Free Sharing Lead2pass Exam Dumps

Free Download All The Latest Cisco, Microsoft, CompTIA, Oracle, VCP, CISSP Questions And Answers

Free Online Latest 2014 Pass4sure&Lead2pass CompTIA SY0-301 Dumps (211-220)

QUESTION 211
A security administrator is concerned about the strength of user’s passwords. The company does not want to implement a password complexity policy. Which of the following can the security administrator implement to mitigate the risk of an online password attack against users with weak passwords?

A.    Increase the password length requirements
B.    Increase the password history
C.    Shorten the password expiration period
D.    Decrease the account lockout time

Answer: C

QUESTION 212
A company has purchased an application that integrates into their enterprise user directory for account authentication. Users are still prompted to type in their usernames and passwords. Which of the following types of authentication is being utilized here?

A.    Separation of duties
B.    Least privilege
C.    Same sign-on
D.    Single sign-on

Answer: C

QUESTION 213
Which of the following are Data Loss Prevention (DLP) strategies that address data in transit issues? (Select TWO).

A.    Scanning printing of documents.
B.    Scanning of outbound IM (Instance Messaging).
C.    Scanning copying of documents to USB.
D.    Scanning of SharePoint document library.
E.    Scanning of shared drives.
F.    Scanning of HTTP user traffic.

Answer: BF

QUESTION 214
A user casually browsing the Internet is redirected to a warez site where a number of pop-ups appear. After clicking on a pop-up to complete a survey, a drive-by download occurs. Which of the following is MOST likely to be contained in the download?

A.    Backdoor
B.    Spyware
C.    Logic bomb
D.    DDoS
E.    Smurf

Answer: B

QUESTION 215
A security administrator plans on replacing a critical business application in five years. Recently, there was a security flaw discovered in the application that will cause the IT department to manually re-enable user accounts each month at a cost of $2,000. Patching the application today would cost $140,000 and take two months to implement. Which of the following should the security administrator do in regards to the application?

A.    Avoid the risk to the user base allowing them to re-enable their own accounts
B.    Mitigate the risk by patching the application to increase security and saving money
C.    Transfer the risk replacing the application now instead of in five years
D.    Accept the risk and continue to enable the accounts each month saving money

Answer: D

QUESTION 216
The IT department has setup a share point site to be used on the intranet. Security has established the groups and permissions on the site. No one may modify the permissions and all requests for access are centrally managed by the security team. This is an example of which of the following control types?

A.    Rule based access control
B.    Mandatory access control
C.    User assigned privilege
D.    Discretionary access control

Answer: D

QUESTION 217
Purchasing receives a phone call from a vendor asking for a payment over the phone. The phone number displayed on the caller ID matches the vendor’s number. When the purchasing agent asks to call the vendor back, they are given a different phone number with a different area code. Which of the following attack types is this?

A.    Hoax
B.    Impersonation
C.    Spear phishing
D.    Whaling

Answer: B

QUESTION 218
Purchasing receives an automated phone call from a bank asking to input and verify credit card information. The phone number displayed on the caller ID matches the bank. Which of the following attack types is this?

A.    Hoax
B.    Phishing
C.    Vishing
D.    Whaling

Answer: C

QUESTION 219
The IT department has setup a website with a series of questions to allow end users to reset their own accounts. Which of the following account management practices does this help?

A.    Account Disablements
B.    Password Expiration
C.    Password Complexity
D.    Password Recovery

Answer: D

QUESTION 220
An information bank has been established to store contacts, phone numbers and other records. A UNIX application needs to connect to the index server using port 389. Which of the following authentication services should be used on this port by default?

A.    RADIUS
B.    Kerberos
C.    TACACS+
D.    LDAP

Answer: D

If you want to pass CompTIA SY0-301 successfully, donot missing to read latest lead2pass CompTIA SY0-301 practice exams.
If you can master all lead2pass questions you will able to pass 100% guaranteed.

http://www.lead2pass.com/SY0-301.html

Lead2pass Testking Pass4sure Actualtests Others
$99.99 $124.99 $125.99 $189 $29.99-$49.99
Up-to-Dated
Real Questions
Error Correction
Printable PDF
Premium VCE
VCE Simulator
One Time Purchase
Instant Download
Unlimited Install
100% Pass Guarantee
100% Money Back