Never any provider can offer you you any guarantee that you will definitely get from the CompTIA SY0-401 exam. And by no means a provider may offer a person so many types of certification exam products. Itll enable you not only pass the exam however also enhance your ability as well as skills as well as enrich your knowledge. These are quite useful throughout the practical work. Download your free sample questions as well as check the idea by on your own before acquiring and then produce a your decision. If you get no thought about the CompTIA SY0-401 exam products as well as dont recognize how to put together for your exam, the experts will offer you several tips as well as advice. As well as the CompTIA CompTIA exam study guidebook will in addition give you any systematic outline. They are presented in the form of chapter. Every single chapter conclude the main points at the initial page. You should master the essential words as well as make full use of your study guidebook.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for CompTIA SY0-401 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/SY0-401-exam-dumps.html
2021 Mar SY0-401 exam answers
Q101. Joe, a security analyst, asks each employee of an organization to sign a statement saying that they understand how their activities may be monitored. Which of the following BEST describes this statement? (Select TWO).
A. Acceptable use policy
B. Risk acceptance policy
C. Privacy policy
D. Email policy
E. Security policy
Answer: A,C
Explanation:
Privacy policies define what controls are required to implement and maintain the sanctity of data privacy in the work environment. Privacy policy is a legal document that outlines how data collected is secured. It should encompass information regarding the information the company collects, privacy choices you have based on your account, potential information sharing of your data with other parties, security measures in place, and enforcement. Acceptable use policies (AUPs) describe how the employees in an organization can use company systems and resources, both software and hardware.
Q102. Joe, a user, reports to the system administrator that he is receiving an error stating his certificate has been revoked. Which of the following is the name of the database repository for these certificates?
A. CSR
B. OCSP
C. CA
D. CRL
Answer: D
Explanation:
A certificate revocation list (CRL) is created and distributed to all CAs to revoke a certificate or key.
Q103. Which of the following is a hardware based encryption device?
A. EFS
B. TrueCrypt
C. TPM
D. SLE
Answer: C
Explanation:
Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores cryptographic keys, passwords, or certificates.
Q104. A company with a US-based sales force has requested that the VPN system be configured to authenticate the sales team based on their username, password and a client side certificate.
Additionally, the security administrator has restricted the VPN to only allow authentication from the US territory. How many authentication factors are in use by the VPN system?
A. 1
B. 2
C. 3
D. 4
Answer: C
Explanation:
Three different types of authentication factors have been used in this question:
Something you know – username and password.
Something you have - client side certificate.
Somewhere you are - authentication to the VPN is only allowed from the U.S. territory.
Q105. Which of the following would Matt, a security administrator, use to encrypt transmissions from an internal database to an internal server, keeping in mind that the encryption process must add as little latency to the process as possible?
A. ECC
B. RSA
C. SHA
D. 3DES
Answer: D
Explanation:
3DES would be less secure compared to ECC, but 3DES would require less computational power. Triple-DES (3DES) is a technological upgrade of DES. 3DES is still used, even though AES is the preferred choice for government applications. 3DES is considerably harder to break than many other systems, and it’s more secure than DES. It increases the key length to 168 bits (using three 56-bit DES keys).
Latest SY0-401 real exam:
Q106. The marketing department wants to distribute pens with embedded USB drives to clients. In the past this client has been victimized by social engineering attacks which led to a loss of sensitive data. The security administrator advises the marketing department not to distribute the USB pens due to which of the following?
A. The risks associated with the large capacity of USB drives and their concealable nature
B. The security costs associated with securing the USB drives over time
C. The cost associated with distributing a large volume of the USB pens
D. The security risks associated with combining USB drives and cell phones on a network
Answer: A
Explanation:
USB drive and other USB devices represent a security risk as they can be used to either bring malicious code into a secure system or to copy and remove sensitive data out of the system.
Q107. A CRL is comprised of.
A. Malicious IP addresses.
B. Trusted CA’s.
C. Untrusted private keys.
D. Public keys.
Answer: D
Explanation:
A certificate revocation list (CRL) is created and distributed to all CAs to revoke a certificate or
key.
By checking the CRL you can check if a particular certificate has been revoked.
The certificates for which a CRL should be maintained are often X.509/public key certificates, as
this format is commonly used by PKI schemes.
Q108. Which of the following is true about an email that was signed by User A and sent to User B?
A. User A signed with User B’s private key and User B verified with their own public key.
B. User A signed with their own private key and User B verified with User A’s public key.
C. User A signed with User B’s public key and User B verified with their own private key.
D. User A signed with their own public key and User B verified with User A’s private key.
Answer: B
Explanation:
The sender uses his private key, in this case User A's private key, to create a digital signature.
The message is, in effect, signed with the private key. The sender then sends the message to the
receiver. The receiver (User B) uses the public key attached to the message to validate the digital
signature. If the values match, the receiver knows the message is authentic.
The receiver uses a key provided by the sender—the public key—to decrypt the message.
Q109. One of the most consistently reported software security vulnerabilities that leads to major exploits is:
A. Lack of malware detection.
B. Attack surface decrease.
C. Inadequate network hardening.
D. Poor input validation.
Answer: D
Explanation:
D: With coding there are standards that should be observed. Of these standards the most fundamental is input validation. Attacks such as SQL injection depend on unfiltered input being sent through a web application. This makes for a software vulnerability that can be exploited. There are two primary ways to do input validation: client-side validation and server-side validation. Thus with poor input validation you increase your risk with regard to exposure to major software exploits.
Q110. Which of the following is an application security coding problem?
A. Error and exception handling
B. Patch management
C. Application hardening
D. Application fuzzing
Answer: A
Explanation:
Exception handling is an aspect of secure coding. When errors occur, the system should revert back to a secure state. This must be coded into the system by the programmer, and should capture errors and exceptions so that they could be handled by the application.