• Home
• CompTIA
• SY0-401 : CompTIA Security+ Certification

[100% Correct] SY0-401 CompTIA book 641-650 (Mar 2021)

---

SY0-401 exam is also called CompTIA CompTIA SY0-401 exam which is a new CompTIA certification exam. CompTIA SY0-401 certification is a passport to be able to related professions. Having a SY0-401 certification in hand, you may enjoy a new promising future. It is a key step to be able to choose a powerful preparation materials. Exambible is a premier choice for you to be able to lay a good foundation for your CompTIA SY0-401 preparation.

2021 Mar SY0-401 study guide

Q641. Which of the following password attacks is MOST likely to crack the largest number of randomly generated passwords? 

A. Hybrid 

B. Birthday attack 

C. Dictionary 

D. Rainbow tables 

Answer: D 

Explanation: 

Q642. Which of the following describes the purpose of an MOU? 

A. Define interoperability requirements 

B. Define data backup process 

C. Define onboard/offboard procedure 

D. Define responsibilities of each party 

Answer: D 

Explanation: 

MOU or Memorandum of Understanding is a document outlining which party is responsible for what portion of the work. 

Q643. An organization is recovering data following a datacenter outage and determines that backup copies of files containing personal information were stored in an unsecure location, because the sensitivity was unknown. Which of the following activities should occur to prevent this in the future? 

A. Business continuity planning 

B. Quantitative assessment 

C. Data classification 

D. Qualitative assessment 

Answer: C 

Explanation: 

Information classification is done by confidentiality and comprises of three categories, namely: public use, internal use and restricted use. Knowing how to apply these categories and matching it up with the appropriate data handling will address the situation of the data ‘unknown sensitivity’ 

Q644. Public key certificates and keys that are compromised or were issued fraudulently are listed on which of the following? 

A. PKI 

B. ACL 

C. CA 

D. CRL 

Answer: D 

Explanation: 

A CRL is a locally stored record containing revoked certificates and revoked keys. 

Q645. A software developer wants to prevent stored passwords from being easily decrypted. When the password is stored by the application, additional text is added to each password before the password is hashed. This technique is known as: 

A. Symmetric cryptography. 

B. Private key cryptography. 

C. Salting. 

D. Rainbow tables. 

Answer: C 

Explanation: 

Salting can be used to strengthen the hashing when the passwords were encrypted. Though hashing is a one-way algorithm it does not mean that it cannot be hacked. One method to hack a hash is though rainbow tables and salt is the counter measure to rainbow tables. With salt a password that you typed in and that has been encrypted with a hash will yield a letter combination other than what you actually types in when it is rainbow table attacked. 

Most recent SY0-401 sample question:

Q646. Which of the following ciphers would be BEST used to encrypt streaming video? 

A. RSA 

B. RC4 

C. SHA1 D. 3DES 

Answer: B 

Explanation: 

In cryptography, RC4 is the most widely used software stream cipher and is used in popular Internet protocols such as Transport Layer Security (TLS). While remarkable for its simplicity and speed in software, RC4 has weaknesses that argue against its use in new systems. It is especially vulnerable when the beginning of the output keystream is not discarded, or when nonrandom or related keys are used; some ways of using RC4 can lead to very insecure protocols such as WEP. 

Because RC4 is a stream cipher, it is more malleable than common block ciphers. If not used together with a strong message authentication code (MAC), then encryption is vulnerable to a bit-flipping attack. The cipher is also vulnerable to a stream cipher attack if not implemented correctly. Furthermore, inadvertent double encryption of a message with the same key may accidentally output plaintext rather than ciphertext because the involutory nature of the XOR function would result in the second operation reversing the first. It is noteworthy, however, that RC4, being a stream cipher, was for a period of time the only common cipher that was immune to the 2011 BEAST attack on TLS 1.0. The attack exploits a known weakness in the way cipher block chaining mode is used with all of the other ciphers supported by TLS 1.0, which are all block ciphers. 

Q647. Users are utilizing thumb drives to connect to USB ports on company workstations. A technician is concerned that sensitive files can be copied to the USB drives. Which of the following mitigation techniques would address this concern? (Select TWO). 

A. Disable the USB root hub within the OS. 

B. Install anti-virus software on the USB drives. 

C. Disable USB within the workstations BIOS. 

D. Apply the concept of least privilege to USB devices. 

E. Run spyware detection against all workstations. 

Answer: A,C 

Explanation: 

A: The USB root hub can be disabled from within the operating system. 

C: USB can also be configured and disabled in the system BIOS. 

Q648. A computer is suspected of being compromised by malware. The security analyst examines the computer and finds that a service called Telnet is running and connecting to an external website over port 443. This Telnet service was found by comparing the system’s services to the list of standard services on the company’s system image. This review process depends on: 

A. MAC filtering. 

B. System hardening. 

C. Rogue machine detection. 

D. Baselining. 

Answer: D 

Explanation: 

Application baseline defines the level or standard of security that will be implemented and maintained for the application. It may include requirements of hardware components, operating system versions, patch levels, installed applications and their configurations, and available ports and services. Systems can be compared to the baseline to ensure that the required level of security is being maintained. 

Q649. Which of the following hardware based encryption devices is used as a part of multi-factor authentication to access a secured computing system? 

A. Database encryption 

B. USB encryption 

C. Whole disk encryption 

D. TPM 

Answer: D 

Explanation: 

Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores cryptographic keys, passwords, or certificates. 

Q650. Which of the following provides the strongest authentication security on a wireless network? 

A. MAC filter 

B. WPA2 

C. WEP 

D. Disable SSID broadcast 

Answer: B 

Explanation: 

The Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access 2 (WPA2) authentication protocols were designed to address the core, easy-to-crack problems of WEP.