QUESTION 221
An internal auditor is concerned with privilege creep that is associated with transfers inside the company. Which mitigation measure would detect and correct this?
A. User rights reviews
B. Least privilege and job rotation
C. Change management
D. Change Control
Answer: A
QUESTION 222
Which of the following is the default port for TFTP?
A. 20
B. 69
C. 21
D. 68
Answer: B
QUESTION 223
Which of the following concepts are included on the three sides of the “security triangle”? (Select THREE).
A. Confidentiality
B. Availability
C. Integrity
D. Authorization
E. Authentication
F. Continuity
Answer: ABC
QUESTION 224
Which of the following concepts allows an organization to group large numbers of servers together in order to deliver a common service?
A. Clustering
B. RAID
C. Backup Redundancy
D. Cold site
Answer: A
QUESTION 225
Which of the following security concepts identifies input variables which are then used to perform boundary testing?
A. Application baseline
B. Application hardening
C. Secure coding
D. Fuzzing
Answer: D
QUESTION 226
Users need to exchange a shared secret to begin communicating securely. Which of the following is another name for this symmetric key?
A. Session Key
B. Public Key
C. Private Key
D. Digital Signature
Answer: A
QUESTION 227
Which of the following cryptographic related browser settings allows an organization to communicate securely?
A. SSL 3.0/TLS 1.0
B. 3DES
C. Trusted Sites
D. HMAC
Answer: A
QUESTION 228
Which of the following is the BEST reason to provide user awareness and training programs for organizational staff?
A. To ensure proper use of social media
B. To reduce organizational IT risk
C. To detail business impact analyses
D. To train staff on zero-days
Answer: B
QUESTION 229
A firewall technician has been instructed to disable all non-secure ports on a corporate firewall. The technician has blocked traffic on port 21, 69, 80, and 137-139. The technician has allowed traffic on ports 22 and 443. Which of the following correctly lists the protocols blocked and allowed?
A. Blocked: TFTP, HTTP, NetBIOS; Allowed: HTTPS, FTP
B. Blocked: FTP, TFTP, HTTP, NetBIOS; Allowed: SFTP, SSH, SCP, HTTPS
C. Blocked: SFTP, TFTP, HTTP, NetBIOS; Allowed: SSH, SCP, HTTPS
D. Blocked: FTP, HTTP, HTTPS; Allowed: SFTP, SSH, SCP, NetBIOS
Answer: B
QUESTION 230
A security administrator is responsible for performing periodic reviews of user permission settings due to high turnover and internal transfers at a corporation. Which of the following BEST describes the procedure and security rationale for performing such reviews?
A. Review all user permissions and group memberships to ensure only the minimum set of permissions
required to perform a job is assigned.
B. Review the permissions of all transferred users to ensure new permissions are granted so the employee
can work effectively.
C. Ensure all users have adequate permissions and appropriate group memberships, so the volume of
help desk calls is reduced.
D. Ensure former employee accounts have no permissions so that they cannot access any network file stores
and resources.
Answer: A
If you want to pass CompTIA SY0-301 successfully, donot missing to read latest lead2pass CompTIA SY0-301 dumps.
If you can master all lead2pass questions you will able to pass 100% guaranteed.
http://www.lead2pass.com/SY0-301.html
Lead2pass | Testking | Pass4sure | Actualtests | Others | |
$99.99 | $124.99 | $125.99 | $189 | $29.99-$49.99 | |
Up-to-Dated | ✔ | ✖ | ✖ | ✖ | ✖ |
Real Questions | ✔ | ✖ | ✖ | ✖ | ✖ |
Error Correction | ✔ | ✖ | ✖ | ✖ | ✖ |
Printable PDF | ✔ | ✖ | ✖ | ✖ | ✖ |
Premium VCE | ✔ | ✖ | ✖ | ✖ | ✖ |
VCE Simulator | ✔ | ✖ | ✖ | ✖ | ✖ |
One Time Purchase | ✔ | ✖ | ✖ | ✖ | ✖ |
Instant Download | ✔ | ✖ | ✖ | ✖ | ✖ |
Unlimited Install | ✔ | ✖ | ✖ | ✖ | ✖ |
100% Pass Guarantee | ✔ | ✖ | ✖ | ✖ | ✖ |
100% Money Back | ✔ | ✖ | ✖ | ✖ | ✖ |