Free Sharing Lead2pass Exam Dumps

Free Download All The Latest Cisco, Microsoft, CompTIA, Oracle, VCP, CISSP Questions And Answers

Free Online Latest 2014 Pass4sure&Lead2pass CompTIA SY0-301 Dumps (351-360)

Which of the following ports should be opened on a firewall to allow for NetBIOS communication? (Select TWO).

A.    110
B.    137
C.    139
D.    143
E.    161
F.    443

Answer: BC

Joe, the systems administrator, is setting up a wireless network for his team’s laptops only and needs to prevent other employees from accessing it. Which of the following would BEST address this?

A.    Disable default SSID broadcasting.
B.    Use WPA instead of WEP encryption.
C.    Lower the access point’s power settings.
D.    Implement MAC filtering on the access point.

Answer: D

After Ann, a user, logs into her banking websites she has access to her financial institution mortgage, credit card, and brokerage websites as well. Which of the following is being described?

A.    Trusted OS
B.    Mandatory access control
C.    Separation of duties
D.    Single sign-on

Answer: D

Which of the following means of wireless authentication is easily vulnerable to spoofing?

A.    MAC Filtering
B.    WPA – LEAP
C.    WPA – PEAP
D.    Enabled SSID

Answer: A

Which of the following is a way to implement a technical control to mitigate data loss in case of a mobile device theft?

A.    Disk encryption
B.    Encryption policy
C.    Solid state drive
D.    Mobile device policy

Answer: A

The BEST methods for a web developer to prevent the website application code from being vulnerable to cross-site request forgery (XSRF) is to: (Select TWO).

A.    Permit redirection to Internet-facing web URLs.
B.    Ensure all HTML tags are enclosed in angle brackets, e.g., “<” and “>”.
C.    Validate and filter input on the server side and client side.
D.    Use a web proxy to pass website requests between the user and the application.
E.    Restrict and sanitize use of special characters in input and URLs.

Answer: CE

When an order was submitted via the corporate website, an administrator noted special characters (e.g., “;–” and “or 1=1 –“) were input instead of the expected letters and numbers. Which of the following is the MOST likely reason for the unusual results?

A.    The user is attempting to highjack the web server session using an open-source browser.
B.    The user has been compromised by a cross-site scripting attack (XSS) and is part of a botnet performing
DDoS attacks.
C.    The user is attempting to fuzz the web server by entering foreign language characters which are
incompatible with the website.
D.    The user is sending malicious SQL injection strings in order to extract sensitive company or customer
data via the website.

Answer: D

When a communications plan is developed for disaster recovery and business continuity plans, the MOST relevant items to include would be: (Select TWO).

A.    Methods and templates to respond to press requests, institutional and regulatory reporting requirements.
B.    Methods to exchange essential information to and from all response team members, employees, suppliers,
and customers.
C.    Developed recovery strategies, test plans, post-test evaluation and update processes.
D.    Defined scenarios by type and scope of impact and dependencies, with quantification of loss potential.
E.    Methods to review and report on system logs, incident response, and incident handling.

Answer: AB

Key elements of a business impact analysis should include which of the following tasks?

A.    Develop recovery strategies, prioritize recovery, create test plans, post-test evaluation, and update processes.
B.    Identify institutional and regulatory reporting requirements, develop response teams and communication
trees, and develop press release templates.
C.    Employ regular preventive measures such as patch management, change management, antivirus and
vulnerability scans, and reports to management.
D.    Identify critical assets systems and functions, identify dependencies, determine critical downtime limit,
define scenarios by type and scope of impact, and quantify loss potential.

Answer: D

End-user awareness training for handling sensitive personally identifiable information would include secure storage and transmission of customer:

A.    Date of birth.
B.    First and last name.
C.    Phone number.
D.    Employer name.

Answer: A

If you want to pass CompTIA SY0-301 successfully, donot missing to read latest lead2pass CompTIA SY0-301 exam questions.
If you can master all lead2pass questions you will able to pass 100% guaranteed.

Lead2pass Testking Pass4sure Actualtests Others
$99.99 $124.99 $125.99 $189 $29.99-$49.99
Real Questions
Error Correction
Printable PDF
Premium VCE
VCE Simulator
One Time Purchase
Instant Download
Unlimited Install
100% Pass Guarantee
100% Money Back