REAL QUESTIONS SUBMIT MATERIAL ADVERTISE
Braindumps

Microsoft

Cisco

Citrix

CIW

CompTia

CWNA

Apple

Adobe

HP

Legato

Exin

Filemaker

Brocade

Ericsson

TIA

Veritas

ISEB

SCP

IISFA

ISM

OMG

Apc

Mile2

Foundry

Huawei

McData

Symantec

TeraData

RedHat

Solar Winds

Blue Coat

Riverbed

 

 
 
Click on name of dumper to view the dump
 
Hodson
 
 

Braindumps of BR0-001
CompTIA Bridge Exam - Security+

 

I would like to thank www.braindumps.org for providing help in such a manner. It was really of great help.


QUESTION NO: 1
An important component of a good data retention policy is:
A. backup software licensing
B. offsite storage
C. magnetic media sorting
D. server drive redundancy
Answer: B


QUESTION NO: 2
On a remote machine, which action will you usually take to determine the operating system?
A. MAC flooding
B. System fingerprinting
C. DNS spoofing
D. Privilege escalation
Answer: B


QUESTION NO: 3
For the following sites, which one has the means (e.g. equipment, software, and communications) to facilitate a full recovery within minutes?
A. Cold site
B. Hot site
C. Warm site
D. Reciprocal site
Answer: B


QUESTION NO: 4
Which of the following is not an organizational policy that reduces the impact of fraud?
A. job rotation.
B. password complexity rules.
C. escorting procedures.
D. separation of duties.
Answer: B


QUESTION NO: 5
Choose the access control method which provides the most granular access to protected objects?
A. Capabilities
B. Access control lists
C. Permission bits
D. Profiles
Answer: B


QUESTION NO: 6
Why malware that uses virtualization techniques is difficult to detect?
A. The malware may be implementing a proxy server for command and control.
B. A portion of the malware may have been removed by the IDS.
C. The malware may be using a Trojan to infect the system.
D. The malware may be running at a more privileged level than the antivirus software.
Answer: D


QUESTION NO: 7
Which one of the following options is an attack launched from multiple zombie machines in attempt to bring down a service?
A. TCP/IP hijacking
B. DoS
C. DDoS
D. Man-in-the-middle
Answer: C


QUESTION NO: 8
You work as the network administrator at certways .com. The certways .com network uses the RBAC (Role Based Access Control) model. You must plan the security strategy for users to access resources on the certways .com network. The types of resources you must control access to are mailboxes, and files and printers. Certways.com is divided into distinct departments and functions named Finance, Sales, Research and Development, and Production respectively. Each user has its own workstation, and accesses resources based on the department wherein he/she works. You must determine which roles to create to support the RBAC (Role Based Access Control) model. Which of the following roles should you create?
A. Create mailbox, and file and printer roles.
B. Create Finance, Sales, Research and Development, and Production roles.
C. Create user and workstation roles.
D. Create allow access and deny access roles.
Answer: B


QUESTION NO: 9
In computing, a stateful firewall (any firewall that performs stateful packet inspection (SPI) or stateful inspection) is a firewall that keeps track of the state of network connections (such as TCP streams, UDP communication) traveling across it. You have been studying stateful packet inspection and want to perform this security technique on the network. Which device will you use to BEST utilize stateful packet inspection?
A. Switch
B. Hub
C. IDS
D. Firewall
Answer: D


QUESTION NO: 10
Which method could identify when unauthorized access has occurred?
A. Implement session termination mechanism.
B. Implement previous logon notification.
C. Implement session lock mechanism.
D. Implement two-factor authentication.
Answer: B


QUESTION NO: 11
On the topic of the DAC (Discretionary Access Control) model, choose the statement(s) which are TRUE.
A. All files that do not have a specified owner cannot be modified.
B. The system administrator is an owner of all objects.
C. The operating system is an owner of all objects.
D. All objects have an owner, and this owner has full control over that specific object.
Answer: D


QUESTION NO: 12
The Public Key Infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, store, distribute, and revoke digital certificates. An executive uses PKI to encrypt sensitive emails sent to an assistant. In addition to encrypting the body of the email, the executive wants to encrypt the signature so that the assistant can verify that the email actually came from the executive. Which asymmetric key should be used by the executive to encrypt the signature?
A. Shared
B. Private
C. Hash
D. Public
Answer: B


QUESTION NO: 13
Why implement security logging on a DNS server?
A. To monitor unauthorized zone transfers
B. To perform penetration testing on the DNS server
C. To control unauthorized DNSDoS
D. To measure the DNS server performance
Answer: A


QUESTION NO: 14
Which one of the following items will permit an administrator to find weak passwords on the network?
A. A password generator
B. A networkmapper
C. A hash function
D. A rainbow table
Answer: D


QUESTION NO: 15
Choose the access control model that allows access control determinations to be performed based on the security labels associated with each user and each data item.
A. MACs (Mandatory Access Control) method
B. RBACs (Role Based Access Control) method
C. LBACs (List Based Access Control) method
D. DACs (Discretionary Access Control) method
Answer: A


QUESTION NO: 16
A programmer plans to change the server variable in the coding of an authentication function for a proprietary sales application. Which process should be followed before implementing the new routine on the production application server?
A. Change management
B. Secure disposal
C. Password complexity
D. Chain of custody
Answer: A


BR0-001


 

 

 

Braindumps Real exam questions and verified answers - 100% passing guarantee - cheap prices.

 

Free brain dumps Braindumps, notes, books for free

 

Braindumps and Exams - Instant download real exam questions - Passing guarantee.

Follow us on FaceBook
Braindumps on Facebook
 
 
 
 
 

CheckPoint

Linux

Novell

DB/2

Network Appliance

EC-Council

Nortel

McAfee

Juniper

ISACA

PMI

Sybase

EMC

HDI

SNIA

ISC

Sair

IBM

Lotus

Exam Express

3COM

BICSI

DeLL

Enterasys

Extreme Networks

Guidance Software

Computer Associates

Network General

SAS Institute

Alcatel Lucent

SeeBeyond

TruSecure

Polycom

Hyperion

Hitachi

Nokia

Fortinet

Vmware

Fujitsu

Tibco

Intel

PostgreSQLCE

BusinessObjects

RESSoftware

BlackBerry

AccessData

ICDL

Isilon

SAP

The Open Group

ACSM

Altiris

Avaya

Cognos

F5

Genesys

SDI

ACI

ASQ

Google

H3C

HIPAA

HRCI

SOA

IIBA

Zend