REAL QUESTIONS SUBMIT MATERIAL ADVERTISE
Braindumps

Microsoft

Cisco

Citrix

CIW

CompTia

CWNA

Apple

Adobe

HP

Legato

Exin

Filemaker

Brocade

Ericsson

TIA

Veritas

ISEB

SCP

IISFA

ISM

OMG

Apc

Mile2

Foundry

Huawei

McData

Symantec

TeraData

RedHat

Solar Winds

Blue Coat

Riverbed

 

 
 
Click on name of dumper to view the dump
 

Kahlilia

Jonathan

 
 

 

Braindumps of SY0-101
Security+

Exam Questions, Answers, Braindumps (SY0-101)

My thanks to this sight and all those who put there braindumps on this site.

QUESTION 1
Which of the following would NOT be considered a method for managing the administration of accessibility?
A. DAC (Discretionary Access Control) list.
B. SAC (Subjective Access Control) list.
C. MAC (Mandatory Access Control) list.
D. RBAC (Role Based Access Control) list.
Answer: B
Explanation:
There is no such thing as a SAC (Subjective Access Control) list.
QUESTION 2
Access control decisions are based on responsibilities that an individual user or process has in an organization.
This best describes:
A. MAC (Mandatory Access Control)
B. RBAC (Role Based Access Control)
C. DAC (Discretionary Access Control)
D. None of the above.
Answer: B
Explanation:
The RBAC model allows a user to act in a certain predetermined manner based on the role the user holds in the organization. Users can be assigned certain roles system wide.
Reference:
Security + (SYBEX) page 12
QUESTION 3
Access controls that are created and administered by the data owner are considered:
A. MACs (Mandatory Access Control)
B. RBACs (Role Based Access Control)
C. LBACs (List Based Access Control)
D. DACs (Discretionary Access Control)
Answer: D
Explanation:
The DAC model allows the owner of a resource to establish privileges to the information they own. The DAC model would allow a user to share a file or use a file that someone else has shared. The DAC model establishes an ACL that identifies the users who have authorization to that information. This allows the owner to grant or revoke access to individuals or groups of individuals based on the situation. This model is dynamic in nature and allows information to be shared easily between users.
Reference:
Security + (SYBEX) page 12
QUESTION 4
An inherent flaw of DAC (Discretionary Access Control) relating to security is:
A. DAC (Discretionary Access Control) relies only on the identity of the user or process, leaving room for a Trojan horse.
B. DAC (Discretionary Access Control) relies on certificates, allowing attackers to use those certificates.
C. DAC (Discretionary Access Control) does not rely on the identity of a user, allowing anyone to use an account.
D. DAC (Discretionary Access Control) has no known security flaws.
Answer: A
Explanation:
In a DAC model, network users have some flexibility regarding how information is accessed. This model allows users to dynamically share information with other users. The process allows a more flexible environment, but it increases the risk of unauthorized disclosure of information. Administrators will have a more difficult time ensuring that information access is controlled and that only appropriate access is given.
Reference:
Security + (SYBEX) page 440
QUESTION 5
Which access control method provides the most granular access to protected objects?
A. Capabilities
B. Access control lists
C. Permission bits
D. Profiles
Answer: B
Explanation:
Access control lists enable devices in your network to ignore requests from specified users or systems, or grant certain network capabilities to them. ACLs allow a stronger set of access controls to be established in your network. The basic process of ACL control allows the administrator to design and adapt the network to deal with specific security threats.
Reference:
Security + (SYBEX) page 235.
QUESTION 6
An administrator is setting permissions on a file object in a network operating system which uses DAC (Discretionary Access Control). The ACL (Access Control List) of the file follows:
Owner: Read, Write, Execute User A: Read, Write, - User B: -, -, - (None) Sales:
Read,-, - Marketing: -, Write, - Other Read, Write, -
User "A" is the only owner of the file. User "B" is a member of the Sales group.
What effective permissions does User "B" have on the file with the above access list?
A. User B has no permissions on the file.
B. User B has read permissions on the file.
C. User B has read and write permissions on the file.
D. User B has read, write and execute permissions on the file.
Answer: A
Explanation:
The Owner is allowed to: Read, Write, & Execute
User A is allowed to: Read, Write, & -
Sales is allowed to: Read, -, -
Marketing is allowed to: -, Write, -
Others are allowed to: Red, Write, -
And User B is allowed to do nothing! -,-,-(None)
QUESTION 7
A security designer is planning the implementation of security mechanisms in a RBAC (Role Based Access Control) compliant system. The designer has determined that there are three types of resources in the system including files, printers, and mailboxes. The organization has four distinct departments with distinct functions including Sales, Marketing, Management, and Production. Each department needs access to different resources. Each user has a workstation. Which roles should be created to support the RBAC (Role Based Access Control) model?
A. file, printer, and mailbox roles
B. sales, marketing, management, and production roles
C. user and workstation roles
D. allow access and deny access roles
Answer: B
Explanation:
Each distinct department (sales, marketing, management, and production) has their own role in the company, which probably includes using the: filer server, print server, and mail server. So it would be wise to create roles for each department.
QUESTION 8
DAC (Discretionary Access Control) system operates which following statement:
A. Files that don't have an owner CAN NOT be modified.
B. The administrator of the system is an owner of each object.
C. The operating system is an owner of each object.
D. Each object has an owner, which has full control over the object.
Answer: D
Explanation:
The DAC model allows the owner of a resource to establish privileges to the information they own. The DAC model would allow a user to share a file or use a file that someone else has shared. The DAC model establishes an ACL that identifies the users who have authorized to that information. This allows the owner to grant or revoke access to individuals or group of individuals based on the situation. This model is dynamic in nature and allows information to be shared easily between users.
Reference:
Security + (SYBEX) page 12
QUESTION 9
What are access decisions based on in a MAC (Mandatory Access Control) environment?
A. Access control lists
B. Ownership
C. Group membership
D. Sensitivity labels
Answer: D
Explanation:
Mandatory Access Control is a strict hierarchical model usually associated with governments. All objects are given security labels known as sensitivity labels and are classified accordingly. Then all users are given specific security clearances as to what they are allowed to access.
Reference:
Security + (SYBEX) page

SY0-101

 

 

 

Braindumps Real exam questions and verified answers - 100% passing guarantee - cheap prices.

 

Free brain dumps Braindumps, notes, books for free

 

Braindumps and Exams - Instant download real exam questions - Passing guarantee.

Follow us on FaceBook
Braindumps on Facebook
 
 
 
 
 

CheckPoint

Linux

Novell

DB/2

Network Appliance

EC-Council

Nortel

McAfee

Juniper

ISACA

PMI

Sybase

EMC

HDI

SNIA

ISC

Sair

IBM

Lotus

Exam Express

3COM

BICSI

DeLL

Enterasys

Extreme Networks

Guidance Software

Computer Associates

Network General

SAS Institute

Alcatel Lucent

SeeBeyond

TruSecure

Polycom

Hyperion

Hitachi

Nokia

Fortinet

Vmware

Fujitsu

Tibco

Intel

PostgreSQLCE

BusinessObjects

RESSoftware

BlackBerry

AccessData

ICDL

Isilon

SAP

The Open Group

ACSM

Altiris

Avaya

Cognos

F5

Genesys

SDI

ACI

ASQ

Google

H3C

HIPAA

HRCI

SOA

IIBA

Zend