CompTIA SY0-301 Dumps and Practice Tests

CompTIA Security+ Certification Exam: SY0-301 Exam

  • SY0-301 Questions & Answers
  • Exam Code: SY0-301
  • Exam Name: CompTIA Security+ Certification Exam
  • Updated: February 14, 2012
  • Q & A: 305 Q&As

Lead2Pass CompTIA Security+ SY0-301 exam questions which contain almost 100% correct answers are tested and approved by senior CompTIA lecturers and experts. They have been devoting themselves to providing candidates with the best study materials to make sure what they get are valuable. SY0-301 practice tests are written to the highest standards of technical accuracy which can make you succeed in the exam.

Matt, a server administrator, sets up database forms based on security rating levels. If a user has the lowest security rating then the database automatically determines what access that user has. Which of the following access control methods does this describe?
A.    Mandatory access control
B.    Role based access control
C.    Rule based access control
D.    Discretionary access control
Answer: A

Which of the following is a best practice when securing a switch from physical access?
A.    Disable unnecessary accounts
B.    Print baseline configuration
C.    Enable access lists
D.    Disable unused ports
Answer: D

When Pete, an employee, leaves a company, which of the following should be updated to ensure Pete's security access is reduced or eliminated?
A.    RSA
B.    CA
C.    PKI
D.    CRL
Answer: D

Pete, a security administrator, has observed repeated attempts to break into the network. Which of the following is designed to stop an intrusion on the network?
A.    NIPS
B.    HIDS
C.    HIPS
D.    NIDS
Answer: A

Which of the following controls mitigates the risk of Matt, an attacker, gaining access to a company network by using a former employee's credential?
A.    Account expiration
B.    Password complexity
C.    Account lockout
D.    Dual factor authentication
Answer: A

Jane, an IT security technician working at a bank, has implemented encryption between two locations. Which of the following security concepts BEST exemplifies the protection provided by this example?
A.    Integrity
B.    Confidentiality
C.    Cost
D.    Availability
Answer: B

Which of the following mitigates the risk of proprietary information being compromised?
A.    Cloud computing
B.    Digital signatures
C.    File encryption
D.    Virtualization
Answer: C

Which of the following should Pete, an administrator, use to verify the integrity of a downloaded file?
A.    CRL
B.    CSR
C.    AES
D.    MD5
Answer: D

While Sara is logging into the server from her workstation, she notices Pete watching her enter the username and password. Which of the following social engineering attacks is Pete executing?
A.    Impersonation
B.    Tailgating
C.    Piggybacking
D.    Shoulder surfing
Answer: D

Which of the following is the MOST important security requirement for mobile devices storing PII?
A.    Remote data wipe
B.    GPS location service
C.    VPN pass-through
D.    WPA2 wireless
Answer: A

The log management system at Company A is inadequate to meet the standards required by their corporate governance team. A new automated log management system has been put in place.
This is an example of which of the following?
A.    Data integrity measurement
B.    Network traffic analysis
C.    Risk acceptance process
D.    Continuous monitoring
Answer: D

Several users' computers are no longer responding normally and sending out spam email to the users' entire contact list. This is an example of which of the following?
A.    Trojan virus
B.    Botnet
C.    Worm outbreak
D.    Logic bomb
Answer: C

Which of the following should Sara, a security technician, perform as the FIRST step when creating a disaster recovery plan for a mission critical accounting system?
A.    Implementing redundant systems
B.    Removal of single points of failure
C.    Succession planning
D.    Business impact assessment
Answer: D

Which of the following is the MOST secure protocol for Pete, an administrator, to use for managing network devices?
A.    FTP
C.    FTPS
D.    SSH
Answer: D

Which of the following is an example of authentication using something Jane, a user, has and something she knows?
A.    GSM phone card and PIN
B.    Username and password
C.    Username and PIN
D.    Fingerprint scan and signature
Answer: A

Which of the following is the BEST incident response procedure to take when a previous employee enters a facility?
A.    Notify Computer Emergency Response Team (CERT) of the security breach to document it.
B.    Take screenshots of the employee's workstation.
C.    Take hashes of the employee's workstation.
D.    Notify security to identify employee's whereabouts.
Answer: D

Which of the following activities should be completed in order to detect anomalies on a network?
A.    Incident management
B.    Change management
C.    User permissions reviews
D.    Log reviews
Answer: D

Which of the following reduces the likelihood of a single point of failure when a server fails?
A.    Clustering
B.    Virtualization
C.    RAID
D.    Cold site
Answer: A

Jane, a security administrator, wants to prevent users in sales from accessing their servers after
6:00 p.m., and prevent them from accessing accounting's network at all times. Which of the following should Jane implement to accomplish these goals? (Select TWO).
A.    Separation of duties
B.    Time of day restrictions
C.    Access control lists
D.    Mandatory access control
E.    Single sign-on
Answer: BC

Which of the following describes the ability for a third party to verify the sender or recipient of a given electronic message during authentication?
A.    Entropy
B.    Principle of least privilege
C.    Non-repudiation
D.    Code signing
Answer: C