YOU ARE DOWNLOADING DOCUMENT

Please tick the box to continue:

Transcript
Page 1: Test King SY0-201 Qestions 1 100

Topic 1, Main(400 Questions)

QUESTION NO: 1 Which access control method gives the owner control over providing permissions?

A. Discretionary Access Control (DAC) B. Mandatory Access Control (MAC) C. Rule-Based Access control (RBAC) D. Role-Based Access Control (RBAC)

QUESTION NO: 2 How is access control permissions established in the RBAC access control model?

A. The role or responsibilities users have in the organization. B. None of the above. C. The owner of the resource. D. The system administrator.

QUESTION NO: 3 Which of the following attacks are being referred to if someone is accessing your e-mail server and sending inflammatory information to others?

A. Polymorphic Virus. B. Repudiation Attack. C. Trojan Horse. D. Phage Virus.

QUESTION NO: 4 Which encryption algorithm depends on the inability to factor large prime numbers?

A. AES256B. SHA-1 C. RSA D. Elliptic Curve

QUESTION NO: 5 Documentation describing a group expected minimum behavior is known as:Documentation describing a group? expected minimum behavior is known as:

A. a code of ethics B. the separation of duties C. the need to know D. acceptable usage

Page 2: Test King SY0-201 Qestions 1 100

QUESTION NO: 6 Which of the following is a major reason that social engineering attacks succeed?

A. Lack of security awareness B. Strong passwords are not required C. Audit logs are not monitored frequently D. Multiple logins are allowed

QUESTION NO: 7 Malicious port scanning is a method of attack to determine which of the following?

A. User IDs and passwords B. The fingerprint of the operating system C. Computer name D. The physical cabling topology of a network

QUESTION NO: 8 Which of the following is MOST often used to allow a client or partner access to a network?

A. Extranet B. Demilitarized zone (DMZ) C. VLAN D. Intranet

QUESTION NO: 9 Which of the following BEST describes the baseline process of securing devices on a network infrastructure?

A. Passive detection B. Active prevention C. Hardening D. Enumerating

Page 3: Test King SY0-201 Qestions 1 100

QUESTION NO: 10 A person pretends to be a telecommunications repair technician, enters a building stating that there is a networking trouble work order and requests that a security guard unlock the wiring closet The person connects a packet sniffer to the network switch in the wiring closet and hides the sniffer behind the switch against a wall. This is an example of:

A. a man in the middle attack B. a penetration test C. a vulnerability scan D. social engineering

QUESTION NO: 11 Turnstiles, double entry doors and security guards are all prevention measures for which of the following types of social engineering?

A. Impersonation B. Looking over a co-workers should'er to retrieve information C. Piggybacking D. Looking through a co-worker's trash to retrieve information

QUESTION NO: 12 Which of the following types of encryption would be BEST to use for a large amount of data?

A. ROT13 B. Symmetric C. Hash D. Asymmetric

QUESTION NO: 13 A small manufacturing company wants to deploy secure wireless on their network. Which of the following wireless security protocols could be used? (Select TWO).

A. WAN B. WEP C. IPX D. WPA

Page 4: Test King SY0-201 Qestions 1 100

QUESTION NO: 14 Which of the following network authentication protocols uses symmetric key cryptography, stores a shared key for each network resource and uses a Key Distribution Center (KDC)?

A. Kerberos d. pki B. TACACS+ C. RADIUS

QUESTION NO: 15The first step in creating a security baseline would be:

A. identifying the use case. B. installing software patches. C. creating a security policy D. vulnerability testing

QUESTION NO: 16 The MOST common exploits of Internet-exposed network services are due to:

A. illicit servers B. Trojan horse programs C. buffer overflows D. active content (e.g. Java Applets)

QUESTION NO: 17 Which description is correct about the form used while transferring evidence?

A. Evidence log B. Chain of custody C. Booking slip D. Affidavit

QUESTION NO: 18

The DAC (Discretionary Access Control) model has an inherent flaw. Choose the option that describes this flaw.

A. The DAC (Discretionary Access Control) model does not use the identity of a user to control access to resources. This allows anyone to use an account to access resources. B. The DAC (Discretionary Access Control) model does not have any known security flaws. C. The DAC (Discretionary Access Control) model uses only the identity of the user or specific process to control access to a resource. This creates a security loophole for Trojan horse attacks. D. The DAC (Discretionary Access Control) model uses certificates to control access to resources.

Page 5: Test King SY0-201 Qestions 1 100

This creates an opportunity for attackers to use your certificates.

QUESTION NO: 19 Many unauthorized staff has been entering the data center by piggybacking authorized staff. The CIO has mandated to stop this behavior. Which technology should be installed at the data center to prevent piggybacking?

A. Mantrap B. Security badges C. Token access D. Hardware locks

QUESTION NO: 20 Pretty Good Privacy (PGP) uses a PKI Trust Model where no certificate authority (CA) is subordinate to another. The model with no single trusted root is known as:

A. peer-to-peer B. hybrid C. hierarchical D. downlevel

QUESTION NO: 21 For the following options, which is an area of the network infrastructure that allows a technician to put public facing systems into it without compromising the entire infrastructure?

A. DMZ B. VPN C. VLAN D. NAT

QUESTION NO: 22 Why do security researchers often use virtual machines?

A. To offer a secure virtual environment to conduct online deployments B. To offer an environment where malware can be executed with minimal risk to equipment and software C. To offer an environment where new network applications can be tested D. To offer a virtual collaboration environment to discuss security research

Page 6: Test King SY0-201 Qestions 1 100

QUESTION NO: 23 Which of the following authentication methods increases the security of the authentication process because it must be in your physical possession?

A. Smart Cards. B. Kerberos G. CHAP D. Certificate

QUESTION NO: 24 Which security measures should be recommended while implementing system logging procedures? (Select TWO).

A. Perform CRC checks. B. Apply retention policies on the log files. C. Perform hashing of the log files. D. Collect system temporary files.

QUESTION NO: 25

On the basis of certain ports, which of the following will allow wireless access to network resources?

A. 802.11g B. 802.11n C. 802.lx D. 802.11a

QUESTION NO: 26 In computer programming, DLL injection is a technique used to run code within the address space of another process by forcing it to load a dynamic-link library. Which activity is MOST closely associated with DLL injection?

A. Penetration testing B. Network mapping C. Vulnerability assessment D. SQL servers

Page 7: Test King SY0-201 Qestions 1 100

QUESTION NO: 27 Which item is not a logical access control method?

A. ACL B. biometrics C. group policy. D. software token.

QUESTION NO: 28 Which of the following would be an effective way to ensure that a compromised PKI key can not access a system?

A. Renew the keyB. Reconfigure the key C. Delete the key D. Revoke the key

QUESTION NO: 29 An SMTP server is the source of email spam in an organization. Which of the following is MOST likely the cause?

A. The administrator account was not secured. B. Anonymous relays have not been disabled. C. Remote access to the email application's install directory has not been removed. D. X.400 connectors have not been password protected.

QUESTION NO: 30 Which method could identify when unauthorized access has occurred?

A. Implement two-factor authentication. B. Implement session lock mechanism. C. Implement session termination mechanism. D. Implement previous logon notification.

QUESTION NO: 31 Sending a patch through a testing and approval process is an example of which option?

A. Change management B. User education and awareness training C. Acceptable use policies D. Disaster planning

Page 8: Test King SY0-201 Qestions 1 100

QUESTION NO: 32 Which scanner can find a rootkit?

A. Malware scanner B. Email scanner C. Adware scanner D. Anti-spam scanner

QUESTION NO: 33 Which of the following would be needed to ensure that a user who has received an email cannot claim that the email was not received?

A. Anti-aliasing B. Asymmetric cryptography C. Data integrity D. Non-repudiation

QUESTION NO: 34 John works as a network administrator for his company. He uses a tool to check SMTP, DNS, P0P3, and ICMP packets on the network. This is an example of which of the following?

A. A port scanner B. A protocol analyzer C. A penetration test D. A vulnerability scan

QUESTION NO: 35 Which item specifies a set of consistent requirements for a workstation or server?

A. Imaging software B. Configuration baseline C. Patch management D. Vulnerability assessment

QUESTION NO: 36 Which of the following describes the process by which a single user name and password can be entered to access multiple computer applications?

A. Access control lists B. Single sign-on C. Constrained user interfaces D. Encryption protocol

Page 9: Test King SY0-201 Qestions 1 100

QUESTION NO: 37 The concept that a web script is run in its own environment and cannot interfere with any other process is known as a:

A. sandbox B. honey pot C. VLAN D. quarantine

QUESTION NO: 38 Look at the following items, which one usually applies specifically to a web browser?

A. Personal software firewall B. Antivirus C. Anti-spyware D. Pop-up blocker

QUESTION NO: 39 Virtualized applications, such as virtualized browsers, can protect the underlying operating system from which of the following?

A. DDoS attacks against the underlying OS B. Malware installation from suspects Internet sites C. Man-in-the-middle attacks D. Phishing and spam attacks

QUESTION NO: 40 Nmap has been run against a server and more open ports than expected have been discovered. Which of the following would be the FIRST step to take?

A. The process using the ports should be examined. B. All ports should be closed and observed to see whether a process tries to reopen the port. C. Nmap should be run again and observed to see whether different results are obtained. D. All ports should be left open and traffic monitored for malicious activity

Page 10: Test King SY0-201 Qestions 1 100

QUESTION NO: 41 Which security measure should be used while implementing access control?

A. Time of day restrictions B. Changing default passwords C. Disabling SSID broadcast D. Password complexity requirements

QUESTION NO: 42 For the following items, which one is a collection of servers setup to attract hackers?

A. Honeypot B. VLAN C. Honeynet D. DMZ

QUESTION NO: 43Which description is correct about the standard load for all systems? A. Patch management B. Group policy C. Security template D. Configuration baseline

QUESTION NO: 44 In a classified environment, a clearance into a Top Secret compartment only allows access to certain information within that compartment. This is known as

A. separation of duties B. dual control. C. acceptable use. D. need to know.

QUESTION NO: 45 Which of the following programming techniques should be used to prevent buffer overflow attacks?

A. Signed applets B. Nested loops C. Automatic updates D. Input validation

Page 11: Test King SY0-201 Qestions 1 100

QUESTION NO: 46

Choose the statement which best defines the characteristics of a computer virus.

A. A computer virus is a search mechanism, connection mechanism and can integrate. B. A computer virus is a replication mechanism, activation mechanism and has an objective. C. A computer virus is a find mechanism, initiation mechanism and can propagate. D. A computer virus is a learning mechanism, contamination mechanism and can exploit.

QUESTION NO: 47 Which of the following types of removable media is write-once and appropriate for archiving security logs?

A. Tape B. USB drive C. Hard disk D. CD-R

QUESTION NO: 48 Choose the most effective method of preventing computer viruses from spreading throughout the network.

A. You should enable scanning of all e-mail attachments. B. You should install a host based IDS (Intrusion Detection System) C. You should require root/administrator access to run programs and applications. D. You should prevent the execution of .vbs files.

QUESTION NO: 49 Giving each user or group of users only the access they need to do their job is an example of which of the following security principals?

A. Separation of duties B. Least privilege C. Access control D. Defense in depth

Page 12: Test King SY0-201 Qestions 1 100

QUESTION NO: 50 Which item will MOST likely permit an attacker to make a switch function like a hub?

A. MAC flooding B. ARP poisoning C. DNS poisoning D. DNS spoofing

QUESTION NO: 51 Which of the following is not identified within the penetration testing scope of work?

A. a list of acceptable testing techniques and tools to be utilized. B. handling of information collected by the penetration testing team. C. a complete list of all network vulnerabilities. D. IP addresses of machines from which penetration testing will be executed.

QUESTION NO: 52 In order to recover discarded company documents, which of the following might an attacker resort to?

A. Dumpster diving B. Shoulder surfing C. Insider theft D. Phishing

QUESTION NO: 53 Which description is correct about a way to prevent buffer overflows?

A. Apply all security patches to workstations. B. Apply security templates enterprise wide. C. Apply group policy management techniques. D. Monitor P2P program usage through content filters.

QUESTION NO: 54 What will be implemented by a technician to mitigate the chances of a successful attack against the wireless network?

A. Implement an authentication system and WPA. B. Implement an identification system and WPA2. C. Implement a biometric system and WEP. D. Implement an authentication system and WEP.

Page 13: Test King SY0-201 Qestions 1 100

QUESTION NO: 55

Which of the following could cause communication errors with an IPSec VPN tunnel because of changes made to the IP header?

A. DNS B. Private addressing C. SOCKS D. NAT

QUESTION NO: 56 Why malware that uses virtualization techniques is difficult to detect?

A. The malware may be running at a more privileged level than the antivirus software. B. A portion of the malware may have been removed by the IDS. C. The malware may be using a Trojan to infect the system. D. The malware may be implementing a proxy server for command and control.

QUESTION NO: 57 Which of the following are types of certificate-based authentication? (Select TWO)

A. One-to-many mapping B. Many-to-many mapping C. One-to-one mapping D. Many-to-one mapping

QUESTION NO: 58 Malicious code that enters a target system, lays dormant until a user opens the certain program then deletes the contents of attached network drives and removable storage devices is known as a:

A. Trojan horse B. honeypot C. worm D. logic bomb

QUESTION NO: 59 Which of the following definitions would be correct regarding Eavesdropping?

A. Placing a computer system between the sender and receiver to capture information. B. Someone looking through your files. C. Listening or overhearing parts of a conversation D. Involve someone who routinely monitors network traffic.

Page 14: Test King SY0-201 Qestions 1 100

QUESTION NO: 60 The purpose of the SSID in a wireless network is to:

A. protect the client B. secure the WAP C. define the encryption protocols used. D. identify the network

QUESTION NO: 61 Users on a network report that they are receiving unsolicited emails from the same email address. Which action should be performed to prevent this from occurring?

A. Configure a rule in eachusers router and restart the router. B. Install an ACL on the firewall to block traffic from the sender and filter the IP address. C. Install an anti-spam filter on the domain mail servers and filter the email address. D. Configure rules on the users host and restart the host.

QUESTION NO: 62 Fiber optic cable is considered safer than CAT5 because fiber optic cable: (Select TWO).

A. is made of glass rather than copper. B. is hard to tap in to. C. can be run for a longer distance D. is not susceptible to interference. E. is more difficult to install

QUESTION NO: 63 Which item can reduce the attack surface of an operating system?

A. Installing HIDS B. Patch management C. Installing antivirus D. Disabling unused services

Page 15: Test King SY0-201 Qestions 1 100

QUESTION NO: 64 A company has instituted a VPN to allow remote users to connect to the office. As time progresses multiple security associations are created with each association being more secure. Which of the following should be implemented to automate the selection of the BEST security association for each user?

A. SHA B. 3DES C. AES D. IKE

QUESTION NO: 65 Tom is a network technician of his company. Now, he is making a decision between implementing a HIDS on the database server and implementing a NIDS. Why NIDS may be better to implement? (Select TWO).

A. Many HIDS have a negative impact on system performance. B. Many HIDS are not good at detecting attacks on database servers. C. Many HIDS only offer a low level of detection granularity. D. Many HIDS are not able to detect network attacks.

QUESTION NO: 66 Which of the following would allow an administrator to find weak passwords on the network?

A. A hash function B. A password generator C. A network mapper D. A rainbow table

QUESTION NO: 67 Users need to access their email and several secure applications from any workstation on the network. In addition, an authentication system implemented by the administrator requires the use of a username, password, and a company issued smart card. This is an example of which of the following?

A. ACL B. SSO C. Least privilege D. Three factor authentication

Page 16: Test King SY0-201 Qestions 1 100

QUESTION NO: 68 Which of the following can be used to implement a procedure to control inbound and outbound traffic on a network segment?

A. ACL B. Proxy C. HIDS D. NIDS

QUESTION NO: 69 A honeypot is used to:

A. trap attackers in a false network. B. give an unauthorized user time to complete an attack. C. provide an unauthorized user with a place to safely work. D. allow administrators a chance to observe an attack.

QUESTION NO: 70 Which of the following refers to the ability to be reasonably certain that data is not modified or tampered with?

A. Authentication B. Confidentiality C. Non-repudiation D. Integrity

QUESTION NO: 71 What are best practices while installing and securing a new system for a home user? (Select THREE).

A. Apply all service packs. B. Apply all system patches. C. Use a strong firewall. D. Install remote control software.

QUESTION NO: 72 Which authentication method will prevent a replay attack from occurring?

A. L2TP B. Kerberos C. CHAP D. RADIUS

Page 17: Test King SY0-201 Qestions 1 100

QUESTION NO: 73 For the following items, which one is a collection of servers setup to attract hackers?

A. VLAN B. Honeynet C. Honeypot D. DMZ

QUESTION NO: 74 One type of port scan can determine which ports are in a listening state on the network, and can then perform a two way handshake. Which type of port scan can perform this set of actions?

A. A TCP (transmission Control Protocol) connect scan B. A TCP (transmission Control Protocol) SYN (Synchronize) scan C. A TCP (transmission Control Protocol) fin scan D. A TCP (transmission Control Protocol) null scan

QUESTION NO: 75 The Public Key Infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, store, distribute, and revoke digital certificates. The public key infrastructure is based on which encryption schemes?

A. Elliptical curve B. Quantum C. Asymmetric D. Symmetric

QUESTION NO: 76 Recently, your company has implemented a work from home program. Employees should connect securely from home to the corporate network. Which encryption technology can be used to achieve this goal?

A. pppoE B. pptp C. IPSec D. L2TP

Page 18: Test King SY0-201 Qestions 1 100

QUESTION NO: 77 A technician is conducting a forensics analysis on a computer system. Which step should be taken FIRST?

A. Look for hidden files. B. Get a binary copy of the system. C. Analyze temporary files. D. Search for Trojans.

QUESTION NO: 78 A security specialist is reviewing firewall logs and sees the information below. Which of the following BEST describes the attack that is occurring? Exhibit: image002.jpg

A. PING sweep B. Port scan C. DNS spoofing D. ARP poisoning

QUESTION NO: 79 Which algorithms can best encrypt large amounts of data?

A. Hashing algorithms B. ECC algorithms C. Asymmetric key algorithms D. Symmetric key algorithms

QUESTION NO: 80 For the following items, which is a protocol analyzer?

A. Cain _Abel B. John the Ripper C. WireShark D. Nessus

Page 19: Test King SY0-201 Qestions 1 100

QUESTION NO: 81 Which of the following is an installable package that includes several patches from the same vendor for various applications?

A. Patch template B. Service pack C. Patch rollup D. Hotfix

QUESTION NO: 82 In computing, the Basic Input/Output System (BIOS , also known as the System BIOS, is a de facto standard defining a firmware interface for IBM PC Compatible computers. A user is concerned with the security of their laptops BIOS. The user would not like anyone to be able to access control functions except themselves. Which of the following could make the BIOS more secure?

A. Flash the BIOS B. Encrypt the hard drive C. Password D. Create an access-list

QUESTION NO: 83 A user has received an email from a mortgage company asking for personal information including bank account numbers. This would BEST be described as:

A. packet sniffing B. spam C. a hoax D. phishing

QUESTION NO: 84 Which of the following would be MOST important to have to ensure that a company will be able to recover in case of severe environmental trouble or destruction?

A. Alternate sites B. Fault tolerant systems C. Offsite storage D. Disaster recovery plan

Page 20: Test King SY0-201 Qestions 1 100

QUESTION NO: 85 Which of the following would be an example of a hardware device where keys can be stored? (Select TWO).

A. PCMCIA card B. PCI card C. Smart card D. Network interface card (NIC)

QUESTION NO: 86 A technician is helping an organization to correct problems with staff members unknowingly downloading malicious code from Internet websites. Which of the following should the technician do to resolve the problem?

A. Install a NIDS B. Implement a policy to minimize the problem C. Disable unauthorized ActiveX controls D. Use Java virtual machines to reduce impact

QUESTION NO: 87 In computing, virtualization is a broad term that refers to the abstraction of computer resources. Which is a security reason to implement virtualization throughout the network infrastructure?

A. To analyze the various network traffic with protocol analyzers B. To implement additional network services at a lower cost C. To centralize the patch management of network servers D. To isolate the various network services and roles

QUESTION NO: 88 What does the DAC access control model use to identify the users who have permissions to a resource?

A. The role or responsibilities users have in the organization B. Access Control Lists C. Predefined access privileges. D. None of the above.

Page 21: Test King SY0-201 Qestions 1 100

QUESTION NO: 89 Which of the following logs shows when the workstation was last shutdown?

A. Access B. System C. DHCP D. Security

QUESTION NO: 90 A graphical user interface (GUI) is a type of user interface which allows people to interact with electronic devices such as computers; hand-held devices such as MP3 Players, Portable Media Players or Gaming devices; household appliances and office equipment. Which of the following will permit a technician to restrict a users?? access to the GUI?

A. Password policy enforcement B. Access control lists C. Group policy implementation D. Use of logical tokens

QUESTION NO: 91 Which of the following steps is MOST often overlooked during the auditing process?

A. Deciding what events to audit B. Auditing every system event C. Reviewing event logs regularly D. Enabling auditing on the system

QUESTION NO: 92 A PC is rejecting push updates from the server; all other PCs on the network are accepting the updates successfully. What should be examined first?

A. Password expiration B. Local firewall C. Anti-spyware D. Pop-up blocker

Page 22: Test King SY0-201 Qestions 1 100

QUESTION NO: 93 What technology is able to isolate a host OS from some types of security threats?

A. Cloning B. Intrusion detection C. Virtualization D. Kiting

QUESTION NO: 94 A DNS (Domain Name Service) server uses a specific port number. Choose this port number from the options.

A. Port 1,024 B. Port 32 C. Port 65,535 D. Port 16,777,216

QUESTION NO: 95 Choose the access control model that allows access control determinations to be performed based on the security labels associated with each user and each data item.

A. LBACs (List Based Access Control) method B. RBACs (Role Based Access Control) method C. MACs (Mandatory Access Control) method D. DACs (Discretionary Access Control) method

QUESTION NO: 96 Which action should be performed when discovering an unauthorized wireless access point attached to a network?

A. Unplug the Ethernet cable from the wireless access point. B. Run a ping against the wireless access point. C. Enable MAC filtering on the wireless access point. D. Change the SSID on the wireless access point

QUESTION NO: 97 Non-repudiation is enforced by which of the following?

A. pki B. Cipher block chaining C. Digital signatures D. Secret keys

Page 23: Test King SY0-201 Qestions 1 100

QUESTION NO: 98 After analyzing vulnerability and applying a security patch, which non-intrusive action should be taken to verify that the vulnerability was truly removed?

A. Repeat the vulnerability scan. B. Update the antivirus definition file. C. Apply a security patch from the vendor. D. Perform a penetration test.

QUESTION NO: 99 What does the DAC access control model use to identify the users who have permissions to a resource?

A. Access Control Lists B. The role or responsibilities users have in the organization C. Predefined access privileges. D. None of the above.

QUESTION NO: 100 Your company's website permits customers to search for a product and display the current price and quantity available of each product from the production database. Which of the following will invalidate an SQL injection attack launched from the lookup field at the web server level?

A. Input validation B. NIPS C. Security template D. Buffer overflow protection


Related Documents