SY0-401 Exam
Abreast of the times SY0-401: Exambible real tutorials from 261 to 270
Want to know Examcollection SY0-401 Exam practice test features? Want to lear more about CompTIA CompTIA Security+ Certification certification experience? Study Best Quality CompTIA SY0-401 answers to Up to date SY0-401 questions at Examcollection. Gat a success with an absolute guarantee to pass CompTIA SY0-401 (CompTIA Security+ Certification) test on your first attempt.
2021 Apr SY0-401 sample question
Q261. Ann is the data owner of financial records for a company. She has requested that she have the ability to assign read and write privileges to her folders. The network administrator is tasked with setting up the initial access control system and handing Ann's administrative capabilities. Which of the following systems should be deployed?
A. Role-based
B. Mandatory
C. Discretionary
D. Rule-based
Answer: C
Explanation:
Q262. The practice of marking open wireless access points is called which of the following?
A. War dialing
B. War chalking
C. War driving
D. Evil twin
Answer: B
Explanation:
War chalking is the act of making chalk marks on outdoor surfaces (walls, sidewalks, buildings, sign posts, trees) to indicate the existence of an open wireless network connection, usually offering an Internet connection so that others can benefit from the free wireless access. The open connections typically come from the access points of wireless networks located within buildings to serve enterprises. The chalk symbols indicate the type of access point that is available at that specific spot.
Q263. Which of the following MUST Matt, a security administrator, implement to verify both the integrity and authenticity of a message while requiring a shared secret?
A. RIPEMD
B. MD5
C. SHA
D. HMAC
Answer: D
Explanation:
HMAC (Hash-Based Message Authentication Code) uses a hashing algorithm along with a symmetric key. The hashing function provides data integrity, while the symmetric key provides authenticity.
Q264. HOTSPOT
The security administrator has installed a new firewall which implements an implicit DENY policy by default Click on the firewall and configure it to allow ONLY the following communication.
1. The Accounting workstation can ONLY access the web server on the public network over the default HTTPS port. The accounting workstation should not access other networks.
2. The HR workstation should be restricted to communicate with the Financial server ONLY, over the default SCP port
3. The Admin workstation should ONLY be able to access the servers on the secure network over the default TFTP port.
Instructions: The firewall will process the rules in a top-down manner in order as a first match The port number must be typed in and only one port number can be entered per rule Type ANY for all ports. The original firewall configuration can be reset at any time by pressing the reset button. Once you have met the simulation requirements, click save and then Done to submit.
Answer:
Q265. Which of the following is the primary security concern when deploying a mobile device on a network?
A. Strong authentication
B. Interoperability
C. Data security
D. Cloud storage technique
Answer: C
Explanation:
Mobile devices, such as laptops, tablet computers, and smartphones, provide security challenges above those of desktop workstations, servers, and such in that they leave the office and this increases the odds of their theft which makes data security a real concern. At a bare minimum, the following security measures should be in place on mobile devices: Screen lock, Strong password, Device encryption, Remote Wipe or Sanitation, voice encryption, GPS tracking, Application control, storage segmentation, asses tracking and device access control.
Leading SY0-401 braindumps:
Q266. DRAG DROP
Drag and drop the correct protocol to its default port.
Answer:
Explanation:
FTP uses TCP port 21.
Telnet uses port 23.
SSH uses TCP port 22. All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec,
and slogin, also use TCP port 22. Secure Copy Protocol (SCP) is a secure file-transfer facility
based on SSH and Remote Copy Protocol (RCP). Secure FTP (SFTP) is a secured alternative to
standard File Transfer Protocol (FTP).
SMTP uses TCP port 25.
Port 69 is used by TFTP.
SNMP makes use of UDP ports 161 and 162.
References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 42, 45,
http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
Q267. Which of the following cryptographic algorithms is MOST often used with IPSec?
A. Blowfish
B. Twofish
C. RC4
D. HMAC
Answer: D
Explanation:
The HMAC-MD5-96 (also known as HMAC-MD5) encryption technique is used by IPSec to make sure that a message has not been altered.
Q268. NO: 81
A company is about to release a very large patch to its customers. An administrator is required to test patch installations several times prior to distributing them to customer PCs.
Which of the following should the administrator use to test the patching process quickly and often?
A. Create an incremental backup of an unpatched PC
B. Create an image of a patched PC and replicate it to servers
C. Create a full disk image to restore after each installation
D. Create a virtualized sandbox and utilize snapshots
Answer: D
Explanation:
Sandboxing is the process of isolating a system before installing new applications or patches on it
so as to restrict the software from being able to cause harm to production systems.
Before the patch is installed, a snapshot of the system should be taken. Snapshots are backups
that can be used to quickly recover from poor updates, and errors arising from newly installed
applications.
Q269. Vendors typically ship software applications with security settings disabled by default to ensure a wide range of interoperability with other applications and devices. A security administrator should perform which of the following before deploying new software?
A. Application white listing
B. Network penetration testing
C. Application hardening
D. Input fuzzing testing
Answer: C
Explanation:
Hardening is the process of securing a system by reducing its surface of vulnerability. Reducing the surface of vulnerability typically includes removing unnecessary functions and features, removing unnecessary usernames or logins and disabling unnecessary services.
Q270. Speaking a passphrase into a voice print analyzer is an example of which of the following security concepts?
A. Two factor authentication
B. Identification and authorization
C. Single sign-on
D. Single factor authentication
Answer: A
Explanation:
Two-factor authentication is when two different authentication factors are provided for
authentication purposes.
Speaking (Voice) – something they are.
Passphrase – something they know.