★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/SY0-401-dumps.html


Act now and download your CompTIA SY0-401 test today! Do not waste time for the worthless CompTIA SY0-401 tutorials. Download Leading CompTIA CompTIA Security+ Certification exam with real questions and answers and begin to learn CompTIA SY0-401 with a classic professional.

2021 Apr SY0-401 question

Q531. After a network outage, a PC technician is unable to ping various network devices. The network administrator verifies that those devices are working properly and can be accessed securely. 

Which of the following is the MOST likely reason the PC technician is unable to ping those devices? 

A. ICMP is being blocked 

B. SSH is not enabled 

C. DNS settings are wrong 

D. SNMP is not configured properly 

Answer:

Explanation: 

ICMP is a protocol that is commonly used by tools such as ping, traceroute, and pathping. ICMP offers no information If ICMP request queries go unanswered, or ICMP replies are lost or blocked. 


Q532. A way to assure data at-rest is secure even in the event of loss or theft is to use: 

A. Full device encryption. 

B. Special permissions on the file system. 

C. Trusted Platform Module integration. 

D. Access Control Lists. 

Answer:

Explanation: 

Device encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should the device be stolen. 


Q533. A security analyst has been notified that trade secrets are being leaked from one of the executives in the corporation. When reviewing this executive’s laptop they notice several pictures of the employee’s pets are on the hard drive and on a cloud storage network. When the analyst hashes the images on the hard drive against the hashes on the cloud network they do not match. 

Which of the following describes how the employee is leaking these secrets? 

A. Social engineering 

B. Steganography 

C. Hashing 

D. Digital signatures 

Answer:

Explanation: 

Steganography is the process of hiding one message in another. Steganography may also be referred to as electronic watermarking. It is also the process of hiding a message in a medium such as a digital image, audio fi le, or other fi le. In theory, doing this prevents analysts from detecting the real message. You could encode your message in another file or message and use that file to hide your message. 


Q534. A user has forgotten their account password. Which of the following is the BEST recovery strategy? 

A. Upgrade the authentication system to use biometrics instead. 

B. Temporarily disable password complexity requirements. 

C. Set a temporary password that expires upon first use. 

D. Retrieve the user password from the credentials database. 

Answer:

Explanation: 

Since a user’s password isn’t stored on most operating systems (only a hash value is kept), most operating systems allow the administrator to change the value for a user who has forgotten theirs. This new value allows the user to log in and then immediately change it to another value that they can (ideally) remember. Also setting a temporary password to expire upon first use will not allow a hacker the opportunity or time to use it. 


Q535. NO: 104 

A UNIX administrator would like to use native commands to provide a secure way of connecting to other devices remotely and to securely transfer files. Which of the following protocols could be utilized? (Select TWO). 

A. RDP 

B. SNMP 

C. FTP 

D. SCP 

E. SSH 

Answer: D,E 

Explanation: 

SSH is used to establish a command-line, text-only interface connection with a server, router, 

switch, or similar device over any distance. 

Secure Copy Protocol (SCP) is a secure file-transfer facility based on SSH and Remote Copy 

Protocol (RCP). SCP is commonly used on Linux and Unix platforms. 


Far out SY0-401 exam price:

Q536. Sara, a security analyst, is trying to prove to management what costs they could incur if their customer database was breached. This database contains 250 records with PII. Studies show that the cost per record for a breach is $300. The likelihood that their database would be breached in the next year is only 5%. Which of the following is the ALE that Sara should report to management for a security breach? 

A. $1,500 

B. $3,750 

C. $15,000 

D. $75,000 

Answer:

Explanation: 

SLE × ARO = ALE, where SLE is equal to asset value (AV) times exposure factor (EF); and ARO 

is the annualized rate of occurrence. 

SLE = 250 x $300; ARO = 5% 

$75000 x 0.05 = $3750 


Q537. Which of the following protocols is used to authenticate the client and server’s digital certificate? 

A. PEAP 

B. DNS 

C. TLS 

D. ICMP 

Answer:

Explanation: 

Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. It uses X.509 certificates and hence asymmetric cryptography to authenticate the counterparty with whom it is communicating, and to exchange a symmetric key. 


Q538. NO: 36 

Sara, a security technician, has received notice that a vendor coming in for a presentation will require access to a server outside of the network. Currently, users are only able to access remote sites through a VPN connection. How could Sara BEST accommodate the vendor? 

A. Allow incoming IPSec traffic into the vendor’s IP address. 

B. Set up a VPN account for the vendor, allowing access to the remote site. 

C. Turn off the firewall while the vendor is in the office, allowing access to the remote site. 

D. Write a firewall rule to allow the vendor to have access to the remote site. 

Answer:

Explanation: 

Firewall rules are used to define what traffic is able pass between the firewall and the internal network. Firewall rules block the connection, allow the connection, or allow the connection only if it is secured. Firewall rules can be applied to inbound traffic or outbound traffic and any type of network. 


Q539. A new security analyst is given the task of determining whether any of the company’s servers are vulnerable to a recently discovered attack on an old version of SSH. Which of the following is the quickest FIRST step toward determining the version of SSH running on these servers? 

A. Passive scanning 

B. Banner grabbing 

C. Protocol analysis 

D. Penetration testing 

Answer:

Explanation: 

B: Banner grabbing looks at the banner, or header information messages sent with data to find out about the system(s). Banners often identify the host, the operating system running on it, and other information that can be useful if you are going to attempt to later breach the security of it. Banners can be snagged with Telnet as well as tools like netcat or Nmap. In other words Banner grabbing looks at the banner, or header, information messages sent with data to find out about the system(s). Thus a quick way to check which version of SSH is running on your server. 


Q540. Which of the following is a difference between TFTP and FTP? 

A. TFTP is slower than FTP. 

B. TFTP is more secure than FTP. 

C. TFTP utilizes TCP and FTP uses UDP. 

D. TFTP utilizes UDP and FTP uses TCP. 

Answer:

Explanation: 

FTP employs TCP ports 20 and 21 to establish and maintain client-to-server communications, whereas TFTP makes use of UDP port 69.