SY0-401 Exam
A Review Of Exact SY0-401 class
Q431. In order to securely communicate using PGP, the sender of an email must do which of the following when sending an email to a recipient for the first time?
A. Import the recipient’s public key
B. Import the recipient’s private key
C. Export the sender’s private key
D. Export the sender’s public key
Answer: A
Explanation:
See step 4 below.
1.
When a user encrypts plaintext with PGP, PGP first compresses the plaintext.
2.
PGP then creates a session key, which is a one-time-only secret key.
3.
This session key works with a very secure, fast conventional encryption algorithm to encrypt the plaintext; the result is ciphertext.
4.
Once the data is encrypted, the session key is then encrypted to the recipient's public key. This public key-encrypted session key is transmitted along with the ciphertext to the recipient.
Q432. Which of the following is true about input validation in a client-server architecture, when data integrity is critical to the organization?
A. It should be enforced on the client side only.
B. It must be protected by SSL encryption.
C. It must rely on the user’s knowledge of the application.
D. It should be performed on the server side.
Answer: D
Explanation:
Client-side validation should only be used to improve user experience, never for security purposes. A client-side input validation check can improve application performance by catching malformed input on the client and, therefore, saving a roundtrip to the server. However, client side validation can be easily bypassed and should never be used for security purposes. Always use server-side validation to protect your application from malicious attacks.
Q433. Developers currently have access to update production servers without going through an approval process. Which of the following strategies would BEST mitigate this risk?
A. Incident management
B. Clean desk policy
C. Routine audits
D. Change management
Answer: D
Explanation:
Change Management is a risk mitigation approach and refers to the structured approach that is followed to secure a company’s assets. This structured approach involves policies that should be in place and technological controls that should be enforced.
Q434. Joe, a security administrator, is concerned with users tailgating into the restricted areas. Given a limited budget, which of the following would BEST assist Joe with detecting this activity?
A. Place a full-time guard at the entrance to confirm user identity.
B. Install a camera and DVR at the entrance to monitor access.
C. Revoke all proximity badge access to make users justify access.
D. Install a motion detector near the entrance.
Answer: B
Explanation:
Tailgating is a favorite method of gaining entry to electronically locked systems by following someone through the door they just unlocked. With a limited budget installing a camera and DVR at the entrance to monitor access to the restricted areas is the most feasible solution. The benefit of a camera (also known as closed-circuit television, or CCTV) is that it is always running and can record everything it sees, creating evidence that can be admissible in court if necessary.
Q435. Which of the following technical controls helps to prevent Smartphones from connecting to a corporate network?
A. Application white listing
B. Remote wiping
C. Acceptable use policy
D. Mobile device management
Answer: D
Explanation:
Mobile device management (MDM) is allows for managing the mobile devices that employees use to access company resources. MDM is intended to improve security, provide monitoring, enable remote management, and support troubleshooting. It can be used to push or remove applications, manage data, and enforce configuration settings on these devices.
Q436. Key cards at a bank are not tied to individuals, but rather to organizational roles. After a break in, it becomes apparent that extra efforts must be taken to successfully pinpoint who exactly enters secure areas. Which of the following security measures can be put in place to mitigate the issue until a new key card system can be installed?
A. Bollards
B. Video surveillance
C. Proximity readers
D. Fencing
Answer: B
Explanation:
Q437. One of the most consistently reported software security vulnerabilities that leads to major exploits is:
A. Lack of malware detection.
B. Attack surface decrease.
C. Inadequate network hardening.
D. Poor input validation.
Answer: D
Explanation:
D: With coding there are standards that should be observed. Of these standards the most fundamental is input validation. Attacks such as SQL injection depend on unfiltered input being sent through a web application. This makes for a software vulnerability that can be exploited. There are two primary ways to do input validation: client-side validation and server-side validation. Thus with poor input validation you increase your risk with regard to exposure to major software exploits.
Q438. Which of the following defines a business goal for system restoration and acceptable data loss?
A. MTTR
B. MTBF
C. RPO
D. Warm site
Answer: C
Explanation:
The recovery point objective (RPO) defines the point at which the system needs to be restored. This could be where the system was two days before it crashed (whip out the old backup tapes) or five minutes before it crashed (requiring complete redundancy). This is an essential business goal insofar as system restoration and acceptable data loss is concerned.
Q439. Which of the following risk concepts requires an organization to determine the number of failures per year?
A. SLE
B. ALE
C. MTBF
D. Quantitative analysis
Answer: B
Explanation:
ALE is the annual loss expectancy value. This is a monetary measure of how much loss you could expect in a year.
Q440. At the outside break area, an employee, Ann, asked another employee to let her into the building because her badge is missing. Which of the following does this describe?
A. Shoulder surfing
B. Tailgating
C. Whaling
D. Impersonation
Answer: B
Explanation:
Although Ann is an employee and therefore authorized to enter the building, she does not have her badge and therefore strictly she should not be allowed to enter the building. Just as a driver can tailgate another driver’s car by following too closely, in the security sense, tailgating means to compromise physical security by following somebody through a door meant to keep out intruders. Tailgating is actually a form of social engineering, whereby someone who is not authorized to enter a particular area does so by following closely behind someone who is authorized.