Use of group accounts should be minimized to ensure which of the following?
A. Password security
B. Regular auditing
C. Baseline management
D. Individual accountability
Privilege creep among long-term employees can be mitigated by which of the following procedures?
A. User permission reviews
B. Mandatory vacations
C. Separation of duties
D. Job function rotation
In which of the following scenarios is PKI LEAST hardened?
A. The CRL is posted to a publicly accessible location.
B. The recorded time offsets are developed with symmetric keys.
C. A malicious CA certificate is loaded on all the clients.
D. All public keys are accessed by an unauthorized user.
Configuring the mode, encryption methods, and security associations are part of which of the following?
B. Full disk encryption
Which of the following assessments would Pete, the security administrator, use to actively test that an application’s security controls are in place?
A. Code review
B. Penetration test
C. Protocol analyzer
D. Vulnerability scan
A security administrator has just finished creating a hot site for the company. This implementation relates to which of the following concepts?
C. Succession planning
In the initial stages of an incident response, Matt, the security administrator, was provided the hard drives in question from the incident manager. Which of the following incident response procedures would he need to perform in order to begin the analysis? (Select TWO).
A. Take hashes
B. Begin the chain of custody paperwork
C. Take screen shots
D. Capture the system image
E. Decompile suspicious files
Which of the following is used to certify intermediate authorities in a large PKI deployment?
A. Root CA
B. Recovery agent
C. Root user
D. Key escrow
Which of the following components MUST be trusted by all parties in PKI?
A. Key escrow
C. Private key
D. Recovery key
Which of the following should Matt, a security administrator, include when encrypting smartphones? (Select TWO).
A. Steganography images
B. Internal memory
C. Master boot records
D. Removable memory cards
E. Public keys
Which of the following is the below pseudo-code an example of? IF VARIABLE (CONTAINS NUMBERS = TRUE) THEN EXIT
A. Buffer overflow prevention
B. Input validation
C. CSRF prevention
D. Cross-site scripting prevention
A system administrator is using a packet sniffer to troubleshoot remote authentication. The administrator detects a device trying to communicate to TCP port 49. Which of the following authentication methods is MOST likely being attempted?
Which of the following can use RC4 for encryption? (Select TWO).
Which of the following defines a business goal for system restoration and acceptable data loss?
D. Warm site
If Organization A trusts Organization B and Organization B trusts Organization C, then Organization A trusts Organization C. Which of the following PKI concepts is this describing?
A. Transitive trust
B. Public key trust
C. Certificate authority trust
D. Domain level trust
Which of the following concepts is BEST described as developing a new chain of command in the event of a contingency?
A. Business continuity planning
B. Continuity of operations
C. Business impact analysis
D. Succession planning
Which of the following allows a company to maintain access to encrypted resources when employee turnover is high?
A. Recovery agent
B. Certificate authority
C. Trust model
D. Key escrow
Which of the following devices will help prevent a laptop from being removed from a certain location?
A. Device encryption
B. Cable locks
C. GPS tracking
D. Remote data wipes
Which of the following is the MOST secure protocol to transfer files?
Suspicious traffic without a specific signature was detected. Under further investigation, it was determined that these were false indicators. Which of the following security devices needs to be configured to disable future false alarms?
A. Signature based IPS
B. Signature based IDS
C. Application based IPS
D. Anomaly based IDS
PassLeader Share The Newest Real Exam SY0-301 Questions And Answers