SECURITY+ CERTIFICATION
Index >> CompTIA >> Security+ >> "SY0-101"Exam
VUE/Prometric Code:SY0-101
Exam Name:SECURITY+ CERTIFICATION
Questions and Answers:600 Q&As
Price:$99
Updated:2008-11-12
Questions and Answers:600 Q&As
Price:$99
Updated:2008-11-12
| SECURITY+ CERTIFICATION | |||
| Test | Q&A | Updated | Price |
| SY0-101 | 600 Q&A | 2008-11-12 | $99 |
please download in PDF format Demo:
killtest SY0-101 Exam Features
High quality and Value for the SY0-101 Exam.
Killtest Practice Exams for SECURITY+ CERTIFICATION SY0-101 are written to the highest standards of technical accuracy, using only certified subject matter experts and published authors for development.
100% Guarantee to Pass Your Security+ exam and get your Security+ Certification.
We guarantee your success in the first attempt. If you do not pass the SY0-101 (SECURITY+ CERTIFICATION) on your first attempt we will give you a FULL REFUND of your purchasing fee AND send you another same value product for free.
killtest SY0-101 Downloadable.
Printable Exams (in PDF format) Our Exam SY0-101 Preparation Material provides you everything you will need to take your Security+ exam. The Security+ Certification details are researched and produced by Professional Certification Experts who are constantly using industry experience to produce precise, and logical. You may get Security+ exam questions from different web sites or books, but logic is the key. Our Product will help you not only pass in the first Security+ exam try, but also save your valuable time .
- Comprehensive questions with complete details about SY0-101 exam.
- SY0-101 exam questions accompanied by exhibits.
- Verified Answers Researched by Industry Experts and almost 100% correct.
- Drag and Drop questions as experienced in the Real Security+ exam.
- SY0-101 exam questions updated on regular basis.
- Like actual Security+ Certification exams, SY0-101 exam preparation is in multiple-choice questions (MCQs).
- Tested by many real Security+ exams before publishing.
- Try free Security+ exam demo before you decide to buy it in http://www.Killtest.com.
High quality and Value for the SY0-101 Exam:100% Guarantee to Pass Your Security+ exam and get your Security+ Certification.
http://www.Killtest.com The safer.easier way to get Security+ Certification.
We offer Demo version of Q&A, Q&A are as follows (not to provide picture):
SY0-101:please download SY0-101 in PDF format Demo
1.Who is responsible for establishing access permissions to network resources in the DAC access control model?
A.The system administrator.
B.The owner of the resource.
C.The system administrator and the owner of the resource.
D.The user requiring access to the resource.
Correct:B
2.Which access control system allows the owner of a resource to establish access permissions to that resource?
A.MAC
B.DAC
C.RBAC
D.None of the above.
Correct:B
3.Which access control system allows the system administrator to establish access permissions to network resources?
A.MAC
B.DAC
C.RBAC
D.None of the above.
Correct:A
4.Who is responsible for establishing access permissions to network resources in the MAC access control model?
A.The system administrator.
B.The owner of the resource.
C.The system administrator and the owner of the resource.
D.The user requiring access to the resource.
Correct:A
5.Which of the following access control models uses roles to determine access permissions?
A.MAC
B.DAC
C.RBAC
D.None of the above.
Correct:C
6.Which of the following protects the confidentiality of data by making the data unreadable to those who don't have the correct key?
A.Hashing
B.Digital signatures
C.Encryption
D.Non-repudiation
Correct:C
7.Most current encryption schemes are based on:
A.digital rights management
B.time stamps
C.randomizing
D.algorithms
Correct:D
8.The IPSec Security Association is managed by
A.ESP
B.ISAKMP
C.IEEE
D.AH
Correct:B
9.Which of the following types of cryptography is typically used to provide an integrity check?
A.Public key
B.Asymmetric
C.Symmetric
D.Hash
Correct:D
10.Message authentication codes are used to provide which service?
A.Integrity
B.Fault recover
C.Key recovery
D.Acknowledgement
Correct:A
11.How is access control permissions established in the RBAC access control model?
A.The system administrator.
B.The owner of the resource.
C.The role or responsibilities users have in the organization.
D.None of the above.
Correct:C
12.Which access control model uses Access Control Lists to identify the users who have permissions to a resource?
A.MAC
B.RBAC
C.DAC
D.None of the above.
Correct:C
13.What does the DAC access control model use to identify the users who have permissions to a resource?
A.Predefined access privileges.
B.The role or responsibilities users have in the organization
C.Access Control Lists
D.None of the above.
Correct:C
14.A user has a sensitive message that needs to be sent in via email. The message needs to be protected from interception. Which of the following should be used when sending the email?
A.Digital signatures
B.Social engineering
C.Encryption
D.Non-repudiation
Correct:C
15.Which of the following refers to the ability to be reasonably certain that data is not disclosed to unintended persons?
A.Non-repudiation
B.Integrity
C.Authentication
D.Confidentiality
Correct:D
16.While surfing the Internet a user encounters a pop-up window that prompts the user to download a browser plug-in. The pop-up window is a certificate which validates the identity of the plug-in developer. Which of the following BEST describes this type of certificate?
A.Software publisher certificate
B.Web certificate
C.Certificate Authority (CA) certificate
D.Server certificate
Correct:A
17.Which of the following describes a type of algorithm that cannot be reversed in order to decode the data?
A.Symmetric
B.One Way Function
C.Asymmetric
D.Pseudorandom Number Generator (PRNG)
Correct:B
18.The MOST common Certificate Server port required for secure web page access is port:
A.25
B.80
C.443
D.446
Correct:C
19.Secret Key encryption is also known as:
A.symmetrical
B.replay
C.one way function.
D.asymmetrical
Correct:A
20.A public key _____________ is a pervasive system whose services are implemented and delivered using public key technologies that include Certificate Authority (CA), digital certificates, non-repudiation, and key history management.
A.cryptography scheme
B.distribution authority
C.exchange
D.infrastructure
Correct:D
21.What does the MAC access control model use to identify the users who have permissions to a resource?
A.Predefined access privileges.
B.The role or responsibilities users have in the organization
C.Access Control Lists
D.None of the above
Correct:A
22.Which of the following statements regarding access control models is FALSE?
A.The MAC model uses predefined access privileges to a resource to determine a user's access permissions to a resource.
B.The RBAC model uses the role or responsibilities users have in the organization to determine a user's access permissions to a resource.
C.In the DAC model a user's access permissions to a resource is mapped to the user's account.
D.The MAC model uses Access Control Lists (ACLs) to map a user's access permissions to a resource.
Correct:D
23.Which of the following statements regarding the MAC access control models is TRUE?
A.The Mandatory Access Control (MAC) model is a dynamic model.
B.In the Mandatory Access Control (MAC) the owner of a resource establishes access privileges to that resource.
C.In the Mandatory Access Control (MAC) users cannot share resources dynamically.
D.The Mandatory Access Control (MAC) model is not restrictive.
Correct:C
24.Choose the mechanism that is NOT a valid access control mechanism.
A.DAC (Discretionary Access Control) list.
B.SAC (Subjective Access Control) list.
C.MAC (Mandatory Access Control) list.
D.RBAC (Role Based Access Control) list.
Correct:B
25.Which of the following are types of certificate-based authentication? (Select TWO)
A.Many-to-one mapping
B.One-to-one mapping
C.One-to-many mapping
D.Many-to-many mapping
Correct:A B
26.Which of the following would be an example of a high-availability disk technology?
A.Load balancing
B.Clustering
C.RAID
D.Remote access
Correct:C
27.The ability to logon to multiple systems with the same credentials is typically known as:
A.decentralized management
B.single sign-on
C.Role Based Access Control (RBAC)
D.centralized management
Correct:B
28.The first step in risk identification would be to identify:
A.assets
B.costs
C.threats
D.vulnerabilities
Correct:A
29.Which of the following would be MOST important to have to ensure that a company will be able to recover in case of severe environmental trouble or destruction?
A.Disaster recovery plan
B.Alternate sites
C.Offsite storage
D.Fault tolerant systems
Correct:A
30.During a live response to an unauthorized access, a forensics specialist executes a command on the computer being investigated. Which of the following commands would be used to display the current network connections on the local computer?
A.NETSTAT
B.IPCONFIG / IFCONFIG
C.nmap
D.netcat
Correct:A
A.The system administrator.
B.The owner of the resource.
C.The system administrator and the owner of the resource.
D.The user requiring access to the resource.
Correct:B
2.Which access control system allows the owner of a resource to establish access permissions to that resource?
A.MAC
B.DAC
C.RBAC
D.None of the above.
Correct:B
3.Which access control system allows the system administrator to establish access permissions to network resources?
A.MAC
B.DAC
C.RBAC
D.None of the above.
Correct:A
4.Who is responsible for establishing access permissions to network resources in the MAC access control model?
A.The system administrator.
B.The owner of the resource.
C.The system administrator and the owner of the resource.
D.The user requiring access to the resource.
Correct:A
5.Which of the following access control models uses roles to determine access permissions?
A.MAC
B.DAC
C.RBAC
D.None of the above.
Correct:C
6.Which of the following protects the confidentiality of data by making the data unreadable to those who don't have the correct key?
A.Hashing
B.Digital signatures
C.Encryption
D.Non-repudiation
Correct:C
7.Most current encryption schemes are based on:
A.digital rights management
B.time stamps
C.randomizing
D.algorithms
Correct:D
8.The IPSec Security Association is managed by
A.ESP
B.ISAKMP
C.IEEE
D.AH
Correct:B
9.Which of the following types of cryptography is typically used to provide an integrity check?
A.Public key
B.Asymmetric
C.Symmetric
D.Hash
Correct:D
10.Message authentication codes are used to provide which service?
A.Integrity
B.Fault recover
C.Key recovery
D.Acknowledgement
Correct:A
11.How is access control permissions established in the RBAC access control model?
A.The system administrator.
B.The owner of the resource.
C.The role or responsibilities users have in the organization.
D.None of the above.
Correct:C
12.Which access control model uses Access Control Lists to identify the users who have permissions to a resource?
A.MAC
B.RBAC
C.DAC
D.None of the above.
Correct:C
13.What does the DAC access control model use to identify the users who have permissions to a resource?
A.Predefined access privileges.
B.The role or responsibilities users have in the organization
C.Access Control Lists
D.None of the above.
Correct:C
14.A user has a sensitive message that needs to be sent in via email. The message needs to be protected from interception. Which of the following should be used when sending the email?
A.Digital signatures
B.Social engineering
C.Encryption
D.Non-repudiation
Correct:C
15.Which of the following refers to the ability to be reasonably certain that data is not disclosed to unintended persons?
A.Non-repudiation
B.Integrity
C.Authentication
D.Confidentiality
Correct:D
16.While surfing the Internet a user encounters a pop-up window that prompts the user to download a browser plug-in. The pop-up window is a certificate which validates the identity of the plug-in developer. Which of the following BEST describes this type of certificate?
A.Software publisher certificate
B.Web certificate
C.Certificate Authority (CA) certificate
D.Server certificate
Correct:A
17.Which of the following describes a type of algorithm that cannot be reversed in order to decode the data?
A.Symmetric
B.One Way Function
C.Asymmetric
D.Pseudorandom Number Generator (PRNG)
Correct:B
18.The MOST common Certificate Server port required for secure web page access is port:
A.25
B.80
C.443
D.446
Correct:C
19.Secret Key encryption is also known as:
A.symmetrical
B.replay
C.one way function.
D.asymmetrical
Correct:A
20.A public key _____________ is a pervasive system whose services are implemented and delivered using public key technologies that include Certificate Authority (CA), digital certificates, non-repudiation, and key history management.
A.cryptography scheme
B.distribution authority
C.exchange
D.infrastructure
Correct:D
21.What does the MAC access control model use to identify the users who have permissions to a resource?
A.Predefined access privileges.
B.The role or responsibilities users have in the organization
C.Access Control Lists
D.None of the above
Correct:A
22.Which of the following statements regarding access control models is FALSE?
A.The MAC model uses predefined access privileges to a resource to determine a user's access permissions to a resource.
B.The RBAC model uses the role or responsibilities users have in the organization to determine a user's access permissions to a resource.
C.In the DAC model a user's access permissions to a resource is mapped to the user's account.
D.The MAC model uses Access Control Lists (ACLs) to map a user's access permissions to a resource.
Correct:D
23.Which of the following statements regarding the MAC access control models is TRUE?
A.The Mandatory Access Control (MAC) model is a dynamic model.
B.In the Mandatory Access Control (MAC) the owner of a resource establishes access privileges to that resource.
C.In the Mandatory Access Control (MAC) users cannot share resources dynamically.
D.The Mandatory Access Control (MAC) model is not restrictive.
Correct:C
24.Choose the mechanism that is NOT a valid access control mechanism.
A.DAC (Discretionary Access Control) list.
B.SAC (Subjective Access Control) list.
C.MAC (Mandatory Access Control) list.
D.RBAC (Role Based Access Control) list.
Correct:B
25.Which of the following are types of certificate-based authentication? (Select TWO)
A.Many-to-one mapping
B.One-to-one mapping
C.One-to-many mapping
D.Many-to-many mapping
Correct:A B
26.Which of the following would be an example of a high-availability disk technology?
A.Load balancing
B.Clustering
C.RAID
D.Remote access
Correct:C
27.The ability to logon to multiple systems with the same credentials is typically known as:
A.decentralized management
B.single sign-on
C.Role Based Access Control (RBAC)
D.centralized management
Correct:B
28.The first step in risk identification would be to identify:
A.assets
B.costs
C.threats
D.vulnerabilities
Correct:A
29.Which of the following would be MOST important to have to ensure that a company will be able to recover in case of severe environmental trouble or destruction?
A.Disaster recovery plan
B.Alternate sites
C.Offsite storage
D.Fault tolerant systems
Correct:A
30.During a live response to an unauthorized access, a forensics specialist executes a command on the computer being investigated. Which of the following commands would be used to display the current network connections on the local computer?
A.NETSTAT
B.IPCONFIG / IFCONFIG
C.nmap
D.netcat
Correct:A
