Free Sharing Lead2pass Exam Dumps

Free Download All The Latest Cisco, Microsoft, CompTIA, Oracle, VCP, CISSP Questions And Answers

Free Online Latest 2014 Pass4sure&Lead2pass CompTIA SY0-301 Dumps (351-360)

QUESTION 351
Which of the following ports should be opened on a firewall to allow for NetBIOS communication? (Select TWO).

A.    110
B.    137
C.    139
D.    143
E.    161
F.    443

Answer: BC

QUESTION 352
Joe, the systems administrator, is setting up a wireless network for his team’s laptops only and needs to prevent other employees from accessing it. Which of the following would BEST address this?

A.    Disable default SSID broadcasting.
B.    Use WPA instead of WEP encryption.
C.    Lower the access point’s power settings.
D.    Implement MAC filtering on the access point.

Answer: D

QUESTION 353
After Ann, a user, logs into her banking websites she has access to her financial institution mortgage, credit card, and brokerage websites as well. Which of the following is being described?

A.    Trusted OS
B.    Mandatory access control
C.    Separation of duties
D.    Single sign-on

Answer: D

QUESTION 354
Which of the following means of wireless authentication is easily vulnerable to spoofing?

A.    MAC Filtering
B.    WPA – LEAP
C.    WPA – PEAP
D.    Enabled SSID

Answer: A

QUESTION 355
Which of the following is a way to implement a technical control to mitigate data loss in case of a mobile device theft?

A.    Disk encryption
B.    Encryption policy
C.    Solid state drive
D.    Mobile device policy

Answer: A

QUESTION 356
The BEST methods for a web developer to prevent the website application code from being vulnerable to cross-site request forgery (XSRF) is to: (Select TWO).

A.    Permit redirection to Internet-facing web URLs.
B.    Ensure all HTML tags are enclosed in angle brackets, e.g., “<” and “>”.
C.    Validate and filter input on the server side and client side.
D.    Use a web proxy to pass website requests between the user and the application.
E.    Restrict and sanitize use of special characters in input and URLs.

Answer: CE

QUESTION 357
When an order was submitted via the corporate website, an administrator noted special characters (e.g., “;–” and “or 1=1 –“) were input instead of the expected letters and numbers. Which of the following is the MOST likely reason for the unusual results?

A.    The user is attempting to highjack the web server session using an open-source browser.
B.    The user has been compromised by a cross-site scripting attack (XSS) and is part of a botnet performing
DDoS attacks.
C.    The user is attempting to fuzz the web server by entering foreign language characters which are
incompatible with the website.
D.    The user is sending malicious SQL injection strings in order to extract sensitive company or customer
data via the website.

Answer: D

QUESTION 358
When a communications plan is developed for disaster recovery and business continuity plans, the MOST relevant items to include would be: (Select TWO).

A.    Methods and templates to respond to press requests, institutional and regulatory reporting requirements.
B.    Methods to exchange essential information to and from all response team members, employees, suppliers,
and customers.
C.    Developed recovery strategies, test plans, post-test evaluation and update processes.
D.    Defined scenarios by type and scope of impact and dependencies, with quantification of loss potential.
E.    Methods to review and report on system logs, incident response, and incident handling.

Answer: AB

QUESTION 359
Key elements of a business impact analysis should include which of the following tasks?

A.    Develop recovery strategies, prioritize recovery, create test plans, post-test evaluation, and update processes.
B.    Identify institutional and regulatory reporting requirements, develop response teams and communication
trees, and develop press release templates.
C.    Employ regular preventive measures such as patch management, change management, antivirus and
vulnerability scans, and reports to management.
D.    Identify critical assets systems and functions, identify dependencies, determine critical downtime limit,
define scenarios by type and scope of impact, and quantify loss potential.

Answer: D

QUESTION 360
End-user awareness training for handling sensitive personally identifiable information would include secure storage and transmission of customer:

A.    Date of birth.
B.    First and last name.
C.    Phone number.
D.    Employer name.

Answer: A

If you want to pass CompTIA SY0-301 successfully, donot missing to read latest lead2pass CompTIA SY0-301 exam questions.
If you can master all lead2pass questions you will able to pass 100% guaranteed.

http://www.lead2pass.com/SY0-301.html

Lead2pass Testking Pass4sure Actualtests Others
$99.99 $124.99 $125.99 $189 $29.99-$49.99
Up-to-Dated
Real Questions
Error Correction
Printable PDF
Premium VCE
VCE Simulator
One Time Purchase
Instant Download
Unlimited Install
100% Pass Guarantee
100% Money Back