web analytics

Daily Archives: Friday, March 9, 2018

  • [March 2018] Lead2pass CompTIA SY0-501 Latest Exam Dumps Download 182q

    Lead2pass SY0-501 Exam Questions Free Download:


    Which of the following characteristics differentiate a rainbow table attack from a brute force attack? (Select TWO).

    A.    Rainbow table attacks greatly reduce compute cycles at attack time.
    B.    Rainbow tables must include precompiled hashes.
    C.    Rainbow table attacks do not require access to hashed passwords.
    D.    Rainbow table attacks must be performed on the network.
    E.    Rainbow table attacks bypass maximum failed login restrictions.


  • [March 2018] Lead2pass Free CompTIA SY0-401 Braindumps VCE Updated 1868q

    Lead2pass Latest SY0-401 Free Dumps Guarantee SY0-401 Certification Exam 100% Success:


    An administrator would like to review the effectiveness of existing security in the enterprise. Which of the following would be the BEST place to start?

    A.    Review past security incidents and their resolution
    B.    Rewrite the existing security policy
    C.    Implement an intrusion prevention system
    D.    Install honey pot systems

    Answer: C
    The main functions of intrusion prevention systems are to identify malicious activity, log information about this activity, attempt to block/stop it, and report it

    A company has proprietary mission critical devices connected to their network which are configured remotely by both employees and approved customers. The administrator wants to monitor device security without changing their baseline configuration.
    Which of the following should be implemented to secure the devices without risking availability?

    A.    Host-based firewall
    B.    IDS
    C.    IPS
    D.    Honeypot

    Answer: B
    An intrusion detection system (IDS) is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a management station. IDS come in a variety of “flavors” and approach the goal of detecting suspicious traffic in different ways. There are network based (NIDS) and host based (HIDS) intrusion detection systems. Some systems may attempt to stop an intrusion attempt but this is neither required nor expected of a monitoring system. Intrusion detection and prevention systems (IDPS) are primarily focused on identifying possible incidents, logging information about them, and reporting attempts. In addition, organizations use IDPSes for other purposes, such as identifying problems with security policies, documenting existing threats and deterring individuals from violating security policies. IDPSes have become a necessary addition to the security infrastructure of nearly every organization.
    IDPSes typically record information related to observed events, notify security administrators of important observed events and produce reports. Many IDPSes can also respond to a detected threat by attempting to prevent it from succeeding. They use several response techniques, which involve the IDPS stopping the attack itself, changing the security environment (e.g. reconfiguring a firewall) or changing the attack’s content.

    Lab Sim – Configure the Firewall
    Task: Configure the firewall (fill out the table) to allow these four rules:

    – Only allow the Accounting computer to have HTTPS access to the Administrative server.
    – Only allow the HR computer to be able to communicate with the Server 2 System over SCP.
    – Allow the IT computer to have access to both the Administrative Server 1 and Administrative Server 2


    Use the following answer for this simulation task.
    Below table has all the answers required for this question.


    Firewall rules act like ACLs, and they are used to dictate what traffic can pass between the firewall and the internal network. Three possible actions can be taken based on the rule’s criteria:

    Block the connection
    Allow the connection
    Allow the connection only if it is secured

    TCP is responsible for providing a reliable, one-to-one, connection-oriented session.
    TCP establishes a connection and ensures that the other end receives any packets sent.
    Two hosts communicate packet results with each other. TCP also ensures that packets are decoded and sequenced properly. This connection is persistent during the session.
    When the session ends, the connection is torn down.
    UDP provides an unreliable connectionless communication method between hosts.
    UDP is considered a best-effort protocol, but it’s considerably faster than TCP.
    The sessions don’t establish a synchronized session like the kind used in TCP, and UDP doesn’t guarantee error-free communications.
    The primary purpose of UDP is to send small packets of information.
    The application is responsible for acknowledging the correct reception of the data.
    Port 22 is used by both SSH and SCP with UDP.
    Port 443 is used for secure web connections ?HTTPS and is a TCP port.
    Thus to make sure only the Accounting computer has HTTPS access to the Administrative server you should use TCP port 443 and set the rule to allow communication between (Accounting) and (Administrative server1) Thus to make sure that only the HR computer has access to Server2 over SCP you need use of TCP port 22 and set the rule to allow communication between (HR) and (server2)
    Thus to make sure that the IT computer can access both the Administrative servers you need to use a port and accompanying port number and set the rule to allow communication between: (IT computer) and (Administrative server1) (IT computer) and (Administrative server2)

    Hotspot Question
    The security administrator has installed a new firewall which implements an implicit DENY policy by default Click on the firewall and configure it to allow ONLY the following communication.

    1. The Accounting workstation can ONLY access the web server on the public network over the default HTTPS port. The accounting workstation should not access other networks.
    2. The HR workstation should be restricted to communicate with the Financial server ONLY, over the default SCP port
    3. The Admin workstation should ONLY be able to access the servers on the secure network over the default TFTP port.

    Instructions: The firewall will process the rules in a top-down manner in order as a first match The port number must be typed in and only one port number can be entered per rule Type ANY for all ports. The original firewall configuration can be reset at any time by pressing the reset button. Once you have met the simulation requirements, click save and then Done to submit.





    Implicit deny is the default security stance that says if you aren’t specifically granted access or privileges for a resource, you’re denied access by default.
    Rule #1 allows the Accounting workstation to ONLY access the web server on the public network over the default HTTPS port, which is TCP port 443.
    Rule #2 allows the HR workstation to ONLY communicate with the Financial server over the default SCP port, which is TCP Port 22
    Rule #3 & Rule #4 allow the Admin workstation to ONLY access the Financial and Purchasing servers located on the secure network over the default TFTP port, which is Port 69.

    Which of the following firewall rules only denies DNS zone transfers?

    A.    deny udp any any port 53
    B.    deny ip any any
    C.    deny tcp any any port 53
    D.    deny all dns packets

    Answer: C
    DNS operates over TCP and UDP port 53. TCP port 53 is used for zone transfers.

    A security administrator suspects that an increase in the amount of TFTP traffic on the network is due to unauthorized file transfers, and wants to configure a firewall to block all TFTP traffic.
    Which of the following would accomplish this task?

    A.    Deny TCP port 68
    B.    Deny TCP port 69
    C.    Deny UDP port 68
    D.    Deny UDP port 69

    Answer: D
    Trivial File Transfer Protocol (TFTP) is a simple file-exchange protocol that doesn’t require authentication. It operates on UDP port 69.

    Sara, a security technician, has received notice that a vendor coming in for a presentation will require access to a server outside of the network. Currently, users are only able to access remote sites through a VPN connection. How could Sara BEST accommodate the vendor?

    A.    Allow incoming IPSec traffic into the vendor’s IP address.
    B.    Set up a VPN account for the vendor, allowing access to the remote site.
    C.    Turn off the firewall while the vendor is in the office, allowing access to the remote site.
    D.    Write a firewall rule to allow the vendor to have access to the remote site.

    Answer: D
    Firewall rules are used to define what traffic is able pass between the firewall and the internal network. Firewall rules block the connection, allow the connection, or allow the connection only if it is secured. Firewall rules can be applied to inbound traffic or outbound traffic and any type of network.

    A technician is deploying virtual machines for multiple customers on a single physical host to reduce power consumption in a data center. Which of the following should be recommended to isolate the VMs from one another?

    A.    Implement a virtual firewall
    B.    Install HIPS on each VM
    C.    Virtual switches with VLANs
    D.    Develop a patch management guide

    Answer: C
    A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. VLANs are used for traffic management. VLANs can be used to isolate traffic between network segments.

    A router has a single Ethernet connection to a switch. In the router configuration, the Ethernet interface has three sub-interfaces, each configured with ACLs applied to them and 802.1q trunks.
    Which of the following is MOST likely the reason for the sub-interfaces?

    A.    The network uses the subnet of
    B.    The switch has several VLANs configured on it.
    C.    The sub-interfaces are configured for VoIP traffic.
    D.    The sub-interfaces each implement quality of service.

    Answer: B
    A subinterface is a division of one physical interface into multiple logical interfaces. Routers commonly employ subinterfaces for a variety of purposes, most common of these are for routing traffic between VLANs. Also, IEEE 802.1Q is the networking standard that supports virtual LANs (VLANs) on an Ethernet network.

    Joe, a technician at the local power plant, notices that several turbines had ramp up in cycles during the week. Further investigation by the system engineering team determined that a timed .exe file had been uploaded to the system control console during a visit by international contractors. Which of the following actions should Joe recommend?

    A.    Create a VLAN for the SCADA
    B.    Enable PKI for the MainFrame
    C.    Implement patch management
    D.    Implement stronger WPA2 Wireless

    Answer: A
    VLANs are used for traffic management. VLANs can be used to isolate traffic between network segments. This can be accomplished by not defining a route between different VLANs or by specifying a deny filter between certain VLANs (or certain members of a VLAN). Any network segment that doesn’t need to communicate with another in order to accomplish a work task/function shouldn’t be able to do so.

    SY0-401 dumps full version (PDF&VCE): https://www.lead2pass.com/sy0-401.html

    Large amount of free SY0-401 exam questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDLXZsWm9MWmh0a0E

    You may also need:

    SY0-501 exam dumps: https://drive.google.com/open?id=1Hm6GQHDVOsEnyhNf3EHqIGEtor5IUsfu

  • [March 2018] Free Updated Lead2pass PMP Exam Dumps Download 1720q

    Free Version Lead2pass PMI PMP PDF Dumps With Exam Questions Download:


    You are managing a project in an organization is characterized by with rigid rules and policies and strict supervisory controls. Your project, sponsored by your CEO who is new to the company, is to make the organization less bureaucratic and more participative. You are developing your project management plan. Given the organization as it now is set up, as you prepare your plan, you can use which of the following organizational process assets______________.

    A.    Guidelines and criteria
    B.    Project management body of knowledge for your industry
    C.    Organizational structure and culture
    D.    The existing infrastructure

    Answer: B
    While you are managing a different type of project, the organization has managed projects before and therefore may have as part of its organizational process assets a project management template, which sets forth guidelines and criteria to tailor the organization’s processes to satisfy specific needs of the project.

    You are fairly new to managing a project but have been a team member for many years. You are pleased you were selected to manage your company’s 2015 model line of hybrid vehicles. You are now planning your project and have been preparing the subsidiary plans as well. You realize some project documents also are required to help manage your project. An example of one that you believe will be especial helpful is the______________.

    A.    Business case
    B.    Key performance indicators
    C.    Project management information system
    D.    Project statement of work

    Answer: D
    The project statement of work is a useful document as it describes the products, services, or results the project is to deliver. It references the business need, product scope description, and the strategic plan.

    You work for a telecommunications company, and when developing a project management plan for a new project, you found that you must tailor some company processes because the product is so different than those products typically produced by your company. To tailor these processes, you will follow______________.

    A.    Standardized guidelines and work instructions
    B.    Stakeholder risk tolerances
    C.    Expert judgment
    D.    Structure of your company

    Answer: A
    Standardized guidelines and work instructions are an organizational process asset to consider as the project management plan is developed. They include guidelines and criteria to tailor the organization’s set of standard processes to satisfy the specific needs of the project.

    You are implementing a project management methodology for your company that requires you to establish a change control board. Which one of the following statements best describes a change control board?

    A.    Recommended for use on all (large and small) projects
    B.    Used to review, evaluate, approve, delay, or reject changes to the project
    C.    Managed by the project manager, who also serves as its secretary
    D.    Composed of key project team members

    Answer: B
    Used to review, evaluate, approve, delay, or reject changes to the project The change control board’s powers and responsibilities should be well defined and agreed upon by key stakeholders. On some projects, multiple change control boards may exist with different
    areas of responsibility.

    An automated tool, project records, performance indicators, data bases, and financials are examples of items in______________.

    A.    Organizational process assets
    B.    Project management information systems
    C.    Project management planning approaches
    D.    The tools and techniques for project plan development

    Answer: B
    The items listed are part of these systems, a tool and technique in both processes.
    PMI®, PMBOK® Guide, 2013, 84, 92

    You realize that projects represent change, and on your projects, you always seem to have a number of change requests to consider. In your current project to manage the safety of the nation’s cheese products and the testing methods used, you decided to prepare a formal change management plan. An often overlooked type of change request is______________.

    A.    Adding new subject matter experts to your team
    B.    Updates
    C.    Work performance information
    D.    Enhancing the reviews performed by your project’s governance board

    Answer: B
    Change requests may include corrective actions, preventive actions, defect repairs, or updates. Updates are changes to formally controlled project documents or plans to reflect modified or additional content.

    You have been directed to establish a change control system for your company, but must convince your colleagues to use it. To be effective, the change control system must include______________.

    A.    Procedures that define how project documents may be changed
    B.    Specific change requests expected on the project and plans to respond to each one
    C.    Performance reports that forecast project changes
    D.    A description of the functional and physical characteristics of an item or system

    Answer: A
    A change control system is a collection of formal, documented procedures that define the process used to control change and approve or reject changes to project documents, deliverables, or baselines. It includes the paperwork, tracking systems, and approval levels necessary to authorize changes.

    You are working on the next generation of software for mobile phones for your telecommunications company. While time to market is critical, you know from your work on other projects that management reviews can be helpful and plan to use them on your project. You are documenting them as part of your______________.

    A.    Governance plan
    B.    Change management plan
    C.    Performance reviews
    D.    Project management plan

    Answer: D
    The project management plan describes how the project will be executed and monitored and controlled. While it contains a number of subsidiary plans, it also contains other items including information on key management reviews for contents, their extent, and timing to address open
    issues and pending decisions.

    Your cost control specialist has developed a budget plan for your project to add a second surgical center to the Children’s Hospital. As you analyze cash flow requirements, you notice that cash flow activity is greatest in the closing phase. You find this unusual because on most projects the largest portion of the budget spent during______________.

    A.    Initiating
    B.    Monitoring and Controlling
    C.    Controlling
    D.    Executing

    Answer: D
    Executing is where the majority of the budget is spent because this is the process where all of the resources (people, material, etc.) are applied to the activities and tasks in the project management plan.
    PMI®, PMBOK® Guide, 2013, 56

    You are project manager for a systems integration effort and need to procure the hardware components from external sources. Your subcontracts administrator has told you to prepare a product description, which is referenced in a______________.

    A.    Project statement of work
    B.    Contract scope statement
    C.    Request for proposal
    D.    Contract

    Answer: A
    Project statement of work
    The project statement of work describes in a narrative form the products, services, or results that
    the project will deliver. It references the product scope description as well as the business needs and the strategic plan.

    PMP dumps full version (PDF&VCE): https://www.lead2pass.com/pmp-exam.html

    Large amount of free PMP exam questions on Google Drive: https://drive.google.com/open?id=1tWlQiea0M4b98i8adjUSdp1vjK6tanR_