Master the sy0 401 braindump CompTIA Security+ Certification content and be ready for exam day success quickly with this Examcollection sy0 401 study guide pdf practice question. We guarantee it!We make it a reality and give you real comptia sy0 401 questions in our CompTIA sy0 401 dump braindumps.Latest 100% VALID CompTIA sy0 401 dump Exam Questions Dumps at below page. You can use our CompTIA comptia security+ sy0 401 pdf braindumps and pass your exam.


♥♥ 2021 NEW RECOMMEND ♥♥

Free VCE & PDF File for CompTIA SY0-401 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/SY0-401-exam-dumps.html

Q251. A customer has provided an email address and password to a website as part of the login process. Which of the following BEST describes the email address? 

A. Identification 

B. Authorization 

C. Access control 

D. Authentication 

Answer:


Q252. A malicious user is sniffing a busy encrypted wireless network waiting for an authorized client to connect to it. Only after an authorized client has connected and the hacker was able to capture the client handshake with the AP can the hacker begin a brute force attack to discover the encryption key. Which of the following attacks is taking place? 

A. IV attack 

B. WEP cracking 

C. WPA cracking 

D. Rogue AP 

Answer:

Explanation: 

There are three steps to penetrating a WPA-protected network. Sniffing Parsing Attacking 


Q253. A new client application developer wants to ensure that the encrypted passwords that are stored in their database are secure from cracking attempts. To implement this, the developer implements a function on the client application that hashes passwords thousands of times prior to being sent to the database. Which of the following did the developer MOST likely implement? 

A. RIPEMD 

B. PBKDF2 

C. HMAC 

D. ECDHE 

Answer:

Explanation: 


Q254. An administrator has to determine host operating systems on the network and has deployed a transparent proxy. Which of the following fingerprint types would this solution use? 

A. Packet 

B. Active 

C. Port 

D. Passive 

Answer:

Explanation: 


Q255. A small company has a website that provides online customer support. The company requires an account recovery process so that customers who forget their passwords can regain access. 

Which of the following is the BEST approach to implement this process? 

A. Replace passwords with hardware tokens which provide two-factor authentication to the online customer support site. 

B. Require the customer to physically come into the company’s main office so that the customer can be authenticated prior to their password being reset. 

C. Web-based form that identifies customer by another mechanism and then emails the customer their forgotten password. 

D. Web-based form that identifies customer by another mechanism, sets a temporary password and forces a password change upon first login. 

Answer:

Explanation: 

People tend to forget their passwords, thus you should have a password recovery system for them that will not increase risk exposure. Setting a temporary password will restrict the time that the password is valid and thus decrease risk; and in addition forcing the customer to change it upon first login will make the password more secure for the customer. 


Q256. Which of the following should an administrator implement to research current attack methodologies? 

A. Design reviews 

B. Honeypot 

C. Vulnerability scanner 

D. Code reviews 

Answer:

Explanation: 

A honeypot is a system whose purpose it is to be attacked. An administrator can watch and study 

the attack to research current attack methodologies. 

According to the Wepopedia.com, a Honeypot luring a hacker into a system has several main 

purposes: 

The administrator can watch the hacker exploit the vulnerabilities of the system, thereby learning 

where the system has weaknesses that need to be redesigned. 

The hacker can be caught and stopped while trying to obtain root access to the system. 

By studying the activities of hackers, designers can better create more secure systems that are 

potentially invulnerable to future hackers. 

There are two main types of honeypots: 

Production - A production honeypot is one used within an organization's environment to help 

mitigate risk. 

Research – A research honeypot add value to research in computer security by providing a 

platform to study the threat. 


Q257. Which of the following concepts defines the requirement for data availability? 

A. Authentication to RADIUS 

B. Non-repudiation of email messages 

C. Disaster recovery planning 

D. Encryption of email messages 

Answer:

Explanation: 

A disaster-recovery plan, or scheme, helps an organization respond effectively when a disaster occurs. Disasters may include system failure, network failure, infrastructure failure, and natural disaster. The primary emphasis of such a plan is reestablishing services and minimizing losses. 


Q258. Which of the following would a security administrator implement in order to discover comprehensive security threats on a network? 

A. Design reviews 

B. Baseline reporting 

C. Vulnerability scan 

D. Code review 

Answer:

Explanation: 

A vulnerability scan is the process of scanning the network and/or I.T. infrastructure for threats and vulnerabilities. Vulnerabilities include computer systems that do not have the latest security patches installed. The threats and vulnerabilities are then evaluated in a risk assessment and the necessary actions taken to resolve and vulnerabilities. A vulnerability scan is the automated process of proactively identifying security vulnerabilities of computing systems in a network in order to determine if and where a system can be exploited and/or threatened. While public servers are important for communication and data transfer over the Internet, they open the door to potential security breaches by threat agents, such as malicious hackers. Vulnerability scanning employs software that seeks out security flaws based on a database of known flaws, testing systems for the occurrence of these flaws and generating a report of the findings that an individual or an enterprise can use to tighten the network's security. Vulnerability scanning typically refers to the scanning of systems that are connected to the Internet but can also refer to system audits on internal networks that are not connected to the Internet in order to assess the threat of rogue software or malicious employees in an enterprise. 


Q259. A company wants to ensure that all aspects if data are protected when sending to other sites within the enterprise. Which of the following would ensure some type of encryption is performed while data is in transit? 

A. SSH 

B. SHA1 

C. TPM 

D. MD5 

Answer:

Explanation: 

Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores cryptographic keys, passwords, or certificates. 


Q260. In order for network monitoring to work properly, you need a PC and a network card running in what mode? 

A. Launch 

B. Exposed 

C. Promiscuous 

D. Sweep 

Answer:

Explanation: 

Promiscuous mode allows the network card to look at any packet that it sees on the network. This even includes packets that are not addressed to that network card.