It is impossible to pass CompTIA sy0 401 practice test exam without any help in the short term. Come to Ucertify soon and find the most advanced, correct and guaranteed CompTIA sy0 401 braindump practice questions. You will get a surprising result by our Most up-to-date CompTIA Security+ Certification practice guides.


♥♥ 2021 NEW RECOMMEND ♥♥

Free VCE & PDF File for CompTIA SY0-401 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/SY0-401-exam-dumps.html

Q151. Which of the following application attacks is used against a corporate directory service where there are unknown servers on the network? 

A. Rogue access point 

B. Zero day attack 

C. Packet sniffing 

D. LDAP injection 

Answer:

Explanation: A directory service is accessed by using LDAP (Lightweight Directory Access Protocol). LDAP injection is an attack against a directory service. Just as SQL injection attacks take statements that are input by users and exploit weaknesses within, an LDAP injection attack exploits weaknesses in LDAP (Lightweight Directory Access Protocol) implementations. This can occur when the user’s input is not properly filtered, and the result can be executed commands, modified content, or results returned to unauthorized queries. The best way to prevent LDAP injection attacks is to filter the user input and to use a validation scheme to make certain that queries do not contain exploits. One of the most common uses of LDAP is associated with user information. Numerous applications exist—such as employee directories—where users find other users by typing in a portion of their name. These queries are looking at the cn value or other fields (those defined for department, home directory, and so on). Someone attempting LDAP injection could feed unexpected values to the query to see what results are returned. All too often, finding employee information equates to finding usernames and values about those users that could be portions of their passwords. 


Q152. Recent data loss on financial servers due to security breaches forced the system administrator to harden their systems. Which of the following algorithms with transport encryption would be implemented to provide the MOST secure web connections to manage and access these servers? 

A. SSL 

B. TLS 

C. HTTP 

D. FTP 

Answer:

Explanation: 

Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols designed to provide communications security over a computer network. Transport Layer Security (TLS) is a security protocol that expands upon SSL. Many industry analysts predict that TLS will replace SSL in the future. TLS 1.0 was first defined in RFC 2246 in January 1999 as an upgrade of SSL Version 3.0. As of February 2015, the latest versions of all major web browsers support TLS 1.0, 1.1, and 1.2, have them enabled by default. 


Q153. A periodic update that corrects problems in one version of a product is called a A. Hotfix 

B. Overhaul 

C. Service pack 

D. Security update 

Answer:

Explanation: 

A service pack is a collection of updates and hotfixes that address a number of software issues, as well as new software features. It is released periodically by the vendor. 


Q154. A security administrator must implement a wireless security system, which will require users to enter a 30 character ASCII password on their accounts. Additionally the system must support 3DS wireless encryption. 

Which of the following should be implemented? 

A. WPA2-CCMP with 802.1X 

B. WPA2-PSK 

C. WPA2-CCMP 

D. WPA2-Enterprise 

Answer:

Explanation: 

D: WPA-Enterprise is also referred to as WPA-802.1X mode, and sometimes just WPA (as opposed to WPA-PSK), this is designed for enterprise networks and requires a RADIUS authentication server. This requires a more complicated setup, but provides additional security 

(e.g. protection against dictionary attacks on short passwords). Various kinds of the Extensible Authentication Protocol (EAP) are used for authentication. RADIUS can be managed centrally, and the servers that allow access to a network can verify with a RADIUS server whether an incoming caller is authorized. Thus the RADIUS server can perform all authentications. This will require users to use their passwords on their user accounts. 


Q155. Which of the following is an important step in the initial stages of deploying a host-based firewall? 

A. Selecting identification versus authentication 

B. Determining the list of exceptions 

C. Choosing an encryption algorithm 

D. Setting time of day restrictions 

Answer:

Explanation: 

A host-based firewall is installed on a client system and is used to protect the client system from the activities of the user as well as from communication from the network or Internet. These firewalls manage network traffic using filters to block certain ports and protocols while allowing others to pass through the system. 


Q156. The network administrator is responsible for promoting code to applications on a DMZ web server. Which of the following processes is being followed to ensure application integrity? 

A. Application hardening 

B. Application firewall review 

C. Application change management 

D. Application patch management 

Answer:

Explanation: 

Change management is the structured approach that is followed to secure a company’s assets. 

Promoting code to application on a SMZ web server would be change management. 


Q157. Several departments in a corporation have a critical need for routinely moving data from one system to another using removable storage devices. Senior management is concerned with data loss and the introduction of malware on the network. Which of the following choices BEST mitigates the range of risks associated with the continued use of removable storage devices? 

A. Remote wiping enabled for all removable storage devices 

B. Full-disk encryption enabled for all removable storage devices 

C. A well defined acceptable use policy 

D. A policy which details controls on removable storage use 

Answer:

Explanation: 


Q158. ON NO: 50 

The Human Resources department has a parent shared folder setup on the server. There are two groups that have access, one called managers and one called staff. There are many sub folders under the parent shared folder, one is called payroll. The parent folder access control list propagates all subfolders and all subfolders inherit the parent permission. Which of the following is the quickest way to prevent the staff group from gaining access to the payroll folder? 

A. Remove the staff group from the payroll folder 

B. Implicit deny on the payroll folder for the staff group 

C. Implicit deny on the payroll folder for the managers group 

D. Remove inheritance from the payroll folder 

Answer:

Explanation: Implicit deny is the default security stance that says if you aren’t specifically granted access or privileges for a resource, you’re denied access by default. 


Q159. A recent vulnerability scan found that Telnet is enabled on all network devices. Which of the following protocols should be used instead of Telnet? 

A. SCP 

B. SSH 

C. SFTP 

D. SSL 

Answer:

Explanation: 

SSH transmits both authentication traffic and data in a secured encrypted form, whereas Telnet transmits both authentication credentials and data in clear text. 


Q160. The Chief Technical Officer (CTO) has tasked The Computer Emergency Response Team (CERT) to develop and update all Internal Operating Procedures and Standard Operating Procedures documentation in order to successfully respond to future incidents. Which of the following stages of the Incident Handling process is the team working on? 

A. Lessons Learned 

B. Eradication 

C. Recovery 

D. Preparation 

Answer:

Explanation: 

Incident response procedures involves: Preparation; Incident identification; Escalation and notification; Mitigation steps; Lessons learned; Reporting; Recover/reconstitution procedures; First responder; Incident isolation (Quarantine; Device removal); Data breach; Damage and loss control. Developing and updating all internal operating and standard operating procedures documentation to handle future incidents is preparation.