Free Sharing Lead2pass Exam Dumps

Free Download All The Latest Cisco, Microsoft, CompTIA, Oracle, VCP, CISSP Questions And Answers

Free Online Latest 2014 Pass4sure&Lead2pass CompTIA SY0-301 Dumps (261-270)

QUESTION 261
A recent computer breach has resulted in the incident response team needing to perform a forensics examination. Upon examination, the forensics examiner determines that they cannot tell which captured hard drive was from the device in question. Which of the following would have prevented the confusion experienced during this examination?

A.    Perform routine audit
B.    Chain of custody
C.    Evidence labeling
D.    Hashing the evidence

Answer: C

QUESTION 262
An IT staff member was entering the datacenter when another person tried to piggyback into the datacenter as the door was opened. While the IT staff member attempted to question the other individual by politely asking to see their badge, the individual refused and ran off into the datacenter. Which of the following should the IT staff member do NEXT?

A.    Call the police while tracking the individual on the closed circuit television system
B.    Contact the forensics team for further analysis
C.    Chase the individual to determine where they are going and what they are doing
D.    Contact the onsite physical security team with a description of the individual

Answer: D

QUESTION 263
During a recent user awareness and training session, a new staff member asks the Chief Information Security Officer (CISO) why the company does not allow personally owned devices into the company facilities. Which of the following represents how the CISO should respond?

A.    Company A views personally owned devices as creating an unacceptable risk to the organizational IT systems.
B.    Company A has begun to see zero-day attacks against personally owned devices disconnected from the network.
C.    Company A believes that staff members should be focused on their work while in the company’s facilities.
D.    Company A has seen social engineering attacks against personally owned devices and does not allow their use.

Answer: A

QUESTION 264
A user has received an email from an external source which asks for details on the company’s new product line set for release in one month. The user has a detailed spec sheet but it is marked “Internal Proprietary Information”. Which of the following should the user do NEXT?

A.    Contact their manager and request guidance on how to best move forward
B.    Contact the help desk and/or incident response team to determine next steps
C.    Provide the requestor with the email information since it will be released soon anyway
D.    Reply back to the requestor to gain their contact information and call them

Answer: B

QUESTION 265
Which of the following techniques enables a highly secured organization to assess security weaknesses in real time?

A.    Access control lists
B.    Continuous monitoring
C.    Video surveillance
D.    Baseline reporting

Answer: B

QUESTION 266
Which of the following techniques can be used to prevent the disclosure of system information resulting from arbitrary inputs when implemented properly?

A.    Fuzzing
B.    Patch management
C.    Error handling
D.    Strong passwords

Answer: C

QUESTION 267
Encryption of data at rest is important for sensitive information because of which of the following?

A.    Facilitates tier 2 support, by preventing users from changing the OS
B.    Renders the recovery of data harder in the event of user password loss
C.    Allows the remote removal of data following eDiscovery requests
D.    Prevents data from being accessed following theft of physical equipment

Answer: D

QUESTION 268
Which of the following is synonymous with a server’s certificate?

A.    Public key
B.    CRL
C.    Private key
D.    Recovery agent

Answer: A

QUESTION 269
A network administrator noticed various chain messages have been received by the company. Which of the following security controls would need to be implemented to mitigate this issue?

A.    Anti-spam
B.    Antivirus
C.    Host-based firewalls
D.    Anti-spyware

Answer: A

QUESTION 270
Which of the following types of application attacks would be used to specifically gain unauthorized information from databases that did not have any input validation implemented?

A.    SQL injection
B.    Session hijacking and XML injection
C.    Cookies and attachments
D.    Buffer overflow and XSS

Answer: A

If you want to pass CompTIA SY0-301 successfully, donot missing to read latest lead2pass CompTIA SY0-301 practice exams.
If you can master all lead2pass questions you will able to pass 100% guaranteed.

http://www.lead2pass.com/SY0-301.html

Lead2pass Testking Pass4sure Actualtests Others
$99.99 $124.99 $125.99 $189 $29.99-$49.99
Up-to-Dated
Real Questions
Error Correction
Printable PDF
Premium VCE
VCE Simulator
One Time Purchase
Instant Download
Unlimited Install
100% Pass Guarantee
100% Money Back