Free Sharing Lead2pass Exam Dumps

Free Download All The Latest Cisco, Microsoft, CompTIA, Oracle, VCP, CISSP Questions And Answers

Free Online Latest 2014 Pass4sure&Lead2pass CompTIA SY0-301 Dumps (341-350)

QUESTION 341
A process in which the functionality of an application is tested without any knowledge of the internal mechanisms of the application is known as:

A.    Black box testing
B.    White box testing
C.    Black hat testing
D.    Gray box testing

Answer: A

QUESTION 342
Which of the following tools would allow Ann, the security administrator, to be able to BEST quantify all traffic on her network?

A.    Honeypot
B.    Port scanner
C.    Protocol analyzer
D.    Vulnerability scanner

Answer: C

QUESTION 343
Which of the following should an administrator implement to research current attack methodologies?

A.    Design reviews
B.    Honeypot
C.    Vulnerability scanner
D.    Code reviews

Answer: B

QUESTION 344
Which of the following consists of peer assessments that help identify security threats and vulnerabilities?

A.    Risk assessment
B.    Code reviews
C.    Baseline reporting
D.    Alarms

Answer: B

QUESTION 345
Ann is starting a disaster recovery program. She has gathered specifics and team members for a meeting on site. Which of the following types of tests is this?

A.    Structured walk through
B.    Full Interruption test
C.    Check list test
D.    Table top exercise

Answer: A

QUESTION 346
An internal auditing team would like to strengthen the password policy to support special characters. Which of the following types of password controls would achieve this goal?

A.    Add reverse encryption
B.    Password complexity
C.    Increase password length
D.    Allow single sign on

Answer: B

QUESTION 347
Which of the following can be implemented in hardware or software to protect a web server from cross-site scripting attacks?

A.    Intrusion Detection System
B.    Flood Guard Protection
C.    Web Application Firewall
D.    URL Content Filter

Answer: C

QUESTION 348
Ann, the software security engineer, works for a major software vendor. Which of the following practices should be implemented to help prevent race conditions, buffer overflows, and other similar vulnerabilities prior to each production release?

A.    Product baseline report
B.    Input validation
C.    Patch regression testing
D.    Code review

Answer: D

QUESTION 349
Ann, a security analyst, is preparing for an upcoming security audit. To ensure that she identifies unapplied security controls and patches without attacking or compromising the system, Ann would use which of the following?

A.    Vulnerability scanning
B.    SQL injection
C.    Penetration testing
D.    Antivirus update

Answer: A

QUESTION 350
Ann, the security administrator, received a report from the security technician, that an unauthorized new user account was added to the server over two weeks ago. Which of the following could have mitigated this event?

A.    Routine log audits
B.    Job rotation
C.    Risk likelihood assessment
D.    Separation of duties

Answer: A

If you want to pass CompTIA SY0-301 successfully, donot missing to read latest lead2pass CompTIA SY0-301 dumps.
If you can master all lead2pass questions you will able to pass 100% guaranteed.

http://www.lead2pass.com/SY0-301.html

Lead2pass Testking Pass4sure Actualtests Others
$99.99 $124.99 $125.99 $189 $29.99-$49.99
Up-to-Dated
Real Questions
Error Correction
Printable PDF
Premium VCE
VCE Simulator
One Time Purchase
Instant Download
Unlimited Install
100% Pass Guarantee
100% Money Back