Exam Code: sy0 401 braindump (Practice Exam Latest Test Questions VCE PDF)
Exam Name: CompTIA Security+ Certification
Certification Provider: CompTIA
Free Today! Guaranteed Training- Pass sy0 401 pdf Exam.


♥♥ 2021 NEW RECOMMEND ♥♥

Free VCE & PDF File for CompTIA SY0-401 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/SY0-401-exam-dumps.html

Q581. A new intern was assigned to the system engineering department, which consists of the system architect and system software developer’s teams. These two teams have separate privileges. The intern requires privileges to view the system architectural drawings and comment on some software development projects. Which of the following methods should the system administrator implement? 

A. Group based privileges 

B. Generic account prohibition 

C. User access review 

D. Credential management 

Answer:

Explanation: 

You can assign permissions to access resources either to a user or a group. The most efficient way is to assign permissions to a group (group based privileges). By assigning the intern’s user account to both groups, the intern will inherit the permissions assigned to those groups. 


Q582. A company has just deployed a centralized event log storage system. Which of the following can be used to ensure the integrity of the logs after they are collected? 

A. Write-once drives 

B. Database encryption 

C. Continuous monitoring 

D. Role-based access controls 

Answer:

Explanation: 


Q583. A database administrator contacts a security administrator to request firewall changes for a connection to a new internal application. The security administrator notices that the new application uses a port typically monopolized by a virus. The security administrator denies the request and suggests a new port or service be used to complete the application’s task. Which of the following is the security administrator practicing in this example? 

A. Explicit deny 

B. Port security 

C. Access control lists 

D. Implicit deny 

Answer:

Explanation: 

Traffic that comes into the router is compared to ACL entries based on the order that the entries occur in the router. New statements are added to the end of the list. The router continues to look until it has a match. If no matches are found when the router reaches the end of the list, the traffic is denied. For this reason, you should have the frequently hit entries at the top of the list. There is an implied deny for traffic that is not permitted. 


Q584. Which of the following security devices can be replicated on a Linux based computer using IP tables to inspect and properly handle network based traffic? 

A. Sniffer 

B. Router 

C. Firewall 

D. Switch 

Answer:

Explanation: 

Ip tables are a user-space application program that allows a system administrator to configure the tables provided by the Linux kernel firewall and the chains and rules it stores. 


Q585. Which of the following is characterized by an attacker attempting to map out an organization’s staff hierarchy in order to send targeted emails? 

A. Whaling 

B. Impersonation 

C. Privilege escalation 

D. Spear phishing 

Answer:

Explanation: 

A whaling attack is targeted at company executives. Mapping out an organization’s staff hierarchy to determine who the people at the top are is also part of a whaling attack. Whaling is a specific kind of malicious hacking within the more general category of phishing, which involves hunting for data that can be used by the hacker. In general, phishing efforts are focused on collecting personal data about users. In whaling, the targets are high-ranking bankers, executives or others in powerful positions or job titles. Hackers who engage in whaling often describe these efforts as "reeling in a big fish," applying a familiar metaphor to the process of scouring technologies for loopholes and opportunities for data theft. Those who are engaged in whaling may, for example, hack into specific networks where these powerful individuals work or store sensitive data. They may also set up keylogging or other malware on a work station associated with one of these executives. There are many ways that hackers can pursue whaling, leading C-level or top-level executives in business and government to stay vigilant about the possibility of cyber threats. 


Q586. Joe, a technician at the local power plant, notices that several turbines had ramp up in cycles during the week. Further investigation by the system engineering team determined that a timed .exe file had been uploaded to the system control console during a visit by international contractors. Which of the following actions should Joe recommend? 

A. Create a VLAN for the SCADA 

B. Enable PKI for the MainFrame 

C. Implement patch management 

D. Implement stronger WPA2 Wireless 

Answer:

Explanation: 

VLANs are used for traffic management. VLANs can be used to isolate traffic between network segments. This can be accomplished by not defining a route between different VLANs or by specifying a deny filter between certain VLANs (or certain members of a VLAN). Any network segment that doesn’t need to communicate with another in order to accomplish a work task/function shouldn’t be able to do so. 


Q587. A security administrator is concerned about the strength of user’s passwords. The company does not want to implement a password complexity policy. Which of the following can the security Administrator implement to mitigate the risk of an online password attack against users with weak passwords? 

A. Increase the password length requirements 

B. Increase the password history 

C. Shorten the password expiration period 

D. Decrease the account lockout time 

Answer:

Explanation: 

Reducing the password expiration period will require passwords to be changed at the end of that period. A password needs to be changed if it doesn’t meet the compliance requirements of the company’s password policy, or is evidently insecure. It will also need to be changed if it has been reused, or due to possible compromise as a result of a system intrusion. This will give online password attackers less time to crack the weak passwords. 


Q588. Which of the following was launched against a company based on the following IDS log? 

122.41.15.252 - - [21/May/2012:00:17:20 +1200] "GET 

/index.php?username=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA A 

AAA HTTP/1.1" 200 2731 "http://www.company.com/cgibin/ 

forum/commentary.pl/noframes/read/209" "Mozilla/4.0 (compatible; 

MSIE 6.0; Windows NT 5.1; Hotbar 4.4.7.0)" 

A. SQL injection 

B. Buffer overflow attack 

C. XSS attack 

D. Online password crack 

Answer:

Explanation: 

The username should be just a username; instead we can see it’s a long line of text with an HTTP command in it. This is an example of a buffer overflow attack. A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. Although it may occur accidentally through programming error, buffer overflow is an increasingly common type of security attack on data integrity. In buffer overflow attacks, the extra data may contain codes designed to trigger specific actions, in effect sending new instructions to the attacked computer that could, for example, damage the user's files, change data, or disclose confidential information. Buffer overflow attacks are said to have arisen because the C programming language supplied the framework, and poor programming practices supplied the vulnerability. 


Q589. Computer evidence at a crime is preserved by making an exact copy of the hard disk. Which of the following does this illustrate? 

A. Taking screenshots 

B. System image capture 

C. Chain of custody 

D. Order of volatility 

Answer:

Explanation: 

A system image would be a snapshot of what exists at the moment. Thus capturing an image of the operating system in its exploited state can be helpful in revisiting the issue after the fact to learn more about it. 


Q590. Ann works at a small company and she is concerned that there is no oversight in the finance department; specifically, that Joe writes, signs and distributes paycheques, as well as other expenditures. Which of the following controls can she implement to address this concern? 

A. Mandatory vacations 

B. Time of day restrictions 

C. Least privilege 

D. Separation of duties 

Answer:

Explanation: 

Separation of duties divides administrator or privileged tasks into separate groupings, which in turn, is individually assigned to unique administrators. This helps in fraud prevention, error reduction, as well as conflict of interest prevention. For example, those who configure security should not be the same people who test security. In this case, Joe should not be allowed to write and sign paycheques.