SY0-401 (v.4) 12
A software firm posts patches and updates to a publicly accessible FTP site. The software firm also posts digitally signed checksums of all patches and updates. The firm does this to address:
Integrity of downloaded software.
Availability of the FTP site.
Confidentiality of downloaded software.
Integrity of the server logs.
It is important to staff who use email messaging to provide PII to others on a regular basis to have confidence that their messages are not intercepted or altered during transmission. They are concerned about which of the following types of security control? A.
Integrity
Safety
Availability
Confidentiality
Matt, a security administrator, wants to ensure that the message he is sending does not get intercepted or modified in transit. This concern relates to which of the following concepts?
Availability
Integrity
Accounting
Confidentiality
Which of the following is used by the recipient of a digitally signed email to verify the identity of the sender?
Recipient’s private key
Sender’s public key
Recipient’s public key
Sender’s private key
Digital signatures are used for ensuring which of the following items? (Select TWO).
Confidentiality
Integrity
Non-Repudiation
Availability
Algorithm strength
Joe, a user, wants to send an encrypted email to Ann. Which of the following will Ann need to use to verify that the email came from Joe and decrypt it? (Select TWO).
The CA’s public key
Ann’s public key
Joe’s private key
Ann’s private key
The CA’s private key
Joe’s public key
Joe, a user, wants to send an encrypted email to Ann. Which of the following will Ann need to use to verify the validity’s of Joe’s certificate? (Select TWO).
The CA’s public key
Joe’s private key
Ann’s public key
The CA’s private key
Joe’s public key
Ann’s private key
A user was reissued a smart card after the previous smart card had expired. The user is able to log into the domain but is now unable to send digitally signed or encrypted email. Which of the following would the user need to perform?
Remove all previous smart card certificates from the local certificate store.
Publish the new certificates to the global address list.
Make the certificates available to the operating system.
Recover the previous smart card certificates.
Which of the following could cause a browser to display the message below? “The security certificate presented by this website was issued for a different website’s address.”
The website certificate was issued by a different CA than what the browser recognizes in its trusted CAs.
The website is using a wildcard certificate issued for the company’s domain.
HTTPS://127.0.01 was used instead of HTTPS://localhost.
The website is using an expired self signed certificate.
Some customers have reported receiving an untrusted certificate warning when visiting the company’s website. The administrator ensures that the certificate is not expired and that customers have trusted the original issuer of the certificate. Which of the following could be causing the problem?
The intermediate CA certificates were not installed on the server.
The certificate is not the correct type for a virtual server.
The encryption key used in the certificate is too short.
The client’s browser is trying to negotiate SSL instead of TLS.
Digital certificates can be used to ensure which of the following? (Select TWO).
Availability
Confidentiality
Verification
Authorization
Non-repudiation
A certificate used on an ecommerce web server is about to expire. Which of the following will occur if the certificate is allowed to expire?
The certificate will be added to the Certificate Revocation List (CRL).
Clients will be notified that the certificate is invalid.
The ecommerce site will not function until the certificate is renewed.
The ecommerce site will no longer use encryption.
An administrator has successfully implemented SSL on srv4.comptia.com using wildcard certificate *.comptia.com, and now wishes to implement SSL on srv5.comptia.com. Which of the following files should be copied from srv4 to accomplish this?
Certificate, private key, and intermediate certificate chain
Certificate, intermediate certificate chain, and root certificate
Certificate, root certificate, and certificate signing request
Certificate, public key, and certificate signing request
An encrypted message is sent using PKI from Sara, a client, to a customer. Sara claims she never sent the message. Which of the following aspects of PKI BEST ensures the identity of the sender?
CRL
Non-repudiation
Trust models
Recovery agents
Ann, a newly hired human resource employee, sent out confidential emails with digital signatures, to an unintended group. Which of the following would prevent her from denying accountability?
Email Encryption
Steganography
Non Repudiation
Access Control
A company recently experienced data loss when a server crashed due to a midday power outage. Which of the following should be used to prevent this from occurring again?
Recovery procedures
EMI shielding
Environmental monitoring
Redundancy
Matt, a security consultant, has been tasked with increasing server fault tolerance and has been given no budget to accomplish his task. Which of the following can Matt implement to ensure servers will withstand hardware failure?
Hardware load balancing
RAID
A cold site
A host standby
After a company has standardized to a single operating system, not all servers are immune to a well-known OS vulnerability. Which of the following solutions would mitigate this issue?
Host based firewall
Initial baseline configurations
Discretionary access control
Patch management system
A security manager requires fencing around the perimeter, and cipher locks on all entrances. The manager is concerned with which of the following security controls?
Integrity
Availability
Confidentiality
Safety
A cafe provides laptops for Internet access to their customers. The cafe is located in the center corridor of a busy shopping mall. The company has experienced several laptop thefts from the cafe during peak shopping hours of the day. Corporate has asked that the IT department provide a solution to eliminate laptop theft. Which of the following would provide the IT department with the BEST solution?
Attach cable locks to each laptop
Require each customer to sign an AUP
Install a GPS tracking device onto each laptop
Install security cameras within the perimeter of the café
A business has set up a Customer Service kiosk within a shopping mall. The location will be staffed by an employee using a laptop during the mall business hours, but there are still concerns regarding the physical safety of the equipment while it is not in use. Which of the following controls would BEST address this security concern?
Host-based firewall
Cable locks
Locking cabinets
Surveillance video
Although a vulnerability scan report shows no vulnerabilities have been discovered, a subsequent penetration test reveals vulnerabilities on the network. Which of the following has been reported by the vulnerability scan?
Passive scan
Active scan
False positive
False negative
Which of the following documents outlines the technical and security requirements of an agreement between organizations?
BPA
RFQ
ISA
RFC
A large bank has moved back office operations offshore to another country with lower wage costs in an attempt to improve profit and productivity. Which of the following would be a customer concern if the offshore staff had direct access to their data?
Service level agreements
Interoperability agreements
Privacy considerations
Data ownership
Which of the following are examples of detective controls?
Biometrics, motion sensors and mantraps.
Audit, firewall, anti-virus and biometrics.
Motion sensors, intruder alarm and audit.
Intruder alarm, mantraps and firewall.
An organization processes credit card transactions and is concerned that an employee may intentionally email credit card numbers to external email addresses. This company should consider which of the following technologies?
IDS
Firewalls
DLP
IPS
Which of the following, if properly implemented, would prevent users from accessing files that are unrelated to their job duties? (Select TWO).
Separation of duties
Job rotation
Mandatory vacation
Time of day restrictions
Least privilege
Which of the following helps to establish an accurate timeline for a network intrusion?
Hashing images of compromised systems
Reviewing the date of the antivirus definition files
Analyzing network traffic and device logs
Enforcing DLP controls at the perimeter
A recent audit has revealed weaknesses in the process of deploying new servers and network devices. Which of the following practices could be used to increase the security posture during deployment? (Select TWO).
Deploy a honeypot
Disable unnecessary services
Change default passwords
Implement an application firewall
Penetration testing
Joe is the accounts payable agent for ABC Company. Joe has been performing accounts payable function for the ABC Company without any supervision. Management has noticed several new accounts without billing invoices that were paid. Which of the following is the BEST management option for review of the new accounts?
Mandatory vacation
Job rotation
Separation of duties
Replacement
A company hosts its public websites internally. The administrator would like to make some changes to the architecture. The three goals are: reduce the number of public IP addresses in use by the web servers drive all the web traffic through a central point of control mitigate automated attacks that are based on IP address scanning Which of the following would meet all three goals?
Firewall
Load balancer
URL filter
Reverse proxy
The IT department noticed that there was a significant decrease in network performance during the afternoon hours. The IT department performed analysis of the network and discovered this was due to users accessing and downloading music and video streaming from social sites. The IT department notified corporate of their findings and a memo was sent to all employees addressing the misuse of company resources and requesting adherence to company policy. Which of the following policies is being enforced?
Acceptable use policy
Telecommuting policy
Data ownership policy
Non disclosure policy
A computer security officer has investigated a possible data breach and has found it credible. The officer notifies the data center manager and the Chief Information Security Officer (CISO). This is an example of:
Escalation and notification
First responder
Incident identification.
Incident mitigation.
A company would like to take electronic orders from a partner; however, they are concerned that a non-authorized person may send an order. The legal department asks if there is a solution that provides non-repudiation. Which of the following would meet the requirements of this scenario?
Encryption
Digital signatures
Steganography
Hashing
Perfect forward secrecy
The Chief Security Officer (CSO) is contacted by a first responder. The CSO assigns a handler. Which of the following is occurring?
Unannounced audit response
Incident response process
Business continuity planning
Unified threat management
Disaster recovery process
{"name":"SY0-401 (v.4) 12", "url":"https://www.quiz-maker.com/QPREVIEW","txt":"A software firm posts patches and updates to a publicly accessible FTP site. The software firm also posts digitally signed checksums of all patches and updates. The firm does this to address:, It is important to staff who use email messaging to provide PII to others on a regular basis to have confidence that their messages are not intercepted or altered during transmission. They are concerned about which of the following types of security control? A., Matt, a security administrator, wants to ensure that the message he is sending does not get intercepted or modified in transit. This concern relates to which of the following concepts?","img":"https://www.quiz-maker.com/3012/images/ogquiz.png"}