Pinpoint of SY0-401 free practice exam materials and guidance for CompTIA certification for IT engineers, Real Success Guaranteed with Updated SY0-401 pdf dumps vce Materials. 100% PASS CompTIA Security+ Certification exam Today!


♥♥ 2021 NEW RECOMMEND ♥♥

Free VCE & PDF File for CompTIA SY0-401 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/SY0-401-exam-dumps.html

2021 Mar SY0-401 answers

Q261. Which of the following is true about the CRL? 

A. It should be kept public 

B. It signs other keys 

C. It must be kept secret 

D. It must be encrypted 

Answer:

Explanation: 

The CRL must be public so that it can be known which keys and certificates have been revoked. In the operation of some cryptosystems, usually public key infrastructures (PKIs), a certificate revocation list (CRL) is a list of certificates (or more specifically, a list of serial numbers for certificates) that have been revoked, and therefore, entities presenting those (revoked) certificates should no longer be trusted. 


Q262. Sara, a security engineer, is testing encryption ciphers for performance. Which of the following ciphers offers strong encryption with the FASTEST speed? 

A. 3DES 

B. Blowfish 

C. Serpent 

D. AES256 

Answer:

Explanation: 

Blowfish is an encryption system invented by a team led by Bruce Schneier that performs a 64-bit block cipher at very fast speeds. Blowfish is a fast, except when changing keys. It is a symmetric block cipher that can use variable-length keys (from 32 bits to 448 bits). 


Q263. Which of the following is described as an attack against an application using a malicious file? 

A. Client side attack 

B. Spam 

C. Impersonation attack 

D. Phishing attack 

Answer:

Explanation: 

In this question, a malicious file is used to attack an application. If the application is running on a 

client computer, this would be a client side attack. Attacking a service or application on a server 

would be a server side attack. 

Client-side attacks target vulnerabilities in client applications interacting with a malicious data. The 

difference is the client is the one initiating the bad connection. 

Client-side attacks are becoming more popular. This is because server side attacks are not as 

easy as they once were according to apache.org. 

Attackers are finding success going after weaknesses in desktop applications such as browsers, 

media players, common office applications and e-mail clients. 

To defend against client-side attacks keep-up the most current application patch levels, keep 

antivirus software updated and keep authorized software to a minimum. 


Q264. A security administrator needs to determine which system a particular user is trying to login to at various times of the day. Which of the following log types would the administrator check? 

A. Firewall 

B. Application 

C. IDS 

D. Security 

Answer:

Explanation: 

The security log records events such as valid and invalid logon attempts, as well as events related to resource use, such as the creating, opening, or deleting of files. For example, when logon auditing is enabled, an event is recorded in the security log each time a user attempts to log on to the computer. You must be logged on as Administrator or as a member of the Administrators group in order to turn on, use, and specify which events are recorded in the security log. 


Q265. A security administrator would like to ensure that system administrators are not using the same password for both their privileged and non-privileged accounts. Which of the following security controls BEST accomplishes this goal? 

A. Require different account passwords through a policy 

B. Require shorter password expiration for non-privileged accounts 

C. Require shorter password expiration for privileged accounts 

D. Require a greater password length for privileged accounts 

Answer:

Explanation: 


Improve SY0-401 practice:

Q266. Which of the following is a directional antenna that can be used in point-to-point or point-to-multi-point WiFi communication systems? (Select TWO). 

A. Backfire 

B. Dipole 

C. Omni 

D. PTZ 

E. Dish 

Answer: A,E 

Explanation: 


Q267. Which of the following types of data encryption would Matt, a security administrator, use to encrypt a specific table? 

A. Full disk 

B. Individual files 

C. Database 

D. Removable media 

Answer:

Explanation: 

A table is stored in a database. Database encryption makes use of cryptography functions that are built into the database software to encrypt the data stored in the database. This often offers granular encryption options which allows for the encryptions of the entire database, specific database tables, or specific database fields, such as a credit card number field. 


Q268. Which of the following provides the BEST explanation regarding why an organization needs to implement IT security policies? 

A. To ensure that false positives are identified 

B. To ensure that staff conform to the policy 

C. To reduce the organizational risk 

D. To require acceptable usage of IT systems 

Answer:

Explanation: 

Once risks has been identified and assessed then there are five possible actions that should be taken. These are: Risk avoidance, Risk transference, Risk mitigation, Risk deterrence and Risk acceptance. Anytime you engage in steps to reduce risk, you are busy with risk mitigation and implementing IT security policy is a risk mitigation strategy. 


Q269. A security team has identified that the wireless signal is broadcasting into the parking lot. To reduce the risk of an attack against the wireless network from the parking lot, which of the following controls should be used? (Select TWO). 

A. Antenna placement 

B. Interference 

C. Use WEP 

D. Single Sign on 

E. Disable the SSID 

F. Power levels 

Answer: A,F 

Explanation: 

Placing the antenna in the correct position is crucial. You can then adjust the power levels to exclude the parking lot. 


Q270. Three of the primary security control types that can be implemented are. 

A. Supervisory, subordinate, and peer. 

B. Personal, procedural, and legal. 

C. Operational, technical, and management. 

D. Mandatory, discretionary, and permanent. 

Answer:

Explanation: 

The National Institute of Standards and Technology (NIST) places controls into various types. The control types fall into three categories: Management, Operational, and Technical.