Free Download Latest 2014 Pass4sure&Lead2pass CompTIA SY0-401 Dumps (161-170)

QUESTION 161
Which of the following transportation encryption protocols should be used to ensure maximum security between a web browser and a web server?

A.    SSLv2
B.    SSHv1
C.    RSA
D.    TLS

Answer: D

QUESTION 162
Developers currently have access to update production servers without going through an approval process. Which of the following strategies would BEST mitigate this risk?

A.    Incident management
B.    Clean desk policy
C.    Routine audits
D.    Change management

Answer: D

QUESTION 163
Which of the following is a difference between TFTP and FTP?

A.    TFTP is slower than FTP.
B.    TFTP is more secure than FTP.
C.    TFTP utilizes TCP and FTP uses UDP.
D.    TFTP utilizes UDP and FTP uses TCP.

Answer: D

QUESTION 164
Matt, an administrator, notices a flood fragmented packet and retransmits from an email server. After disabling the TCP offload setting on the NIC, Matt sees normal traffic with packets flowing in sequence again. Which of the following utilities was he MOST likely using to view this issue?

A.    Spam filter
B.    Protocol analyzer
C.    Web application firewall
D.    Load balancer

Answer: B

QUESTION 165
Which of the following is characterized by an attacker attempting to map out an organization’s staff hierarchy in order to send targeted emails?

A.    Whaling
B.    Impersonation
C.    Privilege escalation
D.    Spear phishing

Answer: A

QUESTION 166
Which of the following would a security administrator implement in order to discover comprehensive security threats on a network?

A.    Design reviews
B.    Baseline reporting
C.    Vulnerability scan
D.    Code review

Answer: C

QUESTION 167
Which of the following is an example of a false positive?

A.    Anti-virus identifies a benign application as malware.
B.    A biometric iris scanner rejects an authorized user wearing a new contact lens.
C.    A user account is locked out after the user mistypes the password too many times.
D.    The IDS does not identify a buffer overflow.

Answer: A

QUESTION 168
Data execution prevention is a feature in most operating systems intended to protect against which type of attack?

A.    Cross-site scripting
B.    Buffer overflow
C.    Header manipulation
D.    SQL injection

Answer: B

QUESTION 169
Use of group accounts should be minimized to ensure which of the following?

A.    Password security
B.    Regular auditing
C.    Baseline management
D.    Individual accountability

Answer: D

QUESTION 170
Privilege creep among long-term employees can be mitigated by which of the following procedures?

A.    User permission reviews
B.    Mandatory vacations
C.    Separation of duties
D.    Job function rotation

Answer: A

If you want to pass CompTIA SY0-401 successfully, donot missing to read latest lead2pass CompTIA SY0-401 dumps.
If you can master all lead2pass questions you will able to pass 100% guaranteed.

http://www.lead2pass.com/SY0-401.html

         

Comments are closed.