Want to know Actualtests sy0 401 practice test Exam practice test features? Want to lear more about CompTIA CompTIA Security+ Certification certification experience? Study Actual CompTIA sy0 401 study guide pdf answers to Improve comptia sy0 401 questions at Actualtests. Gat a success with an absolute guarantee to pass CompTIA comptia security+ sy0 401 pdf (CompTIA Security+ Certification) test on your first attempt.


♥♥ 2021 NEW RECOMMEND ♥♥

Free VCE & PDF File for CompTIA SY0-401 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/SY0-401-exam-dumps.html

Q1. Which of the following BEST describes the type of attack that is occurring? 

A. Smurf Attack 

B. Man in the middle 

C. Backdoor 

D. Replay 

E. Spear Phishing 

F. Xmas Attack 

G. Blue Jacking 

H. Ping of Death 

Answer:

Explanation: 

The exhibit shows that all the computers on the network are being ‘pinged’. This indicates that the ping request was sent to the network broadcast address. We can also see that all the replies were received by one (probably with a spoofed address) host on the network. This is typical of a smurf attack. 

A smurf attack is a type of network security breach in which a network connected to the Internet is swamped with replies to ICMP echo (PING) requests. A smurf attacker sends PING requests to an Internet broadcast address. These are special addresses that broadcast all received messages to the hosts connected to the subnet. Each broadcast address can support up to 255 hosts, so a single PING request can be multiplied 255 times. The return address of the request itself is spoofed to be the address of the attacker's victim. All the hosts receiving the PING request reply to this victim's address instead of the real sender's address. A single attacker sending hundreds or thousands of these PING messages per second can fill the victim's T-1 (or even T-3) line with ping replies, bring the entire Internet service to its knees. Smurfing falls under the general category of Denial of Service attacks -- security attacks that don't try to steal information, but instead attempt to disable a computer or network. 


Q2. A security administrator must implement a wireless security system, which will require users to enter a 30 character ASCII password on their accounts. Additionally the system must support 3DS wireless encryption. 

Which of the following should be implemented? 

A. WPA2-CCMP with 802.1X 

B. WPA2-PSK 

C. WPA2-CCMP 

D. WPA2-Enterprise 

Answer:

Explanation: 

D: WPA-Enterprise is also referred to as WPA-802.1X mode, and sometimes just WPA (as opposed to WPA-PSK), this is designed for enterprise networks and requires a RADIUS authentication server. This requires a more complicated setup, but provides additional security 

(e.g. protection against dictionary attacks on short passwords). Various kinds of the Extensible Authentication Protocol (EAP) are used for authentication. RADIUS can be managed centrally, and the servers that allow access to a network can verify with a RADIUS server whether an incoming caller is authorized. Thus the RADIUS server can perform all authentications. This will require users to use their passwords on their user accounts. 


Q3. The practice of marking open wireless access points is called which of the following? 

A. War dialing 

B. War chalking 

C. War driving 

D. Evil twin 

Answer:

Explanation: 

War chalking is the act of making chalk marks on outdoor surfaces (walls, sidewalks, buildings, sign posts, trees) to indicate the existence of an open wireless network connection, usually offering an Internet connection so that others can benefit from the free wireless access. The open connections typically come from the access points of wireless networks located within buildings to serve enterprises. The chalk symbols indicate the type of access point that is available at that specific spot. 


Q4. A program displays: 

ERROR: this program has caught an exception and will now terminate. 

Which of the following is MOST likely accomplished by the program’s behavior? 

A. Operating system’s integrity is maintained 

B. Program’s availability is maintained 

C. Operating system’s scalability is maintained 

D. User’s confidentiality is maintained 

Answer:

Explanation: 

The purpose of error handling is to maintain the security and integrity of the system. Integrity is compromised when unauthorized modification occurs. 


Q5. Which of the following should Matt, a security administrator, include when encrypting smartphones? (Select TWO). 

A. Steganography images 

B. Internal memory 

C. Master boot records 

D. Removable memory cards 

E. Public keys 

Answer: B,D 

Explanation: 

All useable data on the device should be encrypted. This data can be located on the hard drive, or removable drives, such as USB devices and memory cards, and on internal memory. 


Q6. While rarely enforced, mandatory vacation policies are effective at uncovering: 

A. Help desk technicians with oversight by multiple supervisors and detailed quality control systems. 

B. Collusion between two employees who perform the same business function. 

C. Acts of incompetence by a systems engineer designing complex architectures as a member of a team. 

D. Acts of gross negligence on the part of system administrators with unfettered access to system and no oversight. 

Answer:

Explanation: 

Least privilege (privilege reviews) and job rotation is done when mandatory vacations are implemented. Then it will uncover areas where the system administrators neglected to check all users’ privileges since the other users must fill in their positions when they are on their mandatory vacation. 


Q7. A company would like to take electronic orders from a partner; however, they are concerned that a non-authorized person may send an order. The legal department asks if there is a solution that provides non-repudiation. Which of the following would meet the requirements of this scenario? 

A. Encryption 

B. Digital signatures 

C. Steganography 

D. Hashing 

E. Perfect forward secrecy 

Answer:

Explanation: 


Q8. Which of the following allows a company to maintain access to encrypted resources when employee turnover is high? 

A. Recovery agent 

B. Certificate authority 

C. Trust model 

D. Key escrow 

Answer:

Explanation: 

If an employee leaves and we need access to data he has encrypted, we can use the key recovery agent to retrieve his decryption key. We can use this recovered key to access the data. A key recovery agent is an entity that has the ability to recover a key, key components, or plaintext messages as needed. As opposed to escrow, recovery agents are typically used to access information that is encrypted with older keys. 


Q9. Four weeks ago, a network administrator applied a new IDS and allowed it to gather baseline data. As rumors of a layoff began to spread, the IDS alerted the network administrator that access to sensitive client files had risen far above normal. Which of the following kind of IDS is in use? 

A. Protocol based 

B. Heuristic based 

C. Signature based 

D. Anomaly based 

Answer:

Explanation: 


Q10. A technician wants to verify the authenticity of the system files of a potentially compromised system. Which of the following can the technician use to verify if a system file was compromised? (Select TWO). 

A. AES 

B. PGP 

C. SHA 

D. MD5 

E. ECDHE 

Answer: C,D 

Explanation: