★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/SY0-401-dumps.html


Highest Quality of SY0-401 testing engine materials and study guides for CompTIA certification for consumer, Real Success Guaranteed with Updated SY0-401 pdf dumps vce Materials. 100% PASS CompTIA Security+ Certification exam Today!

2021 Feb pass4sure security+ sy0-401:

Q711. Which of the following security benefits would be gained by disabling a terminated user account rather than deleting it? 

A. Retention of user keys 

B. Increased logging on access attempts 

C. Retention of user directories and files 

D. Access to quarantined files 

Answer:

Explanation: 

Account Disablement should be implemented when a user will be gone from a company whether they leave temporary or permanently. In the case of permanently leaving the company the account should be disabled. Disablement means that the account will no longer be an active account and that the user keys for that account are retained which would not be the case if the account was deleted from the system. 


Q712. Which of the following is an XML based open standard used in the exchange of authentication and authorization information between different parties? 

A. LDAP 

B. SAML 

C. TACACS+ 

D. Kerberos 

Answer:

Explanation: 

Security Assertion Markup Language (SAML) is an open-standard data format centred on XML. It is used for supporting the exchange of authentication and authorization details between systems, services, and devices. 


Q713. A major security risk with co-mingling of hosts with different security requirements is: 

A. Security policy violations. 

B. Zombie attacks. 

C. Password compromises. 

D. Privilege creep. 

Answer:

Explanation: 

The entire network is only as strong as the weakest host. Thus with the co-mingling of hosts with different security requirements would be risking security policy violations. 


Q714. A security administrator wants to implement a solution which will allow some applications to run under the user's home directory and only have access to files stored within the same user's folder, while other applications have access to shared folders. Which of the following BEST addresses these requirements if the environment is concurrently shared by multiple users? 

A. OS Virtualization 

B. Trusted OS 

C. Process sandboxing 

D. File permission 

Answer:

Explanation: 


Q715. Which of the following implementation steps would be appropriate for a public wireless hot-spot? 

A. Reduce power level 

B. Disable SSID broadcast 

C. Open system authentication 

D. MAC filter 

Answer:

Explanation: 

For a public wireless hot-spot, you want members of the public to be able to access the wireless network without having to provide them with a password. Therefore, Open System Authentication is the best solution. 

Open System Authentication (OSA) is a process by which a computer can gain access to a wireless network that uses the Wired Equivalent Privacy (WEP) protocol. With OSA, a computer equipped with a wireless modem can access any WEP network and receive files that are not encrypted. For OSA to work, the service set identifier (SSID) of the computer should match the SSID of the wireless access point. The SSID is a sequence of characters that uniquely names a wireless local area network (WLAN). The process occurs in three steps. First, the computer sends a request for authentication to the access point. Then the access point generates an authentication code, usually at random, intended for use only during that session. Finally, the computer accepts the authentication code and becomes part of the network as long as the session continues and the computer remains within range of the original access point. If it is necessary to exchange encrypted data between a WEP network access point and a wireless-equipped computer, a stronger authentication process called Shared Key Authentication (SKA) is required. 


Leading security+ sy0-401:

Q716. A software developer wants to prevent stored passwords from being easily decrypted. When the password is stored by the application, additional text is added to each password before the password is hashed. This technique is known as: 

A. Symmetric cryptography. 

B. Private key cryptography. 

C. Salting. 

D. Rainbow tables. 

Answer:

Explanation: 

Salting can be used to strengthen the hashing when the passwords were encrypted. Though hashing is a one-way algorithm it does not mean that it cannot be hacked. One method to hack a hash is though rainbow tables and salt is the counter measure to rainbow tables. With salt a password that you typed in and that has been encrypted with a hash will yield a letter combination other than what you actually types in when it is rainbow table attacked. 


Q717. Which of the following transportation encryption protocols should be used to ensure maximum security between a web browser and a web server? 

A. SSLv2 

B. SSHv1 

C. RSA 

D. TLS 

Answer:

Explanation: 

HTTP Secure HTTP Secure (HTTPS) is the protocol used for “secure” web pages that users should see when they must enter personal information such as credit card numbers, passwords, and other identifiers. It combines HTTP with SSL/TLS to provide encrypted communication. Transport Layer Security (TLS) is a security protocol that expands upon SSL. Many industry analysts predict that TLS will replace SSL, and it is also referred to as SSL 3.1. 


Q718. A company is about to release a very large patch to its customers. An administrator is required to test patch installations several times prior to distributing them to customer PCs. Which of the following should the administrator use to test the patching process quickly and often? 

A. Create an incremental backup of an unpatched PC 

B. Create an image of a patched PC and replicate it to servers 

C. Create a full disk image to restore after each installation 

D. Create a virtualized sandbox and utilize snapshots 

Answer:

Explanation: 


Q719. A system administrator wants to confidentially send a user name and password list to an individual outside the company without the information being detected by security controls. Which of the following would BEST meet this security goal? 

A. Digital signatures 

B. Hashing 

C. Full-disk encryption 

D. Steganography 

Answer:

Explanation: 


Q720. Which of the following devices will help prevent a laptop from being removed from a certain location? 

A. Device encryption 

B. Cable locks 

C. GPS tracking 

D. Remote data wipes 

Answer:

Explanation: 

Cable locks are theft deterrent devices that can be used to tether a device to a fixed point keep smaller devices from being easy to steal.