Our ITCertKing can help you realize your dream to pass SY0-401 VCE Dumps by providing SY0-401 VCE Dumps. Because it concludes all training materials you need to pass SY0-401 VCE Dumps. Choosing our ITCertKing can absolutely help you pass SY0-401 VCE Dumps easily, and make you become a member of elite in IT. What are you waiting for? Hurry up!
ITCertKing's CompTIA SY0-401 VCE Dumps are the best training materials of all the Internet training resources. Our visibility is very high, which are results that obtained through many candidates who have used the ITCertKing's CompTIA SY0-401 VCE Dumps. If you also use ITCertKing's CompTIA SY0-401 VCE Dumps, we can give you 100% guarantee of success. If you do not pass the exam, we will refund the full purchase cost to you. For the vital interests of the majority of candidates, ITCertKing is absolutely trustworthy.
Exam Name: CompTIA Security+ Certification
One year free update, No help, Full refund!
SY0-401 VCE Dumps Exam Tests Total Q&A: 1780 Questions and Answers
Last Update: 2016-10-31
SY0-401 VCE Dumps Exam Questions Detail: SY0-401 VCE Dumps Exam Tests
SY0-401 VCE Dumps Free Demo Download: http://www.itcertking.com/SY0-401_exam.html
NO.1 A user casually browsing the Internet is redirected to a warez site where a number of pop-ups
appear. After clicking on a pop-up to complete a survey, a drive-by download occurs. Which of the
following is MOST likely to be contained in the download?
A. DDoS
B. Backdoor
C. Smurf
D. Logic bomb
E. Spyware
Answer: E
SY0-401 VCE Dumps practice test
Explanation:
Explanation Spyware is software that is used to gather information about a person or organization
without their knowledge and sends that information to another entity. Whenever spyware is used for
malicious purposes, its presence is typically hidden from the user and can be difficult to detect. Some
spyware, such as keyloggers, may be installed by the owner of a shared, corporate, or public
computer intentionally in order to monitor users.
NO.2 During a recent audit, the auditors cited the company's current virtual machine infrastructure
as a concern. The auditors cited the fact that servers containing sensitive customer information
reside on the same physical host as numerous virtual machines that follow less stringent security
guild lines. Which of the following would be the best choice to implement to address this audit
concern while maintain the current infrastructure?
A. Migrate the individual virtual machines that do not contain sensitive data to separate physical
machines
B. Implement full disk encryption on all servers that do not contain sensitive customer data
C. Create new VLANs and segment the network according to the level of data sensitivity
D. Move the virtual machines that contain the sensitive information to a separate host
Answer: C
SY0-401 VCE Dumps dumps
NO.3 A security administrator has been assigned to review the security posture of the standard
corporate system image for virtual machines. The security administrator conducts a thorough review
of the system logs, installation procedures, and network configuration of the VM image. Upon
reviewing the access logs and user accounts, the security administrator determines that several
accounts will not be used in production. Which of the following would correct the deficiencies?
A. Disable remote login
B. Host hardening
C. Disabling services
D. Mandatory access controls
Answer: B
SY0-401 VCE Dumps Exam PDF SY0-401 VCE Dumps Braindumps
NO.4 A user in the company is in charge of various financial roles but needs to prepare for an
upcoming audit. They use the same account to access each financial system. Which of the following
security controls will MOST likely be implemented within the company?
A. Separation of duties
B. Password complexity enabled
C. Account lockout policy
D. Account password enforcement
Answer: A
SY0-401 VCE Dumps Exam Prep
Explanation:
Separation of duties means that users are granted only the permissions they need to do their work
and no more. More so it means that there is differentiation between users, employees and duties per
se which form part of best practices.
NO.5 Which of the following does full disk encryption prevent?
A. Database theft
B. Network-based attacks
C. Clear text access
D. Client side attacks
Answer: C
SY0-401 VCE Dumps Practice Exam SY0-401 VCE Dumps Questions and answers
Explanation:
Full-disk encryption encrypts the data on the device. This feature ensures that the data on the device
cannot be accessed in a useable form should the device be stolen.
NO.6 A company's BYOD policy requires the installation of a company provide mobile agent on their
on their personally owned devices which would allow auditing when an employee wants to connect a
device to the corporate email system. Which of the following concerns will MOST affect the decision
to use a personal device to receive company email?
A. Email support
B. Personal privacy
C. Data ownership
D. Service availability
Answer: B
SY0-401 VCE Dumps Test Questions
NO.7 Which of the following can be used to ensure that sensitive records stored on a backend
server can only be accessed by a front end server with the appropriate record key?
A. File encryption
B. Database encryption
C. Storage encryption
D. Full disk encryption
Answer: A
SY0-401 VCE Dumps demo
NO.8 Which of the following devices would MOST likely have a DMZ interface?
A. Proxy
B. Load balancer
C. Switch
D. Firewall
Answer: D
SY0-401 VCE Dumps Latest Dumps
Explanation:
The DMZ is a buffer network between the public untrusted Internet and the private trusted LAN.
Often a DMZ is deployed through the use of a multihomed firewall.
NO.9 Which of the following are unique to white box testing methodologies? (Select two)
A. Bluesnarfing
B. Input fuzzing
C. Application program interface API testing
D. External network penetration testing
E. Function, statement and code coverage
Answer: C,E
SY0-401 VCE Dumps exam dumps
NO.10 Which of the following are restricted to 64-bit block sizes? (Select TWO).
A. RSA
B. PGP
C. AES256
D. 3DES
E. AES
F. DES
Answer: D,F
SY0-401 VCE Dumps Real Dumps
Explanation:
B: The Data Encryption Standard (DES) has been used since the mid-1970s. It was the primary
standard used in government and industry until it was replaced by AES. It's based on a 56-bit key and
has several modes that offer security and integrity. It is now considered insecure because of the small
key size.
E: Triple-DES (3DES) is a technological upgrade of DES. 3DES is still used, even though AES is the
preferred choice for government applications. 3DES is considerably harder to break than many other
systems, and it's more secure than DES. It increases the key length to 168 bits (using three 56-bit DES
keys).
NO.11 Which of the following MOST specifically defines the procedures to follow when scheduled
system patching fails resulting in system outages?
A. Risk transference
B. Access control revalidation
C. Change management
D. Configuration management
Answer: C
SY0-401 VCE Dumps Exam Questions
Explanation:
Change Management is a risk mitigation approach and refers to the structured approach that is
followed to secure a company's assets. In this case 'scheduled system patching'.
NO.12 A security administrator needs to update the OS on all the switches in the company. Which of
the following MUST be done before any actual switch configuration is performed?
A. The request needs to be sent to the change management team.
B. The request needs to be approved through the change management process.
C. The request needs to be approved through the incident management process.
D. The request needs to be sent to the incident management team.
Answer: B
SY0-401 VCE Dumps Training online
Explanation:
Change Management is a risk mitigation approach and refers to the structured approach that is
followed to secure a company's assets. Thus the actual switch configuration should first be subject to
the change management approval.
NO.13 A company replaces a number of devices with a mobile appliance, combining several
functions.
Which of the following descriptions fits this new implementation? (Select TWO).
A. Cloud computing
B. Single point of failure
C. Load balancing
D. Virtualization
E. All-in-one device
Answer: B,E
SY0-401 VCE Dumps Real Exams
Explanation:
The disadvantages of combining everything into one include a potential single point of failure, and
the dependence on the one vendor. The all -in-one device represents a single point of failure risk
being taken on.
NO.14 Use of a smart card to authenticate remote servers remains MOST susceptible to which of the
following attacks?
A. Brute force certificate cracking
B. Distributed dictionary attacks
C. Malicious code on the local system
D. Shoulder surfing
Answer: C
Explanation:
Once a user authenticates to a remote server, malicious code on the user's workstation could then
infect the server.
NO.15 A recent audit has discovered that at the time of password expiration clients are able to
recycle the previous credentials for authentication. Which of the following controls should be used
together to prevent this from occurring? (Select TWO).
A. Password complexity
B. Password hashing
C. Password length
D. Password age
E. Password history
Answer: D,E
SY0-401 VCE Dumps answers real questions SY0-401 VCE Dumps Practice Questions
Explanation:
D: Password history determines the number of previous passwords that cannot be used when a user
changes his password. For example, a password history value of 5 would disallow a user from
changing his password to any of his previous 5 passwords.
A: When a user is forced to change his password due to a maximum password age period expiring, he
could change his password to a previously used password. Or if a password history value of 5 is
configured, the user could change his password six times to cycle back round to his original password.
This is where the minimum password age comes in. This is the period that a password must be used
for. For example, a minimum password age of 30 would determine that when a user changes his
password, he must continue to use the same password for at least 30 days.
NO.16 Which of the following technologies was developed to allow companies to use less-expensive
storage while still maintaining the speed and redundancy required in a business environment?
A. Load Balancing
B. Clustering
C. Tape Backup
D. RAID
Answer: B
SY0-401 VCE Dumps certification SY0-401 VCE Dumps Exam Cram
NO.17 A security administrator wants to get a real time look at what attackers are doing in the wild,
hoping to lower the risk of zero-day attacks. Which of the following should be used to accomplish this
goal?
A. Baseline reporting
B. Penetration testing
C. Honeynets
D. Vulnerability scanning
Answer: C
SY0-401 VCE Dumps Training online SY0-401 VCE Dumps
Explanation:
A honeynet is a network set up with intentional vulnerabilities; its purpose is to invite attack, so that
an attacker's activities and methods can be studied and that information used to increase network
security. A honeynet contains one or more honey pots, which are computer systems on the Internet
expressly set up to attract and "trap" people who attempt to penetrate other people's computer
systems. Although the primary purpose of a honeynet is to gather information about attackers'
methods and motives, the decoy network can benefit its operator in other ways, for example by
diverting attackers from a real network and its resources. The Honeynet Project, a non-profit
research organization dedicated to computer security and information sharing, actively promotes the
deployment of honeynets. In addition to the honey pots, a honeynet usually has real applications and
services so that it seems like a normal network and a worthwhile target. However, because the
honeynet doesn't actually serve any authorized users, any attempt to contact the network from
without is likely an illicit attempt to breach its security, and any outbound activity is likely evidence
that a system has been compromised. For this reason, the suspect information is much more
apparent than it would be in an actual network, where it would have to be found amidst all the
legitimate network data. Applications within a honeynet are often given names such as "Finances" or
"Human Services" to make them sound appealing to the attacker.
A virtual honeynet is one that, while appearing to be an entire network, resides on a single server.
NO.18 Which of the following uses both a public and private key?
A. MD5
B. RSA
C. SHA
D. AES
Answer: B
SY0-401 VCE Dumps braindump SY0-401 VCE Dumps Exam Cram
Explanation:
The RSA algorithm is an early public-key encryption system that uses large integers as the
basis for the process.
RSA uses both a public key and a secret.
RSA key generation process:
1.Generate two large random primes, p and q, of approximately equal size such that their
product, n = pq, is of the required bit length (such as 2048 bits, 4096 bits, and so forth).
Let n = pq
Let m = (p-1)(q-1)
2.Choose a small number e, co-prime to m (note: Two numbers are co-prime if they have
no common factors).
3.Find d, such that
de % m = 1
4.Publish e and n as the public key. Keep d and n as the secret key.
NO.19 Recent data loss on financial servers due to security breaches forced the system administrator
to harden their systems. Which of the following algorithms with transport encryption would be
implemented to provide the MOST secure web connections to manage and access these servers?
A. SSL
B. TLS
C. HTTP
D. FTP
Answer: B
SY0-401 VCE Dumps braindump
Explanation:
Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic
protocols designed to provide communications security over a computer network. Transport Layer
Security (TLS) is a security protocol that expands upon SSL. Many industry analysts predict that TLS
will replace SSL in the future. TLS 1.0 was first defined in RFC 2246 in January 1999 as an upgrade of
SSL Version 3.0. As of February 2015, the latest versions of all major web browsers support TLS 1.0,
1.1, and 1.2, have them enabled by default.
NO.20 Matt, the IT Manager, wants to create a new network available to virtual servers on the same
hypervisor, and does not want this network to be routable to the firewall. How could this BEST be
accomplished?
A. Commission a stand-alone switch.
B. Create a VLAN without a default gateway.
C. Create a virtual switch.
D. Remove the network from the routing table.
Answer: C
SY0-401 VCE Dumps Exam Cram
Explanation:
A Hyper-V Virtual Switch implements policy enforcement for security, isolation, and service levels.
NO.21 Virtualization that allows an operating system kernel to run multiple isolated instances of the
guest is called:
A. Containers
B. Software defined network
C. Process segregation
D. Sandboxing
Answer: A
SY0-401 VCE Dumps dumps torrent
NO.22 Which of the following security account management techniques should a security analyst
implement to prevent staff, who has switched company roles, from exceeding privileges?
A. Time of day restriction
B. Password complexity
C. Internal account audits
D. Account disablement
Answer: C
SY0-401 VCE Dumps Exam Prep
Explanation:
Internal account auditing will allow you to switch the appropriate users to the proper accounts
required after the switching of roles occurred and thus check that the principle of least privilege is
followed.
NO.23 An employee uses RDP to connect back to the office network. If RDP is misconfigured, which
of the of the following security exposures would this lead to?
A. A virus on the administrator desktop would be able to sniff the administrator's username and
password
B. A social engineering arrack could occur, resulting in the employee's password being extracted
C. A man in the middle attack could occur, resulting the employee's username and password being
captured
D. Result in an attacker being able to phish the employee's username and password
Answer: A
SY0-401 VCE Dumps Study Materials
NO.24 A security administrator needs to determine which system a particular user is trying to login to
at various times of the day. Which of the following log types would the administrator check?
A. Firewall
B. Application
C. IDS
D. Security
Answer: D
SY0-401 VCE Dumps Real Exams SY0-401 VCE Dumps test
Explanation:
The security log records events such as valid and invalid logon attempts, as well as events related to
resource use, such as the creating, opening, or deleting of files. For example, when logon auditing is
enabled, an event is recorded in the security log each time a user attempts to log on to the computer.
You must be logged on as Administrator or as a member of the Administrators group in order to turn
on, use, and specify which events are recorded in the security log.
NO.25 A recent review of accounts on various systems has found that after employees' passwords
are required to change they are recycling the same password as before. Which of the following
policies should be enforced to prevent this from happening? (Select TWO).
A. Reverse encryption
B. Password history
C. Account lockouts
D. Password expiration
E. Password complexity
F. Minimum password age
Answer: B,F
SY0-401 VCE Dumps answers real questions
Explanation:
E: Password history determines the number of previous passwords that cannot be used when a user
changes his password. For example, a password history value of 5 would disallow a user from
changing his password to any of his previous 5 passwords.
B: When a user is forced to change his password due to a maximum password age period expiring, he
could change his password to a previously used password. Or if a password history value of 5 is
configured, the user could change his password six times to cycle back round to his original password.
This is where the minimum password age comes in. This is the period that a password must be used
for. For example, a minimum password age of 30 would determine that when a user changes his
password, he must continue to use the same password for at least 30 days.
NO.26 Which of the following types of application attacks would be used to identify malware causing
security breaches that have NOT yet been identified by any trusted sources?
A. Directory traversal
B. Zero-day
C. XML injection
D. LDAP injection
Answer: B
SY0-401 VCE Dumps Free Demo
Explanation:
The security breaches have NOT yet been identified. This is zero day vulnerability. A zero day
vulnerability refers to a hole in software that is unknown to the vendor. This security hole is then
exploited by hackers before the vendor becomes aware and hurries to fix it-this exploit is called a
zero day attack. Uses of zero day attacks can include infiltrating malware, spyware or allowing
unwanted access to user information. The term "zero day" refers to the unknown nature of the hole
to those outside of the hackers, specifically, the developers. Once the vulnerability becomes known, a
race begins for the developer, who must protect users.
NO.27 A workstation is exhibiting symptoms of malware and the network security analyst has
decided to remove the system from the network. This represents which of the following stages of the
Incident Handling Response?
A. Plan of action
B. Mitigation
C. Lesson Learned
D. Recovery
Answer: A
SY0-401 VCE Dumps Real Questions SY0-401 VCE Dumps questions
NO.28 A company has identified a watering hole attack. Which of the following Best describes this
type of attack?
A. Emails are being spoofed to look like they are internal emails
B. An online news site is hosting ads in iframes from another site
C. A local restaurant chains online menu is hosting malicious code
D. A cloud storage site is attempting to harvest user IDS and passwords
Answer: B
SY0-401 VCE Dumps Real Dumps
NO.29 In order to prevent and detect fraud, which of the following should be implemented?
A. Job rotation
B. Employee evaluations
C. Incident management
D. Risk analysis
Answer: A
SY0-401 VCE Dumps Practice Questions SY0-401 VCE Dumps Dumps PDF
Explanation:
A job rotation policy defines intervals at which employees must rotate through positions. Similar in
purpose to mandatory vacations, it helps to ensure that the company does not become too
dependent on one person and it does afford the company with the opportunity to place another
person in that same job and in this way the company can potentially uncover any fraud perhaps
committed by the incumbent.
NO.30 Which of the following ports should be opened on a firewall to allow for NetBIOS
communication? (Select TWO).
A. 110
B. 137
C. 143
D. 161
E. 443
F. 139
Answer: B,F
SY0-401 VCE Dumps Exam Dumps
Explanation:
NetBIOS provides four distinct services:
Name service for name registration and resolution (port: 137/udp)
Name service for name registration and resolution (port: 137/tcp)
Datagram distribution service for connectionless communication (port: 138/udp)
Session service for connection-oriented communication (port: 139/tcp)
ITCertKing offer the latest 1Y0-301 exam material and high-quality 300-080 pdf questions & answers. Our 070-463 VCE testing engine and 70-247 study guide can help you pass the real exam. High-quality 300-101 dumps training materials can 100% guarantee you pass the exam faster and easier. Pass the exam to obtain certification is so simple.
Article Link: http://www.itcertking.com/SY0-401_exam.html
没有评论:
发表评论