passguide comptia sy0-201 braindumps 1
Exam Name: CompTIA Security+ (2008 Edition) Exam
Exam Type: CompTIA
Exam Code: SY0-201 Total Questions: 490 Who is responsible for establishing access permissions to network resources in the DAC access
control model?
A. The system administrator.
B. The owner of the resource.
C. The system administrator and the owner of the resource.
D. The user requiring access to the resource.
Answer: B
The Public Key Infrastructure (PKI) is a set of hardware, software, people, policies, and
procedures needed to create, manage, store, distribute, and revoke digital certificates. The public
key infrastructure is based on which encryption schemes?
A. Symmetric
B. Quantum
C. Asymmetric
D. Elliptical curve
Answer: C
Which definition best defines what a challenge-response session is?
A. A challenge-response session is a workstation or system that produces a random challenge
string that the user provides, when prompted, in conjunction with the proper PIN (Personal
Identification Number).
B. A challenge-response session is a workstation or system that produces a random login ID that
the user provides, when prompted, in conjunction with the proper PIN (Personal Identification
Number).
C. A challenge-response session is a special hardware device used to produce random text in a
cryptography system.
D. A challenge-response session is the authentication mechanism in the workstation or system
that does not determine whether the owner should be authenticated.
Answer: A
For which reason are clocks used in Kerberos authentication?
A. Clocks are used to ensure proper connections.
B. Clocks are used to ensure that tickets expire correctly.
C. Clocks are used to generate the seed value for the encryptions keys.
D. Clocks are used to both benchmark and specify the optimal encryption algorithm.
Answer: B
To reduce vulnerabilities on a web server, an administrator should adopt which of the following
preventative measures?
A. Use packet sniffing software on all inbound communications
B. Apply the most recent manufacturer updates and patches to the server.
C. Enable auditing on the web server and periodically review the audit logs
D. Block all Domain Name Service (DNS) requests coming into the server.
Answer: B
A travel reservation organization conducts the majority of its transactions via a public facing
website. Any downtime to this website will lead to serious financial damage for this organization.
One web server is connected to several distributed database servers. Which statement is correct
about this scenario?
A. RAID
B. Warm site
C. Proxy server
D. Single point of failure
Answer: D
Which of the following types of firewalls provides inspection at layer 7 of the OSI model?
A. Application-proxy
B. Network address translation (NAT)
C. Packet filters
D. Stateful inspection
Answer: A
A newly hired security specialist is asked to evaluate a company’s network security. The security
specialist discovers that users have installed personal software; the network OS has default
settings and no patches have been installed and passwords are not required to be changed
regularly. Which of the following would be the FIRST step to take?
A. Install software patches.
B. Disable non-essential services.
C. Enforce the security policy.
D. Password management
Answer: C
Giving each user or group of users only the access they need to do their job is an example of
which of the following security principals?
A. Least privilege
B. Defense in depth
C. Separation of duties
D. Access control
Answer: A
In computing, the Basic Input/Output System (BIOS , also known as the System BIOS, is a de
facto standard defining a firmware interface for IBM PC Compatible computers. A user is
concerned with the security of their laptops BIOS. The user would not like anyone to be able to
access control functions except themselves. Which of the following could make the BIOS more
secure?
A. Password
B. Flash the BIOS
C. Encrypt the hard drive
D. Create an access-list
Answer: A
In computing, a Uniform Resource Locator (URL) is a type of Uniform Resource Identifier (URI)
that specifies where an identified resource is available and the mechanism for retrieving it. When
a user attempts to go to a website, he notices the URL has changed, which attack will MOST
likely cause the problem?
A. ARP poisoning
B. DLL injection
C. DNS poisoning
D. DDoS attack
Answer: C
What does the DAC access control model use to identify the users who have permissions to a
resource?
A. Predefined access privileges.
B. The role or responsibilities users have in the organization
C. Access Control Lists
D. None of the above.
Answer: C
n10-004 exam
PassGuide sy0-201
