Free SY0-201 Demo Download
TestInside offers free demo for Security SY0-201 exam (CompTIA Security+(2008 Edition) Exam). You can check out the interface, question quality and usability of our practice exams before you decide to buy it. We are the only one site can offer demo for almost all products.
1. Which of the following statements is TRUE regarding the Security Token system?
A. If your token does not grant you access to certain information, that information will either not be
displayed or your access will be denied. The authentication system creates a token every time a user or a
session begins. At the completion of a session, the token is destroyed.
B. A certificate being handed from the server to the client once authentication has been established. If you
have a pass, you can wander throughout the network. BUT limited access is allowed.
C. The authentication process uses a Key Distribution Center (KDC) to orchestrate the entire process. The
KDC authenticates the network. Principles can be users, programs, or systems. The KDC provides a ticket
to the network. Once this ticket is issued, it can be used to authenticate against other principles. This
occurs automatically when a request or service is performed by another network.
D. The initiator sends a logon request from the client to the server. The server sends a challenge back to
the client. The challenge is encrypted and then sent back to the server. The server compares the value from
the client and if the information matches, the server grants authorization. If the response fails, the session
fails and the request phase starts over
Answer: A
2. Which of the following portions of a company’s network is between the Internet and an internal network?
A. IDS
B. Demilitarized zone (DMZ)
C. Filter router
D. Bastion host
Answer: B
3. Which of the following is MOST often used to allow a client or partner access to a network?
A. Extranet
B. Intranet
C. VLAN
D. Demilitarized zone (DMZ)
Answer: A
4. Which of the following types of firewalls provides inspection at layer 7 of the OSI model?
A. Application-proxy
B. Network address translation (NAT)
C. Packet filters
D. Stateful inspection
Answer: A
5. Which one of the following is not Bluetooth threat?
A. blue jacking.
B. bluesnarfing.
C. discovery mode.
D. a smurf attack.
Answer: D
6. A company implements an SMTP server on their firewall. This implementation would violate which of the
following security principles?
A. Keep the solution simple
B. Use a device as intended
C. Create an in-depth defense
D. Address internal threats
Answer: B
7. A company is upgrading the network and needs to reduce the ability of users on the same floor and
network segment to see each other’s traffic. Which of the following network devices should be
used?
A. Router
B. Hub
C. Switch
D. Firewall
Answer: C
8. In computing, a Uniform Resource Locator (URL) is a type of Uniform Resource Identifier (URI) that
specifies where an identified resource is available and the mechanism for retrieving it. When a user
attempts to go to a website, he notices the URL has changed, which attack will MOST likely cause the
problem?
A. ARP poisoning
B. DLL injection
C. DNS poisoning
D. DDoS attack
Answer: C
9. A companys security’ specialist is securing a web server that is reachable from the Internet. The web
server is located in the core internal corporate network. The network cannot be redesigned and the server
cannot be moved. Which of the following should the security specialist implement to secure the web server?
(Select TWO).
A. Router with an IDS module
B. Network-based IDS
C. Host-based IDS
D. Host-based firewall
Answer: CD
10. A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an
attempt to make a computer resource unavailable to its intended users. Which method can be used to
perform denial of service (DoS) attacks?
A. Adware
B. Botnet
C. Spyware
D. Privilege escalation
Answer: B
Related posts:
- share the Cisco 640-553 Exam study guide All most all IT professionals are familiar with the Cisco...
- share the IBM 000-135 Exam study guide TestInside is very confident on their study materials that it...
- share the vcp-410 Exam study materials TestInside also offers VCP-410 for the preparation of certification candidates....
- share the Cisco 350-030 Exam study guide The 350-030 test questions give you possibility to work in...
- share the Cisco 640-802 Exam study guide Cisco Certification 640-802 exam is one of the best certifications...
Related posts brought to you by Yet Another Related Posts Plugin.