Are you a job hunter without a CompTIA CompTIA SY0-401 certification? If you are also busy on working, please acquire Pass4sures CompTIA training course. You will become on the method to CompTIA CompTIA certification easier as well as earlier. We all provide the the majority of reliable as well as trustworthy materials. The CompTIA CompTIA SY0-401 simulated tests are throughout multiple choice which is the identical as the real test. Your CompTIA questions are presented with verified answers. You can download the check engine in your PC, and do the CompTIA SY0-401 exam dumps. Your test engine make you knowledge the CompTIA SY0-401 actual exam.
Q471. A compromised workstation utilized in a Distributed Denial of Service (DDOS) attack has been removed from the network and an image of the hard drive has been created. However, the system administrator stated that the system was left unattended for several hours before the image was created. In the event of a court case, which of the following is likely to be an issue with this incident?
A. Eye Witness
B. Data Analysis of the hard drive
C. Chain of custody
D. Expert Witness
Answer: C
Explanation:
Chain of custody deals with how evidence is secured, where it is stored, and who has access to it. When you begin to collect evidence, you must keep track of that evidence at all times and show who has it, who has seen it, and where it has been. The evidence must always be within your custody, or you’re open to dispute about possible evidence tampering.
Q472. Which of the following encompasses application patch management?
A. Configuration management
B. Policy management
C. Cross-site request forgery
D. Fuzzing
Answer: A
Explanation:
Patch management is the process of maintaining the latest source code for applications and operating systems by applying the latest vendor updates. This helps protect a systems from newly discovered attacks and vulnerabilities. A part of patch management is testing the effects of vendor updates on a test system first to ensure that the updates do not have detrimental effects on the system and its configuration, and, should the updates have no detrimental effects on the test systems, backing up the production systems before applying the updates on a production system.
Q473. A vulnerability assessment indicates that a router can be accessed from default port 80 and default port 22. Which of the following should be executed on the router to prevent access via these ports? (Select TWO).
A. FTP service should be disabled
B. HTTPS service should be disabled
C. SSH service should be disabled
D. HTTP service should disabled
E. Telnet service should be disabled
Answer: C,D
Explanation:
Port 80 is used by HTTP. Port 22 is used by SSH. By disabling the HTTP and Telnet services, you will prevent access to the router on ports 80 and 22.
Q474. A security administrator develops a web page and limits input into the fields on the web page as well as filters special characters in output. The administrator is trying to prevent which of the following attacks?
A. Spoofing
B. XSS
C. Fuzzing
D. Pharming
Answer: B
Explanation:
Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications. XSS enables attackers to inject client-side script into Web pages viewed by other users. Cross-site scripting uses known vulnerabilities in web-based applications, their servers, or plug-in systems on which they rely. Exploiting one of these, attackers fold malicious content into the content being delivered from the compromised site. When the resulting combined content arrives at the client-side web browser, it has all been delivered from the trusted source, and thus operates under the permissions granted to that system. By finding ways of injecting malicious scripts into web pages, an attacker can gain elevated access-privileges to sensitive page content, session cookies, and a variety of other information maintained by the browser on behalf of the user.
By validating user input and preventing special characters, we can prevent the injection of client-side scripting code.
Q475. Sara, an attacker, is recording a person typing in their ID number into a keypad to gain access to the building. Sara then calls the helpdesk and informs them that their PIN no longer works and would like to change it. Which of the following attacks occurred LAST?
A. Phishing
B. Shoulder surfing
C. Impersonation
D. Tailgating
Answer: C
Explanation:
Two attacks took place in this question. The first attack was shoulder surfing. This was the act of Sara recording a person typing in their ID number into a keypad to gain access to the building. The second attack was impersonation. Sara called the helpdesk and used the PIN to impersonate the person she recorded.
Q476. Which of the following explains the difference between a public key and a private key?
A. The public key is only used by the client while the private key is available to all. Both keys are mathematically related.
B. The private key only decrypts the data while the public key only encrypts the data. Both keys are mathematically related.
C. The private key is commonly used in symmetric key decryption while the public key is used in asymmetric key decryption.
D. The private key is only used by the client and kept secret while the public key is available to all.
Answer: D
Explanation:
The private key must be kept secret at all time. The private key is only by the client. The public key is available to anybody.
Q477. Which of the following policies is implemented in order to minimize data loss or theft?
A. PII handling
B. Password policy
C. Chain of custody
D. Zero day exploits
Answer: A
Explanation:
Although the concept of PII is old, it has become much more important as information technology and the Internet have made it easier to collect PII through breaches of internet security, network security and web browser security, leading to a profitable market in collecting and reselling PII. PII can also be exploited by criminals to stalk or steal the identity of a person, or to aid in the planning of criminal acts. Personally identifiable information (PII) is a catchall for any data that can be used to uniquely identify an individual. This data can be anything from the person’s name to a fingerprint (think biometrics), credit card number, or patient record. Thus a PII handling policy can be used to protect data.
Q478. During the information gathering stage of a deploying role-based access control model, which of the following information is MOST likely required?
A. Conditional rules under which certain systems may be accessed
B. Matrix of job titles with required access privileges
C. Clearance levels of all company personnel
D. Normal hours of business operation
Answer: B
Explanation:
Role-based access control is a model where access to resources is determines by job role rather than by user account.
Within an organization, roles are created for various job functions. The permissions to perform certain operations are assigned to specific roles. Members or staff (or other system users) are assigned particular roles, and through those role assignments acquire the computer permissions to perform particular computer-system functions. Since users are not assigned permissions directly, but only acquire them through their role (or roles), management of individual user rights becomes a matter of simply assigning appropriate roles to the user's account; this simplifies common operations, such as adding a user, or changing a user's department.
To configure role-based access control, you need a list (or matrix) of job titles (roles) and the access privileges that should be assigned to each role.
Q479. The string:
‘ or 1=1-- -
Represents which of the following?
A. Bluejacking
B. Rogue access point
C. SQL Injection
D. Client-side attacks
Answer: C
Explanation:
The code in the question is an example of a SQL Injection attack. The code ‘1=1’ will always provide a value of true. This can be included in statement designed to return all rows in a SQL table.
SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker). SQL injection must exploit a security vulnerability in an application's software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.
Q480. Ann, a newly hired human resource employee, sent out confidential emails with digital signatures, to an unintended group. Which of the following would prevent her from denying accountability?
A. Email Encryption
B. Steganography
C. Non Repudiation
D. Access Control
Answer: C
Explanation:
Nonrepudiation prevents one party from denying actions they carried out.