最新的CompTIA Security+ Certification - SY0-401免費考試真題
Joe is the accounts payable agent for ABC Company. Joe has been performing accounts payable function for the ABC Company without any supervision. Management has noticed several new accounts without billing invoices that were paid. Which of the following is the BEST management option for review of the new accounts?
正確答案: A
說明:(僅 Fast2test 成員可見)
Which of the following are examples of network segmentation? (Select TWO).
正確答案: B,E
說明:(僅 Fast2test 成員可見)
A security analyst has a sample of malicious software and needs to know what the sample in a carefully controlled and monitored virtual machine to observe the software's behavior.
After the software has run, the analyst returns the virtual machines OS to a pre-defined know good state using what feature of virtualization?
After the software has run, the analyst returns the virtual machines OS to a pre-defined know good state using what feature of virtualization?
正確答案: C
A company would like to prevent the use of a known set of applications from being used on company computers. Which of the following should the security administrator implement?
正確答案: A
Which of the following allows lower level domains to access resources in a separate Public Key Infrastructure?
正確答案: C
說明:(僅 Fast2test 成員可見)
Which of the following exploits either a host file on a target machine or vulnerabilities on a DNS server in order to carry out URL redirection?
正確答案: D
Ann a security technician receives a report from a user that is unable to access an offsite SSN server. Ann checks the firewall and sees the following rules:
Allow TCP 80
Allow TCP 443
Deny TCP 23
Deny TCP 20
Deny TCP 21
Which of the following is preventing the users from accessing the SSH server?
Allow TCP 80
Allow TCP 443
Deny TCP 23
Deny TCP 20
Deny TCP 21
Which of the following is preventing the users from accessing the SSH server?
正確答案: A
DRAG DROP
A Security administrator wants to implement strong security on the company smart phones and terminal servers located in the data center. Drag and Drop the applicable controls to each asset type.
Instructions: Controls can be used multiple times and not all placeholders needs to be filled. When you have completed the simulation, Please select Done to submit.
A Security administrator wants to implement strong security on the company smart phones and terminal servers located in the data center. Drag and Drop the applicable controls to each asset type.
Instructions: Controls can be used multiple times and not all placeholders needs to be filled. When you have completed the simulation, Please select Done to submit.
正確答案:
Explanation:
Cable locks are used as a hardware lock mechanism - thus best used on a Data Center Terminal Server.
Network monitors are also known as sniffers - thus best used on a Data Center Terminal Server.
Install antivirus software. Antivirus software should be installed and definitions kept current on all hosts. Antivirus software should run on the server as well as on every workstation. In addition to active monitoring of incoming fi les, scans should be conducted regularly to catch any infections that have slipped through- thus best used on a Data Center Terminal Server.
Proximity readers are used as part of physical barriers which makes it more appropriate to use on a center's entrance to protect the terminal server.
Mentor app is an Apple application used for personal development and is best used on a mobile device such as a smart phone.
Remote wipe is an application that can be used on devices that are stolen to keep data safe. It is basically a command to a phone that will remotely clear the data on that phone.
This process is known as a remote wipe, and it is intended to be used if the phone is stolen or going to another user.
Should a device be stolen, GPS (Global Positioning System) tracking can be used to identify its location and allow authorities to find it - thus best used on a smart phone.
Screen Lock is where the display should be configured to time out after a short period of inactivity and the screen locked with a password. To be able to access the system again, the user must provide the password. After a certain number of attempts, the user should not be allowed to attempt any additional logons; this is called lockout - thus best used on a smart phone.
Strong Password since passwords are always important, but even more so when you consider that the device could be stolen and in the possession of someone who has unlimited access and time to try various values - thus best use strong passwords on a smartphone as it can be stolen more easily than a terminal server in a data center.
Device Encryption- Data should be encrypted on the device so that if it does fall into the wrong hands, it cannot be accessed in a usable form without the correct passwords. It is recommended to you use Trusted Platform Module (TPM) for all mobile devices where possible.
Use pop-up blockers. Not only are pop-ups irritating, but they are also a security threat.
Pop-ups (including pop-unders) represent unwanted programs running on the system, and they can jeopardize the system's well-being. This will be more effective on a mobile device rather than a terminal server.
Use host-based firewalls. A firewall is the first line of defense against attackers and malware. Almost every current operating system includes a firewall, and most are turned on by Default- thus best used on a Data Center Terminal Server.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 221, 222, 369, 418
http://www.mentor-app.com/
Which of the following techniques enables a highly secured organization to assess security weaknesses in real time?
正確答案: A
說明:(僅 Fast2test 成員可見)
An administrator is configuring a new Linux web server where each user account is confined to a cheroot jail. Which of the following describes this type of control?
正確答案: C
To ensure proper evidence collection, which of the following steps should be performed FIRST?
正確答案: B
說明:(僅 Fast2test 成員可見)
Which of the following security awareness training is BEST suited for data owners who are concerned with protecting the confidentiality of their data?
正確答案: A
說明:(僅 Fast2test 成員可見)