♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for CompTIA SY0-401 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/SY0-401-exam-dumps.html
Q421. After analyzing and correlating activity from multiple sensors, the security administrator has determined that a group of very well organized individuals from an enemy country is responsible for various attempts to breach the company network, through the use of very sophisticated and targeted attacks. Which of the following is this an example of?
A. Privilege escalation
B. Advanced persistent threat
C. Malicious insider threat
D. Spear phishing
Answer: B
Explanation:
Definitions of precisely what an APT is can vary widely, but can best be summarized by their named requirements: Advanced – Criminal operators behind the threat utilize the full spectrum of computer intrusion technologies and techniques. While individual components of the attack may not be classed as particularly “advanced” (e.g. malware components generated from commonly available DIY construction kits, or the use of easily procured exploit materials), their operators can typically access and develop more advanced tools as required. They combine multiple attack methodologies and tools in order to reach and compromise their target. Persistent – Criminal operators give priority to a specific task, rather than opportunistically seeking immediate financial gain. This distinction implies that the attackers are guided by external entities. The attack is conducted through continuous monitoring and interaction in order to achieve the defined objectives. It does not mean a barrage of constant attacks and malware updates. In fact, a “low-and-slow” approach is usually more successful. Threat – means that there is a level of coordinated human involvement in the attack, rather than a mindless and automated piece of code. The criminal operators have a specific objective and are skilled, motivated, organized and well funded.
Q422. A security technician has been asked to recommend an authentication mechanism that will allow users to authenticate using a password that will only be valid for a predefined time interval. Which of the following should the security technician recommend?
A. CHAP
B. TOTP
C. HOTP
D. PAP
Answer: B
Explanation: Time-based one-time password (TOTP) tokens are devices or applications that generate passwords at fixed time intervals. Therefore, the password will only be valid for a predefined time interval.
Q423. Pete, the security engineer, would like to prevent wireless attacks on his network. Pete has implemented a security control to limit the connecting MAC addresses to a single port. Which of the following wireless attacks would this address?
A. Interference
B. Man-in-the-middle
C. ARP poisoning
D. Rogue access point
Answer: D
Explanation:
MAC filtering is typically used in wireless networks. In computer networking, MAC Filtering (or GUI filtering, or layer 2 address filtering) refers to a security access control method whereby the 48-bit address assigned to each network card is used to determine access to the network. MAC addresses are uniquely assigned to each card, so using MAC filtering on a network permits and denies network access to specific devices through the use of blacklists and whitelists.
In this question, a rogue access point would need to be able to connect to the network to provide access to network resources. If the MAC address of the rogue access point isn’t allowed to connect to the network port, then the rogue access point will not be able to connect to the network.
Q424. Which of the following would the security engineer set as the subnet mask for the servers below to utilize host addresses on separate broadcast domains?
Server 1: 192.168.100.6
Server 2: 192.168.100.9
Server 3: 192.169.100.20
A. /24
B. /27
C. /28
D. /29
E. /30
Answer: D
Explanation:
Using this option will result in all three servers using host addresses on different broadcast domains.
Q425. An attacker crafts a message that appears to be from a trusted source, but in reality it redirects the recipient to a malicious site where information is harvested. The message is narrowly tailored so it is effective on only a small number of victims. This describes which of the following?
A. Spear phishing
B. Phishing
C. Smurf attack
D. Vishing
Answer: A
Explanation:
Q426. A security engineer is asked by the company’s development team to recommend the most secure method for password storage.
Which of the following provide the BEST protection against brute forcing stored passwords? (Select TWO).
A. PBKDF2
B. MD5
C. SHA2
D. Bcrypt
E. AES
F. CHAP
Answer: A,D
Explanation:
A: PBKDF2 (Password-Based Key Derivation Function 2) is part of PKCS #5 v. 2.01. It applies some function (like a hash or HMAC) to the password or passphrase along with Salt to produce a derived key.
D: bcrypt is a key derivation function for passwords based on the Blowfish cipher. Besides incorporating a salt to protect against rainbow table attacks, bcrypt is an adaptive function: over time, the iteration count can be increased to make it slower, so it remains resistant to brute-force search attacks even with increasing computation power. The bcrypt function is the default password hash algorithm for BSD and many other systems.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex,
Indianapolis, 2014, pp 109-110, 139, 143, 250, 255-256, 256
Q427. Which of the following concepts is enforced by certifying that email communications have been sent by who the message says it has been sent by?
A. Key escrow
B. Non-repudiation
C. Multifactor authentication
D. Hashing
Answer: B
Explanation:
Explanation:
Regarding digital security, the cryptological meaning and application of non-repudiation shifts to
mean:
*
A service that provides proof of the integrity and origin of data.
*
An authentication that can be asserted to be genuine with high assurance.
Q428. Which of the following provides the BEST application availability and is easily expanded as demand grows?
A. Server virtualization
B. Load balancing
C. Active-Passive Cluster
D. RAID 6
Answer: B
Explanation:
Load balancing is a way of providing high availability by splitting the workload across multiple computers.
Q429. A company is trying to implement physical deterrent controls to improve the overall security posture of their data center. Which of the following BEST meets their goal?
A. Visitor logs
B. Firewall
C. Hardware locks
D. Environmental monitoring
Answer: C
Explanation:
Hardware security involves applying physical security modifications to secure the system(s) and preventing them from leaving the facility. Don’t spend all of your time worrying about intruders coming through the network wire while overlooking the obvious need for physical security. Hardware security involves the use of locks to prevent someone from picking up and carrying out your equipment.
Q430. Ann, a security analyst, is preparing for an upcoming security audit. To ensure that she identifies unapplied security controls and patches without attacking or compromising the system, Ann would use which of the following?
A. Vulnerability scanning
B. SQL injection
C. Penetration testing
D. Antivirus update
Answer: A
Explanation:
A vulnerability scan is the process of scanning the network and/or I.T. infrastructure for threats and vulnerabilities. The threats and vulnerabilities are then evaluated in a risk assessment and the necessary actions taken to resolve and vulnerabilities. A vulnerability scan scans for known weaknesses such as missing patches or security updates.
A vulnerability scan is the automated process of proactively identifying security vulnerabilities of computing systems in a network in order to determine if and where a system can be exploited and/or threatened. While public servers are important for communication and data transfer over the Internet, they open the door to potential security breaches by threat agents, such as malicious hackers. Vulnerability scanning employs software that seeks out security flaws based on a database of known flaws, testing systems for the occurrence of these flaws and generating a report of the findings that an individual or an enterprise can use to tighten the network's security.
