Your success in CompTIA sy0 401 practice test is our sole target and we develop all our sy0 401 practice test braindumps in a way that facilitates the attainment of this target. Not only is our sy0 401 braindump study material the best you can find, it is also the most detailed and the most updated. comptia security+ sy0 401 pdf Practice Exams for CompTIA Security+ comptia security+ sy0 401 pdf are written to the highest standards of technical accuracy.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for CompTIA SY0-401 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/SY0-401-exam-dumps.html
Q111. A new web server has been provisioned at a third party hosting provider for processing credit card transactions. The security administrator runs the netstat command on the server and notices that ports 80, 443, and 3389 are in a `listening’ state. No other ports are open. Which of the following services should be disabled to ensure secure communications?
A. HTTPS
B. HTTP
C. RDP
D. TELNET
Answer: B
Explanation:
HTTP uses port 80. HTTP does not provide encrypted communications. Port 443 is used by HTTPS which provides secure encrypted communications. Port 3389 is used by RDP (Remote Desktop Protocol) which does provide encrypted communications.
Q112. Ann, the Chief Technology Officer (CTO), has agreed to allow users to bring their own device (BYOD) in order to leverage mobile technology without providing every user with a company owned device. She is concerned that users may not understand the company's rules, and she wants to limit potential legal concerns. Which of the following is the CTO concerned with?
A. Data ownership
B. Device access control
C. Support ownership
D. Acceptable use
Answer: A
Explanation:
Q113. Several employee accounts appear to have been cracked by an attacker. Which of the following should the security administrator implement to mitigate password cracking attacks? (Select TWO).
A. Increase password complexity
B. Deploy an IDS to capture suspicious logins
C. Implement password history
D. Implement monitoring of logins
E. Implement password expiration
F. Increase password length
Answer: A,F
Explanation:
The more difficult a password is the more difficult it is to be cracked by an attacker. By increasing
the password complexity you make it more difficult.
Passwords that are too short can easily be cracked. The more characters used in a password,
combined with the increased complexity will mitigate password cracking attacks.
Q114. An investigator recently discovered that an attacker placed a remotely accessible CCTV camera in a public area overlooking several Automatic Teller Machines (ATMs). It is also believed that user accounts belonging to ATM operators may have been compromised. Which of the following attacks has MOST likely taken place?
A. Shoulder surfing
B. Dumpster diving
C. Whaling attack
D. Vishing attack
Answer: A
Explanation:
The CCTV camera has recorded people entering their PINs in the ATMs. This is known as shoulder surfing.
Shoulder surfing is using direct observation techniques, such as looking over someone's shoulder, to get information. Shoulder surfing is an effective way to get information in crowded places because it's relatively easy to stand next to someone and watch as they fill out a form, enter a PIN number at an ATM machine, or use a calling card at a public pay phone. Shoulder surfing can also be done long distance with the aid of binoculars or other vision-enhancing devices. To prevent shoulder surfing, experts recommend that you shield paperwork or your keypad from view by using your body or cupping your hand.
Q115. A security technician is attempting to improve the overall security posture of an internal mail server. Which of the following actions would BEST accomplish this goal?
A. Monitoring event logs daily
B. Disabling unnecessary services
C. Deploying a content filter on the network
D. Deploy an IDS on the network
Answer: B
Explanation:
One of the most basic practices for reducing the attack surface of a specific host is to disable unnecessary services. Services running on a host, especially network services provide an avenue through which the system can be attacked. If a service is not being used, disable it.
Q116. Fuzzing is a security assessment technique that allows testers to analyze the behavior of software applications under which of the following conditions?
A. Unexpected input
B. Invalid output
C. Parameterized input
D. Valid output
Answer: A
Explanation:
Fuzzing is a software testing technique that involves providing invalid, unexpected, or random data to as inputs to a computer program. The program is then monitored for exceptions such as crashes, or failed validation, or memory leaks.
Q117. Which of the following would BEST deter an attacker trying to brute force 4-digit PIN numbers to access an account at a bank teller machine?
A. Account expiration settings
B. Complexity of PIN
C. Account lockout settings
D. PIN history requirements
Answer: C
Explanation:
Account lockout settings determine the number of failed login attempts before the account gets locked and how long the account will be locked out for. For example, an account can be configured to lock if three incorrect passwords (or in this case PIN’s) are entered. The account can then be configured to automatically unlock after a period of time or stay locked until someone manually unlocks it.
Q118. Which of the following is an authentication and accounting service that uses TCP for connecting to routers and switches?
A. DIAMETER
B. RADIUS
C. TACACS+
D. Kerberos
Answer: C
Explanation:
TACACS+ is an authentication, authorization, and accounting (AAA) service that makes us of TCP only.
Q119. A security analyst implemented group-based privileges within the company active directory. Which of the following account management techniques should be undertaken regularly to ensure least privilege principles?
A. Leverage role-based access controls.
B. Perform user group clean-up.
C. Verify smart card access controls.
D. Verify SHA-256 for password hashes.
Answer: B
Explanation: Active Directory (AD) has no built-in clean-up feature. This can result in obsolete user, group and computer objects accumulating over time and placing security and compliance objectives in jeopardy. You would therefore need to regularly clean-up these settings.
Q120. The security manager received a report that an employee was involved in illegal activity and has saved data to a workstation’s hard drive. During the investigation, local law enforcement’s criminal division confiscates the hard drive as evidence. Which of the following forensic procedures is involved?
A. Chain of custody
B. System image
C. Take hashes
D. Order of volatility
Answer: A
Explanation:
Chain of custody deals with how evidence is secured, where it is stored, and who has access to it. When you begin to collect evidence, you must keep track of that evidence at all times and show who has it, who has seen it, and where it has been.