SY0-401 (v.4)
Sara, the security administrator, must configure the corpNACorate firewall to allow all public IPaddresses on the internal interface of the firewall to be translated to one public IP address on theexternal interface of the same firewall. Which of the following should Sara configure?
PAT
NAP
DNAT
NAC
Which of the following devices is MOST likely being used when processing the following? 1 PERMIT IP ANY ANY EQ 80, 2 DENY IP ANY ANY
Firewall
NIPS
Load balancer
URL filter
The security administrator at ABC company received the following log information from an external party: 10:45:01 EST, SRC 10.4.3.7:3056, DST 8.4.2.1:80, ALERT, Directory traversal 10:45:02 EST, SRC 10.4.3.7:3057, DST 8.4.2.1:80, ALERT, Account brute force 10:45:03 EST, SRC 10.4.3.7:3058, DST 8.4.2.1:80, ALERT, Port scan The external party is reporting attacks coming from abc-company.com. Which of the following is the reason the ABC company’s security administrator is unable to determine the origin of the attack?
A NIDS was used in place of a NIPS.
The log is not in UTC
The external party uses a firewall.
ABC company uses PAT.
Which of the following security devices can be replicated on a Linux based computer using IP tables to inspect and properly handle network based traffic?
Sniffer
Router
Switch
Firewall
Which of the following firewall types inspects Ethernet traffic at the MOST levels of the OSI model?
Packet Filter Firewall
Stateful Firewall
Application Firewall
Proxy Firewall
The Chief Information Security Officer (CISO) has mandated that all IT systems with credit card data be segregated from the main corporate network to prevent unauthorized access and that access to the IT systems should be logged. Which of the following would BEST meet the CISO’s requirements?
Sniffers
NIDS
Firewalls
Web proxies
Layer 2 switches
Which of the following network design elements allows for many internal devices to share one public IP address?
DNAT
PAT
DNS
DMZ
Which of the following is a best practice when securing a switch from physical access?
Disable unnecessary accounts
Print baseline configuration
Enable access lists
Disable unused ports
Which of the following devices would be MOST useful to ensure availability when there are a large number of requests to a certain website?
Protocol analyze
Load balancer
VPN concentrator
Web security gateway
Pete, the system administrator, wishes to monitor and limit users’ access to external websites. Which of the following would BEST address this?
Block all traffic on port 80.
Implement NIDS.
Use server load balancers.
Install a proxy server.
Mike, a network administrator, has been asked to passively monitor network traffic to the company’s sales websites. Which of the following would be BEST suited for this task?
HIDS
Firewall
Spam filter
NIPS
Which of the following should be deployed to prevent the transmission of malicious traffic between virtual machines hosted on a singular physical device on a network?
HIPS on each virtual machine
NIPS on the network
NIDS on the network
HIDS on each virtual machine
Pete, a security administrator, has observed repeated attempts to break into the network. Which of the following is designed to stop an intrusion on the network?
NIPS
HIDS
HIPS
NIDS
An administrator is looking to implement a security device which will be able to not only detect network intrusions at the organization level, but help defend against them as well. Which of the following is being described here?
NIDS
NIPS
HIPS
HIDS
In intrusion detection system vernacular, which account is responsible for setting the security policy for an organization?
Supervisor
Administrator
Root
Director
When performing the daily review of the system vulnerability scans of the network Joe, the administrator, noticed several security related vulnerabilities with an assigned vulnerability identification number. Joe researches the assigned vulnerability identification number from the vendor website. Joe proceeds with applying the recommended solution for identified vulnerability. Which of the following is the type of vulnerability described?
Network based
IDS
Signature based
Host based
The network security engineer just deployed an IDS on the network, but the Chief Technical Officer (CTO) has concerns that the device is only able to detect known anomalies. Which of the following types of IDS has been deployed?
Signature Based IDS
Heuristic IDS
Behavior Based IDS
Anomaly Based IDS
Joe, the Chief Technical Officer (CTO), is concerned about new malware being introduced into the corporate network. He has tasked the security engineers to implement a technology that is capable of alerting the team when unusual traffic is on the network. Which of the following types of technologies will BEST address this scenario?
Application Firewall
Anomaly Based IDS
Proxy Firewall
Signature IDS
Matt, an administrator, notices a flood fragmented packet and retransmits from an email server. After disabling the TCP offload setting on the NIC, Matt sees normal traffic with packets flowing in sequence again. Which of the following utilities was he MOST likely using to view this issue?
Spam filter
Protocol analyzer
Load balancer
Web application firewall
Which of the following components of an all-in-one security appliance would MOST likely be configured in order to restrict access to peer-to-peer file sharing websites?
Spam filter
URL filter
Content inspection
Malware inspection
Pete, the system administrator, wants to restrict access to advertisements, games, and gambling web sites. Which of the following devices would BEST achieve this goal?
Firewall
Switch
URL content filter
Spam filter
The administrator receives a call from an employee named Joe. Joe says the Internet is down and he is receiving a blank page when typing to connect to a popular sports website. The administrator asks Joe to try visiting a popular search engine site, which Joe reports as successful. Joe then says that he can get to the sports site on this phone. Which of the following might the administrator need to configure?
The access rules on the IDS
The pop up blocker in the employee’s browser
The sensitivity level of the spam filter
The default block page on the URL filter
Layer 7 devices used to prevent specific types of html tags are called:
Firewalls
Content filters
Routers
NIDS
Pete, an employee, attempts to visit a popular social networking site but is blocked. Instead, a page is displayed notifying him that this site cannot be visited. Which of the following is MOST likely blocking Pete’s access to this site?
Internet content filter
Firewall
Protocol analyzer
Proxy server
A review of the company’s network traffic shows that most of the malware infections are caused by users visiting gambling and gaming websites. The security manager wants to implement a solution that will block these websites, scan all web traffic for signs of malware, and block the malware before it enters the company network. Which of the following is suited for this purpose?
ACL
IDS
UTM
Firewall
Which of the following is BEST at blocking attacks and providing security at layer 7 of the OSI model?
WAF
NIDS
Routers
Switches
Which of the following should the security administrator implement to limit web traffic based on country of origin? (Select THREE).
Spam filter
Load balancer
Antivirus
Proxies
Firewall
NIDS
URL filtering
A security engineer is reviewing log data and sees the output below: POST: /payload.php HTTP/1.1 HOST: localhost Accept: */* Referrer: http://localhost/ HTTP/1.1 403 Forbidden Connection: close Log: Access denied with 403. Pattern matches form bypass Which of the following technologies was MOST likely being used to generate this log?
Web application firewall
Network-based Intrusion Detection System
Stateful Inspection Firewall
URL Content Filter
An administrator would like to review the effectiveness of existing security in the enterprise. Which of the following would be the BEST place to start?
Review past security incidents and their resolution
Implement an intrusion prevention system
Rewrite the existing security policy
Install honey pot systems
A company has proprietary mission critical devices connected to their network which are configured remotely by both employees and approved customers. The administrator wants to monitor device security without changing their baseline configuration. Which of the following should be implemented to secure the devices without risking availability?
Host-based firewall
IDS
Honeypot
IPS
Which of the following firewall rules only denies DNS zone transfers?
Deny udp any any port 53
Deny ip any any
Deny tcp any any port 53
Deny all dns packets
A security administrator suspects that an increase in the amount of TFTP traffic on the network is due to unauthorized file transfers, and wants to configure a firewall to block all TFTP traffic. Which of the following would accomplish this task?
Deny TCP port 68
Deny TCP port 69
Deny UDP port 68
Deny UDP port 69
Sara, a security technician, has received notice that a vendor coming in for a presentation will require access to a server outside of the network. Currently, users are only able to access remote sites through a VPN connection. How could Sara BEST accommodate the vendor?
Allow incoming IPSec traffic into the vendor’s IP address.
Set up a VPN account for the vendor, allowing access to the remote site.
Turn off the firewall while the vendor is in the office, allowing access to the remote site.
Write a firewall rule to allow the vendor to have access to the remote site.
A technician is deploying virtual machines for multiple customers on a single physical host to reduce power consumption in a data center. Which of the following should be recommended to isolate the VMs from one another?
Implement a virtual firewall
Install HIPS on each VM
Virtual switches with VLANs
Develop a patch management guide
A router has a single Ethernet connection to a switch. In the router configuration, the Ethernet interface has three sub-interfaces, each configured with ACLs applied to them and 802.1q trunks. Which of the following is MOST likely the reason for the sub-interfaces?
The network uses the subnet of 255.255.255.128.
The switch has several VLANs configured on it.
The sub-interfaces are configured for VoIP traffic.
The sub-interfaces each implement quality of service.
Joe, a technician at the local power plant, notices that several turbines had ramp up in cycles during the week. Further investigation by the system engineering team determined that a timed .exe file had been uploaded to the system control console during a visit by international contractors. Which of the following actions should Joe recommend?
Create a VLAN for the SCADA
Enable PKI for the MainFrame
Implement patch management
Implement stronger WPA2 Wireless
The security administrator needs to manage traffic on a layer 3 device to support FTP from a new remote site. Which of the following would need to be implemented?
Implicit deny
VLAN management
Port security
Access control lists
Matt, the network engineer, has been tasked with separating network traffic between virtual machines on a single hypervisor. Which of the following would he implement to BEST address this requirement? (Select TWO).
Virtual switch
System partitioning
Access-list
Disable spanning tree
VLAN
A database administrator contacts a security administrator to request firewall changes for a connection to a new internal application. The security administrator notices that the new application uses a port typically monopolized by a virus. The security administrator denies the request and suggests a new port or service be used to complete the application’s task. Which of the following is the security administrator practicing in this example?
Explicit deny
Port security
Access control lists
Implicit deny
An administrator needs to connect a router in one building to a router in another using Ethernet. Each router is connected to a managed switch and the switches are connected to each other via a fiber line. Which of the following should be configured to prevent unauthorized devices from connecting to the network?
Configure each port on the switches to use the same VLAN other than the default one
Enable VTP on both switches and set to the same domain
Configure only one of the routers to run DHCP services
Implement port security on the switches
{"name":"SY0-401 (v.4)", "url":"https://www.quiz-maker.com/QPREVIEW","txt":"Sara, the security administrator, must configure the corpNACorate firewall to allow all public IPaddresses on the internal interface of the firewall to be translated to one public IP address on theexternal interface of the same firewall. Which of the following should Sara configure?, Which of the following devices is MOST likely being used when processing the following? 1 PERMIT IP ANY ANY EQ 80, 2 DENY IP ANY ANY, The security administrator at ABC company received the following log information from an external party: 10:45:01 EST, SRC 10.4.3.7:3056, DST 8.4.2.1:80, ALERT, Directory traversal 10:45:02 EST, SRC 10.4.3.7:3057, DST 8.4.2.1:80, ALERT, Account brute force 10:45:03 EST, SRC 10.4.3.7:3058, DST 8.4.2.1:80, ALERT, Port scan The external party is reporting attacks coming from abc-company.com. Which of the following is the reason the ABC company’s security administrator is unable to determine the origin of the attack?","img":"https://cdn.poll-maker.com/7-367989/1.jpg?sz=1200-000003100053"}