Free Sharing Lead2pass Exam Dumps

Free Download All The Latest Cisco, Microsoft, CompTIA, Oracle, VCP, CISSP Questions And Answers

Free Online Latest 2014 Pass4sure&Lead2pass CompTIA SY0-301 Dumps (370-380)

QUESTION 371
An online store wants to protect user credentials and credit card information so that customers can store their credit card information and use their card for multiple separate transactions. Which of the following database designs provides the BEST security for the online store?

A.    Use encryption for the credential fields and hash the credit card field
B.    Encrypt the username and hash the password
C.    Hash the credential fields and use encryption for the credit card field
D.    Hash both the credential fields and the credit card field

Answer: C

QUESTION 372
A network administrator is configuring access control for the sales department which has high employee turnover. Which of the following is BEST suited when assigning user rights to individuals in the sales department?

A.    Time of day restrictions
B.    Group based privileges
C.    User assigned privileges
D.    Domain admin restrictions

Answer: B

QUESTION 373
A security administrator is reviewing the below output from a password auditing tool:
P@ss.
@pW1.
S3cU4
Which of the following additional policies should be implemented based on the tool’s output?

A.    Password age
B.    Password history
C.    Password length
D.    Password complexity

Answer: C

QUESTION 374
Joe, a user, in a coffee shop is checking his email over a wireless network. An attacker records the temporary credentials being passed to Joe’s browser. The attacker later uses the credentials to impersonate Joe and creates SPAM messages. Which of the following attacks allows for this impersonation?

A.    XML injection
B.    Directory traversal
C.    Header manipulation
D.    Session hijacking

Answer: D

QUESTION 375
A security architect wishes to implement a wireless network with connectivity to the company’s internal network. Before they inform all employees that this network is being put in place, the architect wants to roll it out to a small test segment. Which of the following allows for greater secrecy about this network during this initial phase of implementation?

A.    Disabling SSID broadcasting
B.    Implementing WPA2 – TKIP
C.    Implementing WPA2 – CCMP
D.    Filtering test workstations by MAC address

Answer: A

QUESTION 376
Digital certificates can be used to ensure which of the following? (Select TWO).

A.    Availability
B.    Confidentiality
C.    Verification
D.    Authorization
E.    Non-repudiation

Answer: BE

QUESTION 377
A network administrator is looking for a way to automatically update company browsers so they import a list of root certificates from an online source. This online source will then be responsible for tracking which certificates are to be trusted or not trusted. Which of the following BEST describes the service that should be implemented to meet these requirements?

A.    Trust model
B.    Key escrow
C.    OCSP
D.    PKI

Answer: A

QUESTION 378
A security administrator has concerns about new types of media which allow for the mass distribution of personal comments to a select group of people. To mitigate the risks involved with this media, employees should receive training on which of the following?

A.    Peer to Peer
B.    Mobile devices
C.    Social networking
D.    Personally owned devices

Answer: C

QUESTION 379
A network administrator is responsible for securing applications against external attacks. Every month, the underlying operating system is updated. There is no process in place for other software updates. Which of the following processes could MOST effectively mitigate these risks?

A.    Application hardening
B.    Application change management
C.    Application patch management
D.    Application firewall review

Answer: C

QUESTION 380
The software developer is responsible for writing the code and promoting from the development network to the quality network. The network administrator is responsible for promoting code to the production application servers. Which of the following practices are they following to ensure application integrity?

A.    Job rotation
B.    Implicit deny
C.    Least privilege
D.    Separation of duties

Answer: D

If you want to pass CompTIA SY0-301 successfully, donot missing to read latest lead2pass CompTIA SY0-301 practice exams.
If you can master all lead2pass questions you will able to pass 100% guaranteed.

http://www.lead2pass.com/SY0-301.html

Lead2pass Testking Pass4sure Actualtests Others
$99.99 $124.99 $125.99 $189 $29.99-$49.99
Up-to-Dated
Real Questions
Error Correction
Printable PDF
Premium VCE
VCE Simulator
One Time Purchase
Instant Download
Unlimited Install
100% Pass Guarantee
100% Money Back