CompTIA Security+ (2008 Edition) Exam)
Answers, Braindumps (SY0-201)
Guaranteed Questions for Comptia Security+ exam. I only
used www.exams.ws guide and i was through.
An important component of a good data retention policy
A. backup software licensing
B. offsite storage
C. magnetic media sorting
D. server drive redundancy
Quest No: 2
Patch management must be combined with full-featured
systems management to be effective. Determining which
patches are needed, applying the patches and which of
the following are three generally accepted activities
of patch management?
A. Backing up the patch file executables to a network
B. Updating the firewall configuration to include the
C. Auditing for the successful application of the patches
D. Running a NIDS report to list the remaining vulnerabilities
Quest No: 3
Which of the following tools limits external access
to the network?
Quest No: 4
Which of the following tools was created for the primary
purpose of reporting the services that are open for
connection on a networked workstation?
A. Protocol analyzer
B. Port scanner
C. Password crackers
D. Vulnerability scanner
Quest No: 5
Which of the following is not an organizational policy
that reduces the impact of fraud?
A. job rotation.
B. password complexity rules.
C. escorting procedures.
D. separation of duties.
Quest No: 6
Upon opening the browser, a guest user is redirected
to the company portal and asked to agree to the acceptable
use policy. Which of the following is MOST likely causing
this to appear?
Quest No: 7
USB devices with a virus delivery mechanism are an example
of which of the following security threats?
D. Logic bombs
Quest No: 8
Cell phones with network access and the ability to store
data files are susceptible to which of the following
A. Input validation errors
B. SMTP open relays
D. Logic bombs
Quest No: 9
When establishing a connection between two IP based
routers, which of the following protocols is the MOST
Quest No: 10
Documentation describing a group expected minimum behavior
is known as:
A. the need to know
B. acceptable usage
C. the separation of duties
D. a code of ethics
Quest No: 11
Which of the following access control technologies provides
a rolling password for one-time use?
A. RSA tokens
C. Multifactor authentication
D. PIV card
Quest No: 12
Which of the following technologies is used to verify
that a file was not altered?
Quest No: 13
Which of the following uses an RC4 key that can be discovered
by eavesdropping on plain text initialization vectors?
Quest No: 14
An administrator wants to crack passwords on a server
with an account lockout policy. Which of the following
would allow this without locking accounts?
A. Try guessing passwords slow enough to reset the bad
B. Try guessing passwords with brute force.
C. Copy the passwordfile offline and perform the attack
D. Try only real dictionary words.
Quest No: 15
A user reports that each time they attempt to go to
a legitimate website, they are sent to an inappropriate
website. The security administrator suspects the user
may have malware on the computer, which manipulated
some of the user's files. Which of the following files
on the user's system would need to be checked for unauthorized
Quest No: 16
An administrator needs to limit and monitor the access
users have to the Internet and protect the internal
network. Which of the following would MOST likely be
A. A heuristic firewall
B. DNS caching on the client machines
C. A pushed update modifying users' local host file
D. A content-filtering proxy server
Quest No: 17
Which of the following would be an example of a high-availability
A. Load balancing
D. Remote access
Quest No: 18
The security administrator needs to make a change in
the network to accommodate a new remote location. The
new location will be connected by a serial interface,
off the main router, through a commercial circuit. This
remote site will also have traffic completely separated
from all other traffic. Which of the following design
elements will need to be implemented to accommodate
the new location?
A. VLANs need to be added on the switch but not the
B. The NAT needs to be re-configured to allow the remote
C. The current IP scheme needs to besubnetted.
D. The switch needs to be virtualized and a new DMZ
needs to be created
Quest No: 19
Which of the following is the MOST secure authentication
Quest No: 20
Network traffic is data in a network. Which tool can
be used to review network traffic for clear text passwords?
B. Protocol analyzer
C. Password cracker
D. Port scanner