SY0-301 무료 덤프문제 온라인 액세스

In order to maintain oversight of a third party service provider, the company is going to implement a Governance, Risk, and Compliance (GRC) system. This system is promising to provide overall security posture coverage. Which of the following is the MOST important activity that should be considered?

• A.Baseline configuration and host hardening
• B.Service Level Agreement (SLA) monitoring
• C.Continuous security monitoring
• D.Security alerting and trending

Which of the following can BEST help prevent cross-site scripting attacks and buffer overflows on a production system?

• A.Input validation
• B.Anomaly-based HIDS
• C.Network intrusion detection system
• D.Peer review

Which of the following ports would be blocked if Pete, a security administrator, wants to deny access to websites?

• A.25
• B.3389
• C.21
• D.80

A company storing data on a secure server wants to ensure it is legally able to dismiss and prosecute staff who intentionally access the server via Telnet and illegally tamper with customer data. Which of the following administrative controls should be implemented to BEST achieve this?

• A.Restricted interface
• B.Command shell restrictions
• C.Session output pipe to /dev/null
• D.Warning banners

Joe, a newly hired employee, has a corporate workstation that has been compromised due to several visits to P2P sites. Joe insisted that he was not aware of any company policy that prohibits the use of such web sites. Which of the following is the BEST method to deter employees from the improper use of the company's information systems?

• A.Privacy Policy
• B.Security Policy
• C.Human Resource Policy
• D.Acceptable Use Policy