SY0-401 Exam
Renew SY0-401 exams Guide
The Examcollection.org is a credible web site to supply an individual with the the majority of accurate along with original CompTIA CompTIA demos. Each of our experts continually update the CompTIA practice questions along with answers according to the actual latest CompTIA SY0-401 syllabus. Theres a little alter in the real CompTIA CompTIA exam every moment. Our staff members will certainly revise the CompTIA SY0-401 exam dumps in good moment.
2021 Mar SY0-401 brain dumps
Q151. Which of the following is true about the recovery agent?
A. It can decrypt messages of users who lost their private key.
B. It can recover both the private and public key of federated users.
C. It can recover and provide users with their lost or private key.
D. It can recover and provide users with their lost public key.
Answer: A
Explanation:
Explanation: A key recovery agent is an entity that has the ability to recover a private key, key components, or plaintext messages as needed. Using the recovered key the recovery agent can decrypt encrypted data.
Q152. Which of the following ports should be opened on a firewall to allow for NetBIOS communication? (Select TWO).
A. 110
B. 137
C. 139
D. 143
E. 161
F. 443
Answer: B,C
Explanation: NetBIOS provides four distinct services:
Name service for name registration and resolution (port: 137/udp)
Name service for name registration and resolution (port: 137/tcp)
Datagram distribution service for connectionless communication (port: 138/udp)
Session service for connection-oriented communication (port: 139/tcp)
Q153. A recent audit has discovered that at the time of password expiration clients are able to recycle the previous credentials for authentication. Which of the following controls should be used together to prevent this from occurring? (Select TWO).
A. Password age
B. Password hashing
C. Password complexity
D. Password history
E. Password length
Answer: A,D
Explanation:
D: Password history determines the number of previous passwords that cannot be used when a user changes his password. For example, a password history value of 5 would disallow a user from changing his password to any of his previous 5 passwords.
A: When a user is forced to change his password due to a maximum password age period expiring, he could change his password to a previously used password. Or if a password history value of 5 is configured, the user could change his password six times to cycle back round to his original password. This is where the minimum password age comes in. This is the period that a password must be used for. For example, a minimum password age of 30 would determine that when a user changes his password, he must continue to use the same password for at least 30 days.
Q154. Which of the following passwords is the LEAST complex?
A. MyTrain!45
B. Mytr@in!!
C. MyTr@in12
D. MyTr@in#8
Answer: B
Explanation:
Password policies often enforce a minimum of three out of four standard character types, which includes uppercase and lowercase letters, numbers, and symbols. Although this option includes three of the four character types, it does not include numbers, which makes it less complex than the other options.
Q155. A system administrator has noticed that users change their password many times to cycle back to the original password when their passwords expire. Which of the following would BEST prevent this behavior?
A. Assign users passwords based upon job role.
B. Enforce a minimum password age policy.
C. Prevent users from choosing their own passwords.
D. Increase the password expiration time frame.
Answer: B
Explanation:
A minimum password age policy defines the period that a password must be used for before it can be changed.
Refresh SY0-401 test engine:
Q156. The concept of rendering data passing between two points over an IP based network impervious to all but the most sophisticated advanced persistent threats is BEST categorized as which of the following?
A. Stream ciphers
B. Transport encryption
C. Key escrow
D. Block ciphers
Answer: B
Explanation:
Transport encryption is the process of encrypting data ready to be transmitted over an insecure network. A common example of this would be online banking or online purchases where sensitive information such as account numbers or credit card numbers is transmitted.
Transport Layer Security (TLS) is a protocol that ensures privacy between communicating applications and their users on the Internet. When a server and client communicate, TLS ensures that no third party may eavesdrop or tamper with any message. TLS is the successor to the Secure Sockets Layer (SSL).
Q157. Deploying a wildcard certificate is one strategy to:
A. Secure the certificate’s private key.
B. Increase the certificate’s encryption key length.
C. Extend the renewal date of the certificate.
D. Reduce the certificate management burden.
Answer: D
Explanation:
A wildcard certificate is a public key certificate which can be used with multiple subdomains of a domain. This saves money and reduces the management burden of managing multiple certificates, one for each subdomain.
A single Wildcard certificate for *.example.com, will secure all these domains: payment.example.com contact.example.com
login-secure.example.com
www.example.com
Because the wildcard only covers one level of subdomains (the asterisk doesn't match full stops),
these domains would not be valid for the certificate:
test.login.example.com
Q158. Which of the following fire suppression systems is MOST likely used in a datacenter?
A. FM-200
B. Dry-pipe
C. Wet-pipe
D. Vacuum
Answer: A
Explanation:
FM200 is a gas and the principle of a gas system is that it displaces the oxygen in the room, thereby removing this essential component of a fi re. in a data center is is the preferred choice of fire suppressant.
Q159. Which of the following is true about asymmetric encryption?
A. A message encrypted with the private key can be decrypted by the same key
B. A message encrypted with the public key can be decrypted with a shared key.
C. A message encrypted with a shared key, can be decrypted by the same key.
D. A message encrypted with the public key can be decrypted with the private key.
Answer: D
Explanation:
Asymmetric algorithms use two keys to encrypt and decrypt data. These asymmetric keys are referred to as the public key and the private key. The sender uses the public key to encrypt a message, and the receiver uses the private key to decrypt the message; what one key does, the other one undoes.
Q160. Pete, a developer, writes an application. Jane, the security analyst, knows some things about the
overall application but does not have all the details. Jane needs to review the software before it is released to production. Which of the following reviews should Jane conduct?
A. Gray Box Testing
B. Black Box Testing
C. Business Impact Analysis
D. White Box Testing
Answer: A
Explanation:
Gray box testing, also called gray box analysis, is a strategy for software debugging in which the tester has limited knowledge of the internal details of the program. A gray box is a device, program or system whose workings are partially understood. Gray box testing can be contrasted with black box testing, a scenario in which the tester has no knowledge or access to the internal workings of a program, or white box testing, a scenario in which the internal particulars are fully known. Gray box testing is commonly used in penetration tests. Gray box testing is considered to be non-intrusive and unbiased because it does not require that the tester have access to the source code. With respect to internal processes, gray box testing treats a program as a black box that must be analyzed from the outside. During a gray box test, the person may know how the system components interact but not have detailed knowledge about internal program functions and operation. A clear distinction exists between the developer and the tester, thereby minimizing the risk of personnel conflicts.