Which of the following protocols operates at the HIGHEST level of the OSI model?
Joe, the system administrator, has been asked to calculate the Annual Loss Expectancy (ALE) for a $5,000 server, which often crashes. In the past year, the server has crashed 10 times, requiring a system reboot to recover with only 10% loss of data or function. Which of the following is the ALE of this server?
Which of the following should an administrator implement to research current attack methodologies?
A. Design reviews
C. Vulnerability scanner
D. Code reviews
Which of the following can be implemented in hardware or software to protect a web server from cross-site scripting attacks?
A. Intrusion Detection System
B. Flood Guard Protection
C. Web Application Firewall
D. URL Content Filter
Which of the following means of wireless authentication is easily vulnerable to spoofing?
A. MAC Filtering
B. WPA – LEAP
C. WPA – PEAP
D. Enabled SSID
The BEST methods for a web developer to prevent the website application code from being vulnerable to cross-site request forgery (XSRF) are to: (Select TWO).
A. permit redirection to Internet-facing web URLs.
B. ensure all HTML tags are enclosed in angle brackets, e.g., "<" and ">".
C. validate and filter input on the server side and client side.
D. use a web proxy to pass website requests between the user and the application.
E. restrict and sanitize use of special characters in input and URLs.
Jane, a security administrator, needs to implement a secure wireless authentication method that uses a remote RADIUS server for authentication.
Which of the following is an authentication method Jane should use?
Computer evidence at a crime scene is documented with a tag stating who had possession of the evidence at a given time.
Which of the following does this illustrate?
A. System image capture
B. Record time offset
C. Order of volatility
D. Chain of custody
A network administrator is configuring access control for the sales department which has high employee turnover. Which of the following is BEST suited when assigning user rights to individuals in the sales department?
A. Time of day restrictions
B. Group based privileges
C. User assigned privileges
D. Domain admin restrictions
Which of the following is being tested when a company’s payroll server is powered off for eight hours?
A. Succession plan
B. Business impact document
C. Continuity of operations plan
D. Risk assessment plan
If you want to pass CompTIA SY0-401 successfully, donot missing to read latest lead2pass CompTIA SY0-401 exam questions.
If you can master all lead2pass questions you will able to pass 100% guaranteed.