web analytics

CompTIA

  • [May 2018] Lead2pass 2018 100% Real CAS-002 Exam Questions 900q

    Lead2pass 2018 New CompTIA CAS-002 Braindump Free Download:

    https://www.lead2pass.com/cas-002.html

    QUESTION 31
    The Chief Executive Officer (CEO) of a corporation decided to move all email to a cloud computing environment.
    The Chief Information Security Officer (CISO) was told to research the risk involved in this environment.
    Which of the following measures should be implemented to minimize the risk of hosting email in the cloud?

    A.    Remind users that all emails with sensitive information need be encrypted and physically
    inspect the cloud computing.
    B.    Ensure logins are over an encrypted channel and obtain an NDA and an SLA from the
    cloud provider.
    C.    Ensure logins are over an encrypted channel and remind users to encrypt all emails that
    contain sensitive information.
    D.    Obtain an NDA from the cloud provider and remind users that all emails with sensitive
    information need be encrypted. (more…)

  • [May 2018] Lead2pass 220-902 New Questions For Passing The 220-902 Certification Exam 1236q

    Lead2pass CompTIA New Exam 220-902 VCE Files Free Instant Download:

    https://www.lead2pass.com/220-902.html

    QUESTION 31
    After several passes with a malware removal program, the program keeps detecting the same malware infection after a reboot. Which of the following should be done to attempt to remove the offending malware?

    A.    Run the malware removal program while disconnected from the Internet
    B.    Run the malware removal program in Windows Safe Mode
    C.    Reinstall the malware removal program from a trusted source
    D.    Set the malware removal program to run each time the computer is rebooted

    (more…)

  • [May 2018] Lead2pass CompTIA 220-901 Exam Dumps Free Download 1346q

    Lead2pass CompTIA 220-901 Latest Exam Dumps Download:

    https://www.lead2pass.com/220-901.html

    QUESTION 31
    A customer has purchased a 1TB internal hard drive. The customer would like to have it installed as a data drive in their existing system. The technician discovers there is no spare power supply connector for the new hard drive. Which of the following would enable the technician to EASILY accomplish the task? (Select TWO).

    A.    Replace the existing hard drive.
    B.    Replace the power supply.
    C.    Remove the floppy disk.
    D.    Remove the CD-ROM.
    E.    Split an existing power connection.

    (more…)

  • [April 2018] 100% Valid Lead2pass CompTIA SY0-501 New Questions Free Version 250q

    Lead2pass 2018 100% Valid SY0-501 Dumps Guarantee 100% Pass SY0-501 Certification Exam:

    https://www.lead2pass.com/sy0-501.html

    QUESTION 31
    Which of the following characteristics differentiate a rainbow table attack from a brute force attack? (Select TWO).

    A.    Rainbow table attacks greatly reduce compute cycles at attack time.
    B.    Rainbow tables must include precompiled hashes.
    C.    Rainbow table attacks do not require access to hashed passwords.
    D.    Rainbow table attacks must be performed on the network.
    E.    Rainbow table attacks bypass maximum failed login restrictions. (more…)

  • [April 2018] Official SY0-401 Exam Preparation Download From Lead2pass 1868q

    Pass SY0-401 Exam By Exercising Lead2pass Latest SY0-401 VCE And PDF Dumps:

    https://www.lead2pass.com/sy0-401.html

    QUESTION 21
    The security administrator needs to manage traffic on a layer 3 device to support FTP from a new remote site. Which of the following would need to be implemented?

    A.    Implicit deny
    B.    VLAN management
    C.    Port security
    D.    Access control lists (more…)

  • [April 2018] Download Free CompTIA PK0-004 Exam Questions And Answers From Lead2pass 115q

    Lead2pass Dumps For Exam PK0-004 With New Updated Exam Questions:

    https://www.lead2pass.com/pk0-004.html

    QUESTION 21
    Which of the following is a definition of an RFP?

    A.    A document sent to potential vendors to solicit a bid for a project
    B.    A document sent to potential vendors to request information for skills and experience for a project
    C.    A document sent to potential vendors to request a commitment for a project
    D.    A document sent to potential vendors to solicit information that excludes pricing information for a project (more…)

  • [April 2018] Best Lead2pass CompTIA N10-006 PDF Dumps With New Update Exam Questions 1521q

    Download Free CompTIA N10-006 Exam Questions And Answers From Lead2pass:

    https://www.lead2pass.com/n10-006.html

    QUESTION 21
    A technician wants to separate networks on a switch. Which of the following should be configured to allow this?

    A.    VLAN
    B.    Trunking
    C.    Spanning tree
    D.    Traffic filtering

    (more…)

  • [April 2018] Free Lead2pass CompTIA CAS-002 PDF Dumps With New Update Exam Questions 900q

    Free Lead2pass CompTIA CAS-002 PDF Dumps With The Latest Update Exam Questions:

    https://www.lead2pass.com/cas-002.html

    QUESTION 21
    A company is developing a new web application for its Internet users and is following a secure coding methodology.
    Which of the following methods would BEST assist the developers in determining if any unknown vulnerabilities are present?

    A.    Conduct web server load tests.
    B.    Conduct static code analysis.
    C.    Conduct fuzzing attacks.
    D.    Conduct SQL injection and XSS attacks.

    (more…)

  • [2018-4-2] Updated CV0-001 New Questions From Lead2pass Free Downloading

    Lead2pass Latest CV0-001 Free Dumps Guarantee CV0-001 Certification Exam 100% Success.v.2018-4-2.730q:

    https://www.lead2pass.com/cv0-001.html

    QUESTION 409
    Engineers are preparing to move guests to new compute and storage infrastructure. Basic network and SAN connectivity have been established. Which of the following options are valid NEXT steps to prepare for guest migration to the new infrastructure? (Select two.)

    A.    Tag the live migration VLAN on the trunk to the new servers
    B.    Correctly size and provision NFS LUNs on the new storage
    C.    Zone HBAs
    D.    Prep mirror VMs on new hosts for data migration
    E.    Tag the SAN trunks with the correct guest network VLANs

    Answer: AD

    QUESTION 410
    An administrator is implementing a private cloud that will be used as a test environment. To limit the number of guests per subnet to a maximum of 14, the administrator implemented a /20 network. Which of the following should the administrator use to assign the networks?

    A.    DHCP
    B.    Subnet
    C.    VLAN
    D.    Gateway

    Answer: A

    QUESTION 411
    A Chief Information Officer (CIO) has summoned an administrator due to the datacenter power bill being significantly higher than normal. The administrator explains that a new array was installed for a 20TB CRM application. Which of the following solutions would provide a new performance benefit and also reduce power consumption?

    A.    SSD
    B.    SAS
    C.    SATA
    D.    FC

    Answer: A

    QUESTION 412
    Cloud bursting can alleviate which of the following attacks?

    A.    Buffer Overflow
    B.    Brute Force
    C.    XSS
    D.    DDOS

    Answer: D

    QUESTION 413
    An administrator is testing a new web server from outside of the corporate firewall. The administrator performs a test from a single PC and the web server responds accordingly. The administrator then provisions several virtual machines on a network behind NAT and uses them to perform the same operation on the web server at the same time, but thereafter soon discovers that none of the machines can reach the web server. Which of the following could be responsible?

    A.    IPS
    B.    Blacklisting
    C.    IDS
    D.    Whitelisting
    E.    Firewall

    Answer: E

    QUESTION 414
    Which of the following would a company implement to provide authentication to multiple websites that are delivered through PaaS?

    A.    Federation services
    B.    MAC
    C.    Multi-factor authentication
    D.    RBAC

    Answer: D

    QUESTION 415
    An administrator is responsible for managing a host that is part of a private cloud. The host has one physical quad core CPU. The administrator is tasked with creating a new guest that requires a single CPU. Which of the following actions should the administrator do?

    A.    Assign 1 virtual CPU to the Guest
    B.    Assign 1 virtual CPU to the Host
    C.    Assign 1 physical CPU to the Guest
    D.    Assign 1 physical CPU to the Host

    Answer: A

    QUESTION 416
    Which of the following storage technologies is IP-based?

    A.    SCSI
    B.    DAS
    C.    FCP
    D.    NAS

    Answer: D

    QUESTION 417
    An administrator has created a new virtual server according to specifications and verified that TCP/IP settings are correct. When the VM is powered on, however, an error message indicates that a network card MAC address conflict exists. Which of the following would resolve this issue?

    A.    Remove the virtual NIC and configure another one.
    B.    Add an additional NIC with a loopback interface.
    C.    Ping the IP address to determine the location of the conflict.
    D.    Change the MAC to ff:ff:ff:ff:ff:ff and obtain a new address.

    Answer: A

    QUESTION 418
    An administrator is no longer receiving alerting messages from the web server platform that recently failed over to a new secondary datacenter due to a power failure. Which of the following is the cause of the problem?

    A.    Port 21 in only allowed inbound at the primary datacenter
    B.    Port 22 to the log server is blocked outbound
    C.    Port 162 in DMZ is blocked inbound
    D.    Port 162 in DMZ is blocked outbound

    Answer: C

    QUESTION 419
    An organization wants to create a server VM that is segregated from the rest of the servers. Which of the following should the server administrator configure?

    A.    Virtual NIC
    B.    Trunk port
    C.    Virtual memory
    D.    VPN connection

    Answer: A

    QUESTION 420
    Which of the following ensures that there is enough space for vendors to install their programs and run the software they will be managing for various SaaS products?

    A.    Network isolation
    B.    Laws and regulations
    C.    Multi-tenancy
    D.    Data segregation

    Answer: C

    CV0-001 dumps full version (PDF&VCE): https://www.lead2pass.com/cv0-001.html

    Large amount of free CV0-001 exam questions on Google Drive: https://drive.google.com/open?id=1gKUz-ReSTZObR99Mi3F2QPbCIADNaG15

  • [April 2018] 100% Pass Lead2pass 220-902 New Questions Free Version 1236q

    100% Valid Lead2pass CompTIA 220-902 New Questions Free Version:

    https://www.lead2pass.com/220-902.html

    QUESTION 21
    Which of the following features allows for easier navigation of long lists on a tablet device?

    A.    Pinch-zoom
    B.    Multitouch
    C.    Scrollbars
    D.    Touch flow

    Answer: D
    Explanation:
    http://gigaom.com/2010/03/08/touchscreen-tablets/

    QUESTION 22
    Which of the following file system types is used primarily for optical media?

    A.    FAT32
    B.    NTFS
    C.    HPFS
    D.    CDFS

    Answer: D
    Explanation:
    http://www.computerhope.com/jargon/c/cdfs.htm

    QUESTION 23
    When moving files from a Microsoft gaming console, which of the following command line utilities is recommended to transfer files?

    A.    IMAP
    B.    XCOPY
    C.    DISKPART
    D.    FDISK

    Answer: B
    Explanation:
    http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/xcopy.mspx?mfr=true

    QUESTION 24
    Which of the following should a technician implement to prevent external contractors from physically plugging devices into the company’s network jacks unless such jacks are designated for guest use?

    A.    Disable DHCP and assign a static IP address to each network device physically connected to the network.
    B.    Enable MAC address filtering across all network jacks and record the MAC address of guest devices.
    C.    Disable all switch ports when they are not utilized and enable them on an as needed basis.
    D.    Place guest network jacks in public areas and all other jacks in secure areas as needed.

    Answer: C
    Explanation:
    The best way is to disable all switch ports when they are not utilized. Switch them on when you need them. This way, you can prevent external contractors from physically plugging devices in to company’s network jacks.

    QUESTION 25
    After installing a new printer the organization determines that there are problems printing images and very large files. Which of the following will MOST likely resolve the issue?

    A.    Update the drivers using WHQL drivers
    B.    Install additional memory to each computer
    C.    Install additional memory to the printer
    D.    Apply the latest OS service pack

    Answer: C
    Explanation:
    http://www.ehow.com/how_6875286_install-printer-memory.html

    QUESTION 26
    Which of the following command line tools will terminate a non-system process without restarting the computer?

    A.    Shutdown
    B.    Kill
    C.    Erase
    D.    Break

    Answer: B
    Explanation:
    http://www.tech-recipes.com/rx/446/xp_kill_windows_process_command_line_taskkill/

    QUESTION 27
    After accidentally removing a hard drive from a server with three drives in a RAID 5 configuration, a technician notices the server locks up and shuts down. Which of the following can the technician do to quickly fix the problem?

    A.    Replace the RAID controller and boot.
    B.    Reinsert the drive and boot.
    C.    Plug the drive back in, the system will resume automatically.
    D.    Remove all drives and rebuild the array.

    Answer: B
    Explanation:
    Just reinsert the drive and boot the computer. The computer will start since it is a RAID 5 configuration.

    QUESTION 28
    A customer calls an IT consultant to explain an issue they are having with their Windows 7 Professional PC. Windows Update attempts to install patches upon each startup but fails on the same single update. The customer has attempted to re-run Windows Update from Control Panel but the issue remains. Which of the following courses of action would BEST resolve the problem?

    A.    Running a full DEFRAG on the system
    B.    Clearing the AppData temp folder entirely
    C.    Clearing the Windows Update download cache entirely
    D.    Uninstalling the Windows Update feature in Windows 7 and reinstalling it directly from the Microsoft website

    Answer: C
    Explanation:
    http://larsjoergensen.net/windows/windows-7/how-to-clear-the-windows-update-download-cache-in-windows-7

    QUESTION 29
    A user reports that their wireless connectivity is being spotty. The issue seems to interrupt their wireless signal connection when the laptop screen is tilted forward or backward during operation. When this happens, the entire wireless signal drops out until the screen is left in position for a
    good minute or so. Which of the following MOST likely explains what is happening?

    A.    The hinges on the laptop screen are not strong enough to support the wireless signal cables.
    B.    The wireless card is losing contact to its socket when the screen is opening/closing.
    C.    The laptop is designed to work optimally with wireless when the screen is at a perfect 90 degree angle.
    D.    The wireless signal cables are being crimped when the screen is opening/closing.

    Answer: D
    Explanation:
    http://compnetworking.about.com/od/wirelessfaqs/f/wifilaptoprange.htm

    QUESTION 30
    A user states that they cannot connect to the network or the Internet. The technician determines the issue is that the computer has a static IP address and needs to use DHCP to work correctly. The technician sets the NIC to automatically assign an IP address. Which of the following should the technician perform NEXT?

    A.    Identify the type of network card and what Operating System the computer is running
    B.    Confirm the computer is back on the network and has Internet connectivity
    C.    They need to annotate what the static IP address was and inform the employee’s manager
    D.    They need to determine why the NIC was assigned a static IP address

    Answer: B
    Explanation:
    http://technet.microsoft.com/en-us/library/dd183692(v=ws.10).aspx

    220-902 dumps full version (PDF&VCE): https://www.lead2pass.com/220-902.html

    Large amount of free 220-902 exam questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDMU1VNVhHQ08xR1E

    You may also need:

    220-901 exam dumps: https://drive.google.com/open?id=0B3Syig5i8gpDb0M0dHJiMS1ZZXM

  • [2018-3-19] Free Downloading SY0-501 Exam Dumps PDF From Lead2pass (211-220)

    Free Share SY0-501 PDF Dumps With Lead2pass Updated Exam Questions.v.2018-3-19.250q:

    https://www.lead2pass.com/sy0-501.html

    QUESTION 211
    A penetration tester finds that a company’s login credentials for the email client were client being sent in clear text. Which of the following should be done to provide encrypted logins to the email server?

    A.    Enable IPSec and configure SMTP.
    B.    Enable SSH and LDAP credentials.
    C.    Enable MIME services and POP3.
    D.    Enable an SSL certificate for IMAP services.

    (more…)

  • [2018-3-19] CompTIA Exam SY0-501 PDF Dump Free Download In Lead2pass (201-210)

    Free Share SY0-501 PDF Dumps With Lead2pass Updated Exam Questions.v.2018-3-19.250q:

    https://www.lead2pass.com/sy0-501.html

    QUESTION 201
    Which of the following must be intact for evidence to be admissible in court?

    A.    Chain of custody
    B.    Order of violation
    C.    Legal hold
    D.    Preservation (more…)

  • [2018-3-19] New Released Exam SY0-501 PDF Free From the Lead2pass (183-200)

    Free Share SY0-501 PDF Dumps With Lead2pass Updated Exam Questions.v.2018-3-19.250q:

    https://www.lead2pass.com/sy0-501.html

    QUESTION 183
    A system administrator wants to provide balance between the security of a wireless network and usability. The administrator is concerned with wireless encryption compatibility of older devices used by some employees. Which of the following would provide strong security and backward compatibility when accessing the wireless network?

    A.    Open wireless network and SSL VPN
    B.    WPA using a preshared key
    C.    WPA2 using a RADIUS back-end for 802.1x authentication
    D.    WEP with a 40-bit key

    Answer: C

    QUESTION 184
    An information security specialist is reviewing the following output from a Linux server.
    1841
    Based on the above information, which of the following types of malware was installed on the server? / local/

    A.    Logic bomb
    B.    Trojan
    C.    Backdoor
    D.    Ransomware
    E.    Rootkit

    Answer: C

    QUESTION 185
    In terms of encrypting data, which of the following is BEST described as a way to safeguard password data by adding random data to it in storage?

    A.    Using salt
    B.    Using hash algorithms
    C.    Implementing elliptical curve
    D.    Implementing PKI

    Answer: A

    QUESTION 186
    A system administrator wants to provide for and enforce wireless access accountability during events where external speakers are invited to make presentations to a mixed audience of employees and non-employees. Which of the following should the administrator implement?

    A.    Shared accounts
    B.    Preshared passwords
    C.    Least privilege
    D.    Sponsored guest

    Answer: D

    QUESTION 187
    Which of the following would MOST likely appear in an uncredentialed vulnerability scan?

    A.    Self-signed certificates
    B.    Missing patches
    C.    Auditing parameters
    D.    Inactive local accounts

    Answer: D

    QUESTION 188
    A security analyst observes the following events in the logs of an employee workstation:
    1881
    Given the information provided, which of the following MOST likely occurred on the workstation?

    A.    Application whitelisting controls blocked an exploit payload from executing.
    B.    Antivirus software found and quarantined three malware files.
    C.    Automatic updates were initiated but failed because they had not been approved.
    D.    The SIEM log agent was not turned properly and reported a false positive.

    Answer: A

    QUESTION 189
    When identifying a company’s most valuable assets as part of a BIA, which of the following should be the FIRST priority?

    A.    Life
    B.    Intellectual property
    C.    Sensitive data
    D.    Public reputation

    Answer: A

    QUESTION 190
    An organization needs to implement a large PKI. Network engineers are concerned that repeated transmission of the OCSP will impact network performance. Which of the following should the security analyst recommend is lieu of an OCSP?

    A.    CSR
    B.    CRL
    C.    CA
    D.    OID

    Answer: B

    QUESTION 191
    When considering a third-party cloud service provider, which of the following criteria would be the BEST to include in the security assessment process? (Select two.)

    A.    Use of performance analytics
    B.    Adherence to regulatory compliance
    C.    Data retention policies
    D.    Size of the corporation
    E.    Breadth of applications support

    Answer: BC

    QUESTION 192
    Which of the following occurs when the security of a web application relies on JavaScript for input validation?

    A.    The integrity of the data is at risk.
    B.    The security of the application relies on antivirus.
    C.    A host-based firewall is required.
    D.    The application is vulnerable to race conditions.

    Answer: A

    QUESTION 193
    An analyst is reviewing a simple program for potential security vulnerabilities before being deployed to a Windows server. Given the following code:
    1931
    Which of the following vulnerabilities is present?

    A.    Bad memory pointer
    B.    Buffer overflow
    C.    Integer overflow
    D.    Backdoor

    Answer: B

    QUESTION 194
    An organization’s file server has been virtualized to reduce costs. Which of the following types of backups would be MOST appropriate for the particular file server?

    A.    Snapshot
    B.    Full
    C.    Incremental
    D.    Differential

    Answer: C

    QUESTION 195
    A wireless network uses a RADIUS server that is connected to an authenticator, which in turn connects to a supplicant. Which of the following represents the authentication architecture in use?

    A.    Open systems authentication
    B.    Captive portal
    C.    RADIUS federation
    D.    802.1x

    Answer: D

    QUESTION 196
    An employer requires that employees use a key-generating app on their smartphones to log into corporate applications. In terms of authentication of an individual, this type of access policy is BEST defined as:

    A.    Something you have.
    B.    Something you know.
    C.    Something you do.
    D.    Something you are.

    Answer: A

    QUESTION 197
    Adhering to a layered security approach, a controlled access facility employs security guards who verify the authorization of all personnel entering the facility. Which of the following terms BEST describes the security control being employed?

    A.    Administrative
    B.    Corrective
    C.    Deterrent
    D.    Compensating

    Answer: A

    QUESTION 198
    A security analyst is hardening a web server, which should allow a secure certificate-based session using the organization’s PKI infrastructure. The web server should also utilize the latest security techniques and standards. Given this set of requirements, which of the following techniques should the analyst implement to BEST meet these requirements? (Select two.)

    A.    Install an X- 509-compliant certificate.
    B.    Implement a CRL using an authorized CA.
    C.    Enable and configure TLS on the server.
    D.    Install a certificate signed by a public CA.
    E.    Configure the web server to use a host header.

    Answer: AC

    QUESTION 199
    A manager wants to distribute a report to several other managers within the company. Some of them reside in remote locations that are not connected to the domain but have a local server. Because there is sensitive data within the report and the size of the report is beyond the limit of the email attachment size, emailing the report is not an option. Which of the following protocols should be implemented to distribute the report securely? (Select three.)

    A.    S/MIME
    B.    SSH
    C.    SNMPv3
    D.    FTPS
    E.    SRTP
    F.    HTTPS
    G.    LDAPS

    Answer: BDF

    QUESTION 200
    An auditor is reviewing the following output from a password-cracking tool:

    User:1: Password1
    User2: Recovery!
    User3: Alaskan10
    User4: 4Private
    User5: PerForMance2

    Which of the following methods did the author MOST likely use?

    A.    Hybrid
    B.    Dictionary
    C.    Brute force
    D.    Rainbow table

    Answer: A

    SY0-501 dumps full version (PDF&VCE): https://www.lead2pass.com/sy0-501.html

    Large amount of free SY0-501 exam questions on Google Drive: https://drive.google.com/open?id=1Hm6GQHDVOsEnyhNf3EHqIGEtor5IUsfu

    You may also need:

    SY0-401 exam dumps: https://drive.google.com/open?id=0B3Syig5i8gpDLXZsWm9MWmh0a0E

  • [March 2018] Lead2pass CompTIA SY0-501 Latest Exam Dumps Download 182q

    Lead2pass SY0-501 Exam Questions Free Download:

    https://www.lead2pass.com/sy0-501.html

    QUESTION 31
    Which of the following characteristics differentiate a rainbow table attack from a brute force attack? (Select TWO).

    A.    Rainbow table attacks greatly reduce compute cycles at attack time.
    B.    Rainbow tables must include precompiled hashes.
    C.    Rainbow table attacks do not require access to hashed passwords.
    D.    Rainbow table attacks must be performed on the network.
    E.    Rainbow table attacks bypass maximum failed login restrictions.

    (more…)

  • [March 2018] Lead2pass Free CompTIA SY0-401 Braindumps VCE Updated 1868q

    Lead2pass Latest SY0-401 Free Dumps Guarantee SY0-401 Certification Exam 100% Success:

    https://www.lead2pass.com/sy0-401.html

    QUESTION 11
    An administrator would like to review the effectiveness of existing security in the enterprise. Which of the following would be the BEST place to start?

    A.    Review past security incidents and their resolution
    B.    Rewrite the existing security policy
    C.    Implement an intrusion prevention system
    D.    Install honey pot systems

    Answer: C
    Explanation:
    The main functions of intrusion prevention systems are to identify malicious activity, log information about this activity, attempt to block/stop it, and report it

    QUESTION 12
    A company has proprietary mission critical devices connected to their network which are configured remotely by both employees and approved customers. The administrator wants to monitor device security without changing their baseline configuration.
    Which of the following should be implemented to secure the devices without risking availability?

    A.    Host-based firewall
    B.    IDS
    C.    IPS
    D.    Honeypot

    Answer: B
    Explanation:
    An intrusion detection system (IDS) is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a management station. IDS come in a variety of “flavors” and approach the goal of detecting suspicious traffic in different ways. There are network based (NIDS) and host based (HIDS) intrusion detection systems. Some systems may attempt to stop an intrusion attempt but this is neither required nor expected of a monitoring system. Intrusion detection and prevention systems (IDPS) are primarily focused on identifying possible incidents, logging information about them, and reporting attempts. In addition, organizations use IDPSes for other purposes, such as identifying problems with security policies, documenting existing threats and deterring individuals from violating security policies. IDPSes have become a necessary addition to the security infrastructure of nearly every organization.
    IDPSes typically record information related to observed events, notify security administrators of important observed events and produce reports. Many IDPSes can also respond to a detected threat by attempting to prevent it from succeeding. They use several response techniques, which involve the IDPS stopping the attack itself, changing the security environment (e.g. reconfiguring a firewall) or changing the attack’s content.

    QUESTION 13
    Lab Sim – Configure the Firewall
    Task: Configure the firewall (fill out the table) to allow these four rules:

    – Only allow the Accounting computer to have HTTPS access to the Administrative server.
    – Only allow the HR computer to be able to communicate with the Server 2 System over SCP.
    – Allow the IT computer to have access to both the Administrative Server 1 and Administrative Server 2

    131
    132

    Answer:
    Use the following answer for this simulation task.
    Below table has all the answers required for this question.

    133

    Explanation:
    Firewall rules act like ACLs, and they are used to dictate what traffic can pass between the firewall and the internal network. Three possible actions can be taken based on the rule’s criteria:

    Block the connection
    Allow the connection
    Allow the connection only if it is secured

    TCP is responsible for providing a reliable, one-to-one, connection-oriented session.
    TCP establishes a connection and ensures that the other end receives any packets sent.
    Two hosts communicate packet results with each other. TCP also ensures that packets are decoded and sequenced properly. This connection is persistent during the session.
    When the session ends, the connection is torn down.
    UDP provides an unreliable connectionless communication method between hosts.
    UDP is considered a best-effort protocol, but it’s considerably faster than TCP.
    The sessions don’t establish a synchronized session like the kind used in TCP, and UDP doesn’t guarantee error-free communications.
    The primary purpose of UDP is to send small packets of information.
    The application is responsible for acknowledging the correct reception of the data.
    Port 22 is used by both SSH and SCP with UDP.
    Port 443 is used for secure web connections ?HTTPS and is a TCP port.
    Thus to make sure only the Accounting computer has HTTPS access to the Administrative server you should use TCP port 443 and set the rule to allow communication between 10.4.255.10/24 (Accounting) and 10.4.255.101 (Administrative server1) Thus to make sure that only the HR computer has access to Server2 over SCP you need use of TCP port 22 and set the rule to allow communication between 10.4.255.10/23 (HR) and 10.4.255.2 (server2)
    Thus to make sure that the IT computer can access both the Administrative servers you need to use a port and accompanying port number and set the rule to allow communication between:
    10.4.255.10.25 (IT computer) and 10.4.255.101 (Administrative server1)
    10.4.255.10.25 (IT computer) and 10.4.255.102 (Administrative server2)

    QUESTION 14
    Hotspot Question
    The security administrator has installed a new firewall which implements an implicit DENY policy by default Click on the firewall and configure it to allow ONLY the following communication.

    1. The Accounting workstation can ONLY access the web server on the public network over the default HTTPS port. The accounting workstation should not access other networks.
    2. The HR workstation should be restricted to communicate with the Financial server ONLY, over the default SCP port
    3. The Admin workstation should ONLY be able to access the servers on the secure network over the default TFTP port.

    Instructions: The firewall will process the rules in a top-down manner in order as a first match The port number must be typed in and only one port number can be entered per rule Type ANY for all ports. The original firewall configuration can be reset at any time by pressing the reset button. Once you have met the simulation requirements, click save and then Done to submit.

    141

    142

    Answer:

    143

    Explanation:
    Implicit deny is the default security stance that says if you aren’t specifically granted access or privileges for a resource, you’re denied access by default.
    Rule #1 allows the Accounting workstation to ONLY access the web server on the public network over the default HTTPS port, which is TCP port 443.
    Rule #2 allows the HR workstation to ONLY communicate with the Financial server over the default SCP port, which is TCP Port 22
    Rule #3 & Rule #4 allow the Admin workstation to ONLY access the Financial and Purchasing servers located on the secure network over the default TFTP port, which is Port 69.

    QUESTION 15
    Which of the following firewall rules only denies DNS zone transfers?

    A.    deny udp any any port 53
    B.    deny ip any any
    C.    deny tcp any any port 53
    D.    deny all dns packets

    Answer: C
    Explanation:
    DNS operates over TCP and UDP port 53. TCP port 53 is used for zone transfers.

    QUESTION 16
    A security administrator suspects that an increase in the amount of TFTP traffic on the network is due to unauthorized file transfers, and wants to configure a firewall to block all TFTP traffic.
    Which of the following would accomplish this task?

    A.    Deny TCP port 68
    B.    Deny TCP port 69
    C.    Deny UDP port 68
    D.    Deny UDP port 69

    Answer: D
    Explanation:
    Trivial File Transfer Protocol (TFTP) is a simple file-exchange protocol that doesn’t require authentication. It operates on UDP port 69.

    QUESTION 17
    Sara, a security technician, has received notice that a vendor coming in for a presentation will require access to a server outside of the network. Currently, users are only able to access remote sites through a VPN connection. How could Sara BEST accommodate the vendor?

    A.    Allow incoming IPSec traffic into the vendor’s IP address.
    B.    Set up a VPN account for the vendor, allowing access to the remote site.
    C.    Turn off the firewall while the vendor is in the office, allowing access to the remote site.
    D.    Write a firewall rule to allow the vendor to have access to the remote site.

    Answer: D
    Explanation:
    Firewall rules are used to define what traffic is able pass between the firewall and the internal network. Firewall rules block the connection, allow the connection, or allow the connection only if it is secured. Firewall rules can be applied to inbound traffic or outbound traffic and any type of network.

    QUESTION 18
    A technician is deploying virtual machines for multiple customers on a single physical host to reduce power consumption in a data center. Which of the following should be recommended to isolate the VMs from one another?

    A.    Implement a virtual firewall
    B.    Install HIPS on each VM
    C.    Virtual switches with VLANs
    D.    Develop a patch management guide

    Answer: C
    Explanation:
    A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. VLANs are used for traffic management. VLANs can be used to isolate traffic between network segments.

    QUESTION 19
    A router has a single Ethernet connection to a switch. In the router configuration, the Ethernet interface has three sub-interfaces, each configured with ACLs applied to them and 802.1q trunks.
    Which of the following is MOST likely the reason for the sub-interfaces?

    A.    The network uses the subnet of 255.255.255.128.
    B.    The switch has several VLANs configured on it.
    C.    The sub-interfaces are configured for VoIP traffic.
    D.    The sub-interfaces each implement quality of service.

    Answer: B
    Explanation:
    A subinterface is a division of one physical interface into multiple logical interfaces. Routers commonly employ subinterfaces for a variety of purposes, most common of these are for routing traffic between VLANs. Also, IEEE 802.1Q is the networking standard that supports virtual LANs (VLANs) on an Ethernet network.

    QUESTION 20
    Joe, a technician at the local power plant, notices that several turbines had ramp up in cycles during the week. Further investigation by the system engineering team determined that a timed .exe file had been uploaded to the system control console during a visit by international contractors. Which of the following actions should Joe recommend?

    A.    Create a VLAN for the SCADA
    B.    Enable PKI for the MainFrame
    C.    Implement patch management
    D.    Implement stronger WPA2 Wireless

    Answer: A
    Explanation:
    VLANs are used for traffic management. VLANs can be used to isolate traffic between network segments. This can be accomplished by not defining a route between different VLANs or by specifying a deny filter between certain VLANs (or certain members of a VLAN). Any network segment that doesn’t need to communicate with another in order to accomplish a work task/function shouldn’t be able to do so.

    SY0-401 dumps full version (PDF&VCE): https://www.lead2pass.com/sy0-401.html

    Large amount of free SY0-401 exam questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDLXZsWm9MWmh0a0E

    You may also need:

    SY0-501 exam dumps: https://drive.google.com/open?id=1Hm6GQHDVOsEnyhNf3EHqIGEtor5IUsfu

  • [March 2018] New Lead2pass CompTIA PK0-004 New Questions Free Download 115q

    New Released Exam PK0-004 PDF Free From the Lead2pass:

    https://www.lead2pass.com/pk0-004.html

    QUESTION 11
    If a project sponsor wants to know the current status and progress of a project, which of the following is the BEST approach to find this information?

    A.    The project sponsor should obtain the current status from team members, put it into a presentation, and present it to the project manager for review.
    B.    The scheduler should obtain the current status from team members, apply it to the baseline of the schedule, and run a report
    C.    The scheduler should obtain the current status from team members, update the project charter, project management plan, dashboard, and SOW; and then create a status report to provide to the project manager.
    D.    The scheduler should obtain the current status from team members, update the risk register, and provide the information to the project champion for review

    Answer: B

    QUESTION 12
    Which documents does a vendor rely on to commit funding and resources to a project?

    A.    SOW
    B.    PO
    C.    SU
    D.    MOU

    Answer: B

    QUESTION 13
    A project coordinator logs potential events that can affect project constraints, and then records the results of brainstorm,TM of potential strategies.
    Which of the following documents should the project coordinator use?

    A.    Risk register
    B.    Issue log
    C.    Communication plan
    D.    Status report

    Answer: A

    QUESTION 14
    Which of the following describes how a project is related to a program?

    A.    A program is a combination of multiple projects.
    B.    A program contains an element of the project.
    C.    A program is a part of a project.
    D.    A program uses half of the project’s budget.

    Answer: A

    QUESTION 15
    Which of the following is a key aspect of the Agile project management methodology?

    A.    Test-driven
    B.    Daily standup meetings
    C.    Short project durations
    D.    Defined list of requirements

    Answer: B

    QUESTION 16
    Which of the following are examples of organizational change? (Choose two.).

    A.    Relocation
    B.    Scope
    C.    Business process
    D.    Schedule
    E.    Risk event

    Answer: AC

    QUESTION 17
    A vendor has accepted a proposed project from a customer.
    Which of the following is MOST likely to be the first document created by the project manager?

    A.    Project charter
    B.    Project management plan
    C.    Project statement of work
    D.    Project schedule

    Answer: B

    QUESTION 18
    The PMO is responsible for: (Choose two.),

    A.    managing the project plan, scope, risk, and budget.
    B.    contributing expertise, deliverables, and estimates of costs.
    C.    setting standards and practices for the organization and providing governance.
    D.    outlining consequences of non-performance and coordinating between disparate projects
    E.    approving funding, developing the project schedule, and gathering high-level requirements

    Answer: CD

    QUESTION 19
    Which of the following describes risk mitigation?

    A.    The transfer of the risk to another entity or project inside or outside the organization, along with associated costs
    B.    The understanding of the risk with a detailed explanation of how the project intends to address the potential for occurrence
    C.    The quantification of the risk in terms of how much the risk could potentially cost the project or parent organization
    D.    The weighting or prioritization of the risk against all other identified risks within this project or others associated with it

    Answer: B

    QUESTION 20
    A project manager has noticed poor attendance at status meetings. Which of the following strategies should the project manager use to improve attendance? (Choose two.)

    A.    Provide an agenda before the status meeting
    B.    Adhere to an agenda and scheduled time
    C.    Add non-project-related items to the agenda
    D.    Add and discuss new agenda items throughout the meeting.
    E.    Discard the action items at the conclusion of the meeting.

    Answer: AB

    PK0-004 dumps full version (PDF&VCE): https://www.lead2pass.com/pk0-004.html

    Large amount of free PK0-004 exam questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDYzdieENjeXZuVlU

  • [March 2018] Lead2pass 2018 100% Valid N10-006 Dumps Guarantee 100% Pass N10-006 Certification Exam 1521q

    2018 Exam N10-006 Dumps From Lead2pass Cover All New N10-006 New Questions:

    https://www.lead2pass.com/n10-006.html

    QUESTION 11
    Which of the following properties of DHCP would a technician use to ensure an IP address is not leased out from the active scope?

    A.    Reservations
    B.    Lease times
    C.    Removing IPs from the active leases
    D.    Configuring the DNS options

    (more…)

  • [March 2018] New Lead2pass CS0-001 Dumps PDF Version Released For Free Downloading 85q

    New Lead2pass CompTIA CS0-001 New Questions Free Download:

    https://www.lead2pass.com/cs0-001.html

    QUESTION 11
    A security analyst is adding input to the incident response communication plan.
    A company officer has suggested that if a data breach occurs, only affected parties should be notified to keep an incident from becoming a media headline.
    Which of the following should the analyst recommend to the company officer?

    A.    The first responder should contact law enforcement upon confirmation of a security incident in order for a forensics team to preserve chain of custody.
    B.    Guidance from laws and regulations should be considered when deciding who must be notified in order to avoid fines and judgements from non-compliance.
    C.    An externally hosted website should be prepared in advance to ensure that when an incident occurs victims have timely access to notifications from a non-compromised recourse.
    D.    The HR department should have information security personnel who are involved in the investigation of the incident sign non-disclosure agreements so the company cannot be held liable for customer data that might be viewed during an investigation. (more…)

Posts navigation