Why You Need To sy0 401 pdf?

Our pass rate is high to 98.9% and the similarity percentage between our sy0 401 pdf study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the CompTIA comptia sy0 401 exam in just one try? I am currently studying for the CompTIA sy0 401 practice exam exam. Latest CompTIA security+ sy0 401 Test exam practice questions and answers, Try CompTIA security+ sy0 401 Brain Dumps First.


♥♥ 2021 NEW RECOMMEND ♥♥

Free VCE & PDF File for CompTIA SY0-401 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/SY0-401-exam-dumps.html

Q1. Verifying the integrity of data submitted to a computer program at or during run-time, with the intent of preventing the malicious exploitation of unintentional effects in the structure of the code, is BEST described as which of the following? 

A. Output sanitization 

B. Input validation 

C. Application hardening 

D. Fuzzing 

Answer:

Explanation: 


Q2. Which of the following are restricted to 64-bit block sizes? (Select TWO). 

A. PGP 

B. DES 

C. AES256 

D. RSA 

E. 3DES 

F. AES 

Answer: B,E 

Explanation: 

B: The Data Encryption Standard (DES) has been used since the mid-1970s. It was the primary standard used in government and industry until it was replaced by AES. It’s based on a 56-bit key and has several modes that offer security and integrity. It is now considered insecure because of the small key size. 

E: Triple-DES (3DES) is a technological upgrade of DES. 3DES is still used, even though AES is the preferred choice for government applications. 3DES is considerably harder to break than many other systems, and it’s more secure than DES. It increases the key length to 168 bits (using three 56-bit DES keys). 


Q3. A network administrator is asked to send a large file containing PII to a business associate. 

Which of the following protocols is the BEST choice to use? 

A. SSH 

B. SFTP 

C. SMTP 

D. FTP 

Answer:

Explanation: 

SFTP encrypts authentication and data traffic between the client and server by making use of SSH to provide secure FTP communications. As a result, SFTP offers protection for both the authentication traffic and the data transfer taking place between a client and server. 


Q4. A security administrator examines a network session to a compromised database server with a packet analyzer. Within the session there is a repeated series of the hex character 90 (x90). 

Which of the following attack types has occurred? 

A. Buffer overflow 

B. Cross-site scripting 

C. XML injection 

D. SQL injection 

Answer:

Explanation: Explanation The hex character 90 (x90) means NOP or No Op or No Operation. In a buffer overflow attack, the buffer can be filled and overflowed with No Op commands. A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. Although it may occur accidentally through programming error, buffer overflow is an increasingly common type of security attack on data integrity. In buffer overflow attacks, the extra data may contain codes designed to trigger specific actions, in effect sending new instructions to the attacked computer that could, for example, damage the user's files, change data, or disclose confidential information. Buffer overflow attacks are said to have arisen because the C programming language supplied the framework, and poor programming practices supplied the vulnerability. 


Q5. Which of the following are Data Loss Prevention (DLP) strategies that address data in transit issues? (Select TWO). 

A. Scanning printing of documents. 

B. Scanning of outbound IM (Instance Messaging). 

C. Scanning copying of documents to USB. 

D. Scanning of SharePoint document library. 

E. Scanning of shared drives. 

F. Scanning of HTTP user traffic. 

Answer: B,F 

Explanation: 

DLP systems monitor the contents of systems (workstations, servers, networks) to make sure key content is not deleted or removed. They also monitor who is using the data (looking for unauthorized access) and transmitting the data. Outbound IM and HTTP user traffic refers to data over a network which falls within the DLP strategy. 


Q6. Which of the following will help prevent smurf attacks? 

A. Allowing necessary UDP packets in and out of the network 

B. Disabling directed broadcast on border routers 

C. Disabling unused services on the gateway firewall 

D. Flash the BIOS with the latest firmware 

Answer:

Explanation: 


Q7. Which of the following types of encryption will help in protecting files on a PED? 

A. Mobile device encryption 

B. Transport layer encryption 

C. Encrypted hidden container 

D. Database encryption 

Answer:

Explanation: 

Device encryption encrypts the data on a Personal Electronic Device (PED). This feature ensures that the data on the device cannot be accessed in a useable form should the device be stolen. 


Q8. Ann, the network administrator, has learned from the helpdesk that employees are accessing the wireless network without entering their domain credentials upon connection. Once the connection is made, they cannot reach any internal resources, while wired network connections operate smoothly. Which of the following is MOST likely occurring? 

A. A user has plugged in a personal access point at their desk to connect to the network wirelessly. 

B. The company is currently experiencing an attack on their internal DNS servers. 

C. The company’s WEP encryption has been compromised and WPA2 needs to be implemented instead. 

D. An attacker has installed an access point nearby in an attempt to capture company information. 

Answer:

Explanation: 

The question implies that users should be required to enter their domain credentials upon connection to the wireless network. The fact that they are connecting to a wireless network without being prompted for their domain credentials and they are unable to access network resources suggests they are connecting to a rogue wireless network. A rogue access point is a wireless access point that has either been installed on a secure company network without explicit authorization from a local network administrator, or has been created to allow a hacker to conduct a man-in-the-middle attack. Rogue access points of the first kind can pose a security threat to large organizations with many employees, because anyone with access to the premises can install (maliciously or non-maliciously) an inexpensive wireless router that can potentially allow access to a secure network to unauthorized parties. Rogue access points of the second kind target networks that do not employ mutual authentication (client-server server-client) and may be used in conjunction with a rogue RADIUS server, depending on security configuration of the target network. To prevent the installation of rogue access points, organizations can install wireless intrusion prevention systems to monitor the radio spectrum for unauthorized access points. 


Q9. A Windows-based computer is infected with malware and is running too slowly to boot and run a malware scanner. Which of the following is the BEST way to run the malware scanner? 

A. Kill all system processes 

B. Enable the firewall 

C. Boot from CD/USB 

D. Disable the network connection 

Answer:

Explanation: 


Q10. Which of the following is the below pseudo-code an example of? 

IF VARIABLE (CONTAINS NUMBERS = TRUE) THEN EXIT 

A. Buffer overflow prevention 

B. Input validation 

C. CSRF prevention 

D. Cross-site scripting prevention 

Answer:

Explanation: 

Input validation is a defensive technique intended to mitigate against possible user input attacks, such as buffer overflows and fuzzing. Input validation checks every user input submitted to the application before processing that input. The check could be a length, a character type, a language type, or a domain.