: CompTIA Security+ Certification Exam Version: DEMO
Updated 7 Drag and Drop Questions and Simulator Questions. (See full version) QUESTION 1 Which of the following devices is BEST suited for servers that need to store private keys? A. B. C. D.
Hardware security module Hardened network firewall Solid state disk drive Hardened host firewall
QUESTION 2 All of the following are valid cryptographic hash functions EXCEPT: A. B. C. D.
RIPEMD RC4. SHA-512. MD4.
QUESTION 3 In regards to secure coding practices, why is input validation important? A. B. C. D.
It mitigates buffer overflow attacks. It makes the code more readable. It provides an application configuration baseline. It meets gray box testing standards.
QUESTION 4 Which of the following would be used when a higher level of security is desired for encryption key storage? A. B. C. D.
TACACS+ L2TP LDAP TPM
QUESTION 5 A security administrator needs to determine which system a particular user is trying to login to at various times of the day. Which of the following log types would the administrator check? A. Firewall
B. Application C. IDS D. Security Answer: D
QUESTION 6 Which of the following MUST be updated immediately when an employee is terminated to prevent unauthorized access? A. B. C. D.
Registration CA CRL Recovery agent
QUESTION 7 Employee badges are encoded with a private encryption key and specific personal information. The encoding is then used to provide access to the network. Which of the following describes this access control type? A. B. C. D.
Smartcard Token Discretionary access control Mandatory access control
QUESTION 8 Which of the following devices would MOST likely have a DMZ interface? A. B. C. D.
Firewall Switch Load balancer Proxy
QUESTION 9 Which of the following application security testing techniques is implemented when an automated system generates random input data? A. B. C. D.
Fuzzing XSRF Hardening Input validation
QUESTION 10 Which of the following can be used by a security administrator to successfully recover a user's forgotten password on a password protected file? A. B. C. D.
Cognitive password Password sniffing Brute force Social engineering
QUESTION 11 A security administrator wants to check user password complexity. Which of the following is the BEST tool to use? A. B. C. D.
Password history Password logging Password cracker Password hashing
QUESTION 12 Certificates are used for: (Select TWO). A. B. C. D. E.
Client authentication. WEP encryption. Access control lists. Code signing. Password hashing.
QUESTION 13 Which of the following is a hardware based encryption device? A. B. C. D.
EFS TrueCrypt TPM SLE
QUESTION 14 Which of the following BEST describes a protective countermeasure for SQL injection? A. Eliminating cross-site scripting vulnerabilities
B. Installing an IDS to monitor network traffic C. Validating user input in web applications D. Placing a firewall between the Internet and database servers Answer: C
QUESTION 15 Which of the following MOST interferes with network-based detection techniques? A. B. C. D.
Mime-encoding SSL FTP Anonymous email accounts
QUESTION 16 Which of the following best practices makes a wireless network more difficult to find? A. B. C. D.
Implement MAC filtering UseWPA2-PSK Disable SSD broadcast Power down unused WAPs
QUESTION 17 Sara, a user, downloads a keygen to install pirated software. After running the keygen, system performance is extremely slow and numerous antivirus alerts are displayed. Which of the following BEST describes this type of malware? A. B. C. D.
Logic bomb Worm Trojan Adware
QUESTION 18 The use of social networking sites introduces the risk of: A. B. C. D.
Disclosure of proprietary information Data classification issues Data availability issues Broken chain of custody