2014 Latest CompTIA ADR-001 Exam Dump Free Download!

An architectural review is BEST for finding which of the following security defects?

A.    Malware infection vectors
B.    SQL or other injection flaws
C.    Design flaws
D.    Zero-day vulnerabilities

Answer: C

Which of the following describes a security risk that may have to be accepted when using a commercial cross-platform mobile application framework?

A.    Allowing code to run outside the app sandbox
B.    Installing HTML 5 support on user device
C.    Digest authentication without HTTPS
D.    Using native code libraries without source code review

Answer: D

In an application architecture diagram, what categories of weaknesses are considered using Microsoft’s threat modeling process?

A.    Man-in-the-middle, Data injection, SQL Injection, Malware, Zero-day exploits
B.    Damage, Reproducibility, Exploitability, Affected users, Discoverability
C.    Spoofing, Tampering, Repudiation, Information disclosure, Denial of service, Elevation of privilege
D.    Cross site scripting, Clickjacking, Data input validation, SSL, RSA security, Buffer overflow, Heap smashing, ARP injection

Answer: C

Android’s kernel-level app sandbox provides security by:

A.    assigning a unique user ID (UID) to each app and running in a separate process.
B.    running all apps under an unprivileged group ID (GID).
C.    restricting read access to an app’s package to the kernel process.
D.    preventing an app’s data files from being read by any running process.

Answer: A

The digital certificate used to sign the production release should be:

A.    regenerated for each version of the app.
B.    stored inside the app package before deployment.
C.    stored in a secure location separate from the passphrase.
D.    stored with the source code so all developers can build the app.

Answer: C

Which statement about native code in apps is TRUE?

A.    Native code is faster because it runs as a separate user ID (UID) giving it direct access to restricted APIs.
B.    Native code is run under the same user ID (UID) as the Java app and therefore comes under the same sandbox restrictions.
C.    Native code is executed by the kernel with increased privileges and is mainly used for root operations.
D.    Native code runs outside the Dalvik VM and therefore is not restricted by the sandbox.

Answer: B

When an app creates a configuration file in its private data directory the developer should ensure:

A.    that the file path is determined with getExternalStorageDirectory().
B.    that the file is created world writable.
C.    that file ownership is set to system.
D.    that the file is not created world readable.

Answer: D

An example of APIs protected by permissions would bE. (Select TWO).

A.    SIM card access
B.    Telephony functions
C.    File handling functions
D.    Encryption functions
E.    Network/data connections

Answer: BE

An app accessing protected APIs should use which manifest declaration?

A.    app-permissions
B.    add-permissions
C.    grant-permission
D.    uses-permission

Answer: D

The MOST likely reason the developer might want to define their own permission in the manifest is because:

A.    they wish to ensure that only their app has the permission to launch their activities or access their private data.
B.    they wish to prevent the user from granting access to protected functionality by mistake.
C.    they wish to define a permission to access system APIs and native libraries.
D.    they wish to restrict access to a function in their app to only those apps which are specifically granted access by the user.

Answer: D

Valid permission protection levels are. (Select TWO).

A.    private
B.    signature
C.    user
D.    public
E.    dangerous

Answer: BE

The checkCallingPermission() method is used when:

A.    the app needs to determine what permission is required for it to make a call.
B.    the app needs to determine if it should allow an incoming call from another app.
C.    the app needs to determine whether it has permission to make a call.
D.    the app needs to determine what permissions are required to call a specific API.

Answer: B

Which of the following is a more secure way for a developer to give 3rd party apps temporary access to resources in their app, such as opening attachments in an external editor?

A.    Make use of grantTempAccess()
B.    Make use of per-URI permissions
C.    Temporarily make files world readable
D.    Temporarily store files on SD Card

Answer: B

Passing your CompTIA ADR-001 Exam by using the latest CompTIA ADR-001 Exam Dump Full Version: http://www.braindump2go.com/adr-001.html

2014 Latest CompTIA 220-701 Exam Dump Free Download!

A technician installs an additional hard drive controller. Which of the following processes will MOST likely prevent errors?

A.    1) Apply System Updates
2) Update the BIOS
3) Install the card
4) Install the driver
5) Upgrade the Card Firmware
B.    1) Install the card
2) Update the BIOS
3) Upgrade the Card Firmware
4) Install the driver
5) Apply System Updates
C.    1) Apply System Updates
2) Install the driver
3) Install the card
4) Upgrade the Card Firmware
5) Update the BIOS
D.    1) Update the BIOS
2) Install the driver
3) Install the card
4) Upgrade the Card Firmware
5) Apply System Updates

Answer: A

What is the MINIMUM Windows Experience Index recommended for using Aero enhancements in Windows 7?

A.    2.0
B.    3.0
C.    4.0
D.    5.0

Answer: B

On a Windows XP machine, which of the following settings should be configured to allow dragging of files without holding the mouse button?

A.    ScrollLock
B.    StickyKeys
C.    MouseKeys
D.    ClickLock

Answer: D

Which of the following utilities would be used to configure energy saving measures when a laptop switches to battery power?

B.    ACPI
C.    GDI

Answer: B

A user states that they unplugged their mouse to clean the roller ball, but after plugging it back in the mouse no longer functions. Which of the following is the MOST likely cause of this issue?

A.    The mouse has a PS/2 connector which is not hot-swappable.
B.    The mouse roller ball is now too smooth to gain traction.
C.    The mouse was broken before the user unplugged to clean it.
D.    The mouse has a USB connector that is not getting enough power.

Answer: A

Which of the following features are available in Windows 7 Professional beyond those available in Windows 7 Home Premium?

A.    HomeGroup
B.    Windows XP Mode
C.    Aero Desktop
D.    Internet Explorer 8

Answer: B

Traffic coming across port 443 is for which of the following protocols?

A.    SFTP
B.    FTP
C.    HTTP

Answer: D

Which of the following security threats are MOST likely prevented through user training?

A.    Network Intrusion
B.    Adware Popups
C.    Social Engineering
D.    Spam Messages

Answer: C

A user states that whenever they try to launch a certain installed application, they hear unusual whirring/clicking sounds from their machine and the application never loads. Which of the following components would a technician MOST likely need to replace?

A.    Hard Disk Drive
B.    Optical Drive
C.    Power Supply Unit
D.    Case Fan

Answer: A

A user states that they are trying to project their laptop to a screen for a presentation. They have plugged the projector cable into their laptop, and turned the projector on, but no signal is found. Which of the following should the technician perform FIRST?

A.    Ensure the projector is receiving power
B.    Verify the laptop is not running on battery
C.    Toggle the function key for displays
D.    Replace the projector cable with another

Answer: C

Which of the following are supported bus widths for a PCIe bus slot? (Select TWO).

A.    1x
B.    3x
C.    6x
D.    16x
E.    24x

Answer: AD

Which of the following BEST describes the function of hyperthreading support within a CPU?

A.    Allows the core to create a separate space to process threads
B.    Allows the processor to handle multiple threads per core
C.    Allows the core to shift to a higher clock speed based on thread count
D.    Allows the processor to reject certain threads to increase performance

Answer: B

Which of the following is the MOST likely default configuration for a serial port?

A.    8 Data bits, Odd Parity, 1 stop bit
B.    8 Data bits, Even Parity, 2 stop bits
C.    8 Data bits, No Parity, 1.5 Stop bits
D.    8 Data bits, No Parity, 1 Stop bit

Answer: D

Which of the following are impact printers? (Select TWO).

A.    Line printer
B.    Dot matrix printer
C.    Thermal transfer printer
D.    Inkjet printer
E.    Xerographic printer

Answer: AB

After creating backups of critical system and user data, which of the following is the BEST location to store the backups?

A.    In the supply closet so anyone can access them if needed
B.    Near the server for easy access to restore files
C.    Locked in a cabinet in the IT Manager’s office
D.    At a secure off-site storage facility

Answer: D
Passing your CompTIA 220-701 Exam by using the latest CompTIA 220-701 Exam Dump Full Version: http://www.braindump2go.com/220-701.html

Official 2014 Latest CompTIA SY0-401 Demo Free Download!

Which of the following protocols operates at the HIGHEST level of the OSI model?

A.    ICMP
B.    IPSec
C.    SCP
D.    TCP

Answer: C

Which of the following should an administrator implement to research current attack methodologies?

A.    Design reviews
B.    Honeypot
C.    Vulnerability scanner
D.    Code reviews

Answer: B

Drag and Drop Question
Task: Determine the types of attacks below by selecting an option from the dropdown list.

Which of the following can be implemented in hardware or software to protect a web server from cross-site scripting attacks?

A.    Intrusion Detection System
B.    Flood Guard Protection
C.    Web Application Firewall
D.    URL Content Filter

Answer: C

Which of the following means of wireless authentication is easily vulnerable to spoofing?

A.    MAC Filtering
B.    WPA – LEAP
C.    WPA – PEAP
D.    Enabled SSID

Answer: A

Lab Sim – Configure the Firewall
Task: Configure the firewall (fill out the table) to allow these four rules:
– Only allow the Accounting computer to have HTTPS access to the Administrative server.
– Only allow the HR computer to be able to communicate with the Server 2 System over SCP.
– Allow the IT computer to have access to both the Administrative Server 1 and Administrative Server 2
Use the following answer for this simulation task. Below table has all the answers required for this question.

Jane, a security administrator, needs to implement a secure wireless authentication method that uses a remote RADIUS server for authentication.
Which of the following is an authentication method Jane should use?

A.    WPA2-PSK
C.    CCMP
D.    LEAP

Answer: D

Computer evidence at a crime scene is documented with a tag stating who had possession of the evidence at a given time.
Which of the following does this illustrate?

A.    System image capture
B.    Record time offset
C.    Order of volatility
D.    Chain of custody

Answer: D

A network administrator is configuring access control for the sales department which has high employee turnover. Which of the following is BEST suited when assigning user rights to individuals in the sales department?

A.    Time of day restrictions
B.    Group based privileges
C.    User assigned privileges
D.    Domain admin restrictions

Answer: B

Which of the following is being tested when a company’s payroll server is powered off for eight hours?

A.    Succession plan
B.    Business impact document
C.    Continuity of operations plan
D.    Risk assessment plan

Answer: C

A security analyst, Ann, is reviewing an IRC channel and notices that a malicious exploit has been created for a frequently used application. She notifies the software vendor and asks them for remediation steps, but is alarmed to find that no patches are available to mitigate this vulnerability.
Which of the following BEST describes this exploit?

A.    Malicious insider threat
B.    Zero-day
C.    Client-side attack
D.    Malicious add-on

Answer: B

A security administrator has concerns about new types of media which allow for the mass distribution of personal comments to a select group of people. To mitigate the risks involved with this media, employees should receive training on which of the following?

A.    Peer to Peer
B.    Mobile devices
C.    Social networking
D.    Personally owned devices

Answer: C

A network administrator is responsible for securing applications against external attacks. Every month, the underlying operating system is updated. There is no process in place for other software updates.
Which of the following processes could MOST effectively mitigate these risks?

A.    Application hardening
B.    Application change management
C.    Application patch management
D.    Application firewall review

Answer: C

If you want to pass the CompTIA SY0-401 Exam sucessfully, recommend to read latest CompTIA SY0-401 Demo full version.

Pages: 1 2 ... 19 20 21 22 23 24 25 26