getcertified4sure.com

SY0-401 Exam

How Does Actualtests CompTIA SY0-401 pdf exam Work?



2021 Apr SY0-401 testing engine

Q1. Which of the following is true about the CRL? 

A. It should be kept public 

B. It signs other keys 

C. It must be kept secret 

D. It must be encrypted 

Answer:

Explanation: 

The CRL must be public so that it can be known which keys and certificates have been revoked. In the operation of some cryptosystems, usually public key infrastructures (PKIs), a certificate revocation list (CRL) is a list of certificates (or more specifically, a list of serial numbers for certificates) that have been revoked, and therefore, entities presenting those (revoked) certificates should no longer be trusted. 


Q2. Which of the following attacks could be used to initiate a subsequent man-in-the-middle attack? 

A. ARP poisoning 

B. DoS 

C. Replay 

D. Brute force 

Answer:

Explanation: 

A replay attack (also known as playback attack) is a form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it, possibly as part of a masquerade attack by IP packet substitution (such as stream cipher attack). 

For example: Suppose Alice wants to prove her identity to Bob. Bob requests her password as proof of identity, which Alice dutifully provides (possibly after some transformation like a hash function); meanwhile, Eve is eavesdropping on the conversation and keeps the password (or the hash). After the interchange is over, Eve (posing as Alice) connects to Bob; when asked for a proof of identity, Eve sends Alice's password (or hash) read from the last session, which Bob accepts thus granting access to Eve. 

Countermeasures: A way to avoid replay attacks is by using session tokens: Bob sends a one-time token to Alice, which Alice uses to transform the password and send the result to Bob (e.g. computing a hash function of the session token appended to the password). On his side Bob performs the same computation; if and only if both values match, the login is successful. Now suppose Eve has captured this value and tries to use it on another session; Bob sends a different session token, and when Eve replies with the captured value it will be different from Bob's computation. Session tokens should be chosen by a (pseudo-) random process. Otherwise Eve may be able to pose as Bob, presenting some predicted future token, and convince Alice to use that token in her transformation. Eve can then replay her reply at a later time (when the previously predicted token is actually presented by Bob), and Bob will accept the authentication. One-time passwords are similar to session tokens in that the password expires after it has been used or after a very short amount of time. They can be used to authenticate individual transactions in addition to sessions. The technique has been widely implemented in personal online banking systems. Bob can also send nonces but should then include a message authentication code (MAC), which Alice should check. Timestamping is another way of preventing a replay attack. Synchronization should be achieved using a secure protocol. For example Bob periodically broadcasts the time on his clock together with a MAC. When Alice wants to send Bob a message, she includes her best estimate of the time on his clock in her message, which is also authenticated. Bob only accepts messages for which the timestamp is within a reasonable tolerance. The advantage of this scheme is that Bob does not need to generate (pseudo-) random numbers, with the trade-off being that replay attacks, if they are performed quickly enough i.e. within that 'reasonable' limit, could succeed. 


Q3. Computer evidence at a crime is preserved by making an exact copy of the hard disk. Which of the following does this illustrate? 

A. Taking screenshots 

B. System image capture 

C. Chain of custody 

D. Order of volatility 

Answer:

Explanation: 

A system image would be a snapshot of what exists at the moment. Thus capturing an image of the operating system in its exploited state can be helpful in revisiting the issue after the fact to learn more about it. 


Q4. A company plans to expand by hiring new engineers who work in highly specialized areas. Each engineer will have very different job requirements and use unique tools and applications in their job. Which of the following is MOST appropriate to use? 

A. Role-based privileges 

B. Credential management 

C. User assigned privileges 

D. User access 

Answer:

Explanation: 


Q5. Pete, the system administrator, is reviewing his disaster recovery plans. He wishes to limit the downtime in the event of a disaster, but does not have the budget approval to implement or maintain an offsite location that ensures 99.99% availability. Which of the following would be Pete’s BEST option? 

A. Use hardware already at an offsite location and configure it to be quickly utilized. 

B. Move the servers and data to another part of the company’s main campus from the server room. 

C. Retain data back-ups on the main campus and establish redundant servers in a virtual environment. 

D. Move the data back-ups to the offsite location, but retain the hardware on the main campus for redundancy. 

Answer:

Explanation: 

A warm site provides some of the capabilities of a hot site, but it requires the customer to do more work to become operational. Warm sites provide computer systems and compatible media capabilities. If a warm site is used, administrators and other staff will need to install and configure systems to resume operations. For most organizations, a warm site could be a remote office, a leased facility, or another organization with which yours has a reciprocal agreement. Warm sites may be for your exclusive use, but they don’t have to be. A warm site requires more advanced planning, testing, and access to media for system recovery. Warm sites represent a compromise between a hot site, which is very expensive, and a cold site, which isn’t preconfigured. 


Q6. An online store wants to protect user credentials and credit card information so that customers can store their credit card information and use their card for multiple separate transactions. 

Which of the following database designs provides the BEST security for the online store? 

A. Use encryption for the credential fields and hash the credit card field 

B. Encrypt the username and hash the password 

C. Hash the credential fields and use encryption for the credit card field 

D. Hash both the credential fields and the credit card field 

Answer:

Explanation: 

Hashing refers to the hash algorithms used in cryptography. It is used to store data, such as hash tables. One main characteristic of hashing is that the algorithm must have few or no collisions – in hashing two different inputs does not give the same output. Thus the credential fields should be hashed because anyone customer will have a unique credit card number/identity and since they will use their credit cards for many different transactions, the credit card field should be encrypted only, not hashed. 


Q7. Using proximity card readers instead of the traditional key punch doors would help to mitigate: 

A. Impersonation 

B. Tailgating 

C. Dumpster diving 

D. Shoulder surfing 

Answer:

Explanation: 

Using a traditional key punch door, a person enters a code into a keypad to unlock the door. Someone could be watching the code being entered. They would then be able to open the door by entering the code. The process of watching the key code being entered is known as shoulder surfing. 

Shoulder surfing is using direct observation techniques, such as looking over someone's shoulder, to get information. Shoulder surfing is an effective way to get information in crowded places because it's relatively easy to stand next to someone and watch as they fill out a form, enter a PIN number at an ATM machine, or use a calling card at a public pay phone. Shoulder surfing can also be done long distance with the aid of binoculars or other vision-enhancing devices. To prevent shoulder surfing, experts recommend that you shield paperwork or your keypad from view by using your body or cupping your hand. 


Q8. To help prevent unauthorized access to PCs, a security administrator implements screen savers that lock the PC after five minutes of inactivity. Which of the following controls is being described in this situation? 

A. Management 

B. Administrative 

C. Technical 

D. Operational 

Answer:

Explanation: 

controls such as preventing unauthorized access to PC’s and applying screensavers that lock the PC after five minutes of inactivity is a technical control type, the same as Identification and Authentication, Access Control, Audit and Accountability as well as System and Communication Protection. 


Q9. Company A sends a PGP encrypted file to company B. If company A used company B’s public key to encrypt the file, which of the following should be used to decrypt data at company B? 

A. Registration 

B. Public key 

C. CRLs 

D. Private key 

Answer:

Explanation: 

In a PKI the sender encrypts the data using the receiver's public key. The receiver decrypts the 

data using his own private key. 

PKI is a two-key, asymmetric system with four main components: certificate authority (CA), 

registration authority (RA), RSA (the encryption algorithm), and digital certificates. Messages are 

encrypted with a public key and decrypted with a private key. 

A PKI example: 

1.

 You want to send an encrypted message to Jordan, so you request his public key. 

2.

 Jordan responds by sending you that key. 

3.

 You use the public key he sends you to encrypt the message. 

4.

 You send the message to him. 

5.

 Jordan uses his private key to decrypt the message. 


Q10. A new application needs to be deployed on a virtual server. The virtual server hosts a SQL server that is used by several employees. Which of the following is the BEST approach for implementation of the new application on the virtual server? 

A. Take a snapshot of the virtual server after installing the new application and store the snapshot in a secure location. 

B. Generate a baseline report detailing all installed applications on the virtualized server after installing the new application. 

C. Take a snapshot of the virtual server before installing the new application and store the snapshot in a secure location. 

D. Create an exact copy of the virtual server and store the copy on an external hard drive after installing the new application. 

Answer:

Explanation: 


© Copyright Getcertified4sure.com. examcollectionuk.com
All other trademarks and copyrights are the property of their respective owners.
All rights reserved.