Exambible offers free demo for comptia security+ study guide sy0 401 exam. "CompTIA Security+ Certification", also known as comptia security+ sy0 401 exam, is a CompTIA Certification. This set of posts, Passing the CompTIA sy0 401 pdf exam, will help you answer those questions. The sy0 401 pdf Questions & Answers covers all the knowledge points of the real exam. 100% real CompTIA sy0 401 study guide pdf exams and revised by experts!
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for CompTIA SY0-401 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/SY0-401-exam-dumps.html
Q321. A security administrator is reviewing the below output from a password auditing tool:
P@ss.
@pW1.
S3cU4
Which of the following additional policies should be implemented based on the tool’s output?
A. Password age
B. Password history
C. Password length
D. Password complexity
Answer: C
Explanation:
The output shows that all the passwords are either 4 or 5 characters long. This is way too short, 8 characters are shown to be the minimum for password length.
Q322. Joe analyzed the following log and determined the security team should implement which of the following as a mitigation method against further attempts?
Host 192.168.1.123
[00:00:01]Successful Login: 015 192.168.1.123 : local
[00:00:03]Unsuccessful Login: 022 214.34.56.006 :RDP 192.168.1.124
[00:00:04]UnSuccessful Login: 010 214.34.56.006 :RDP 192.168.1.124
[00:00:07]UnSuccessful Login: 007 214.34.56.006 :RDP 192.168.1.124
[00:00:08]UnSuccessful
Login: 003 214.34.56.006 :RDP 192.168.1.124
A. Reporting
B. IDS
C. Monitor system logs
D. Hardening
Answer: D
Explanation:
Q323. The common method of breaking larger network address space into smaller networks is known as:
A. subnetting.
B. phishing.
C. virtualization.
D. packet filtering.
Answer: A
Explanation:
Q324. Which of the following devices would be MOST useful to ensure availability when there are a large number of requests to a certain website?
A. Protocol analyzer
B. Load balancer
C. VPN concentrator
D. Web security gateway
Answer: B
Explanation:
Load balancing refers to shifting a load from one device to another. A load balancer can be implemented as a software or hardware solution, and it is usually associated with a device—a router, a firewall, NAT appliance, and so on. In its most common implementation, a load balancer splits the traffic intended for a website into individual requests that are then rotated to redundant servers as they become available.
Q325. A company replaces a number of devices with a mobile appliance, combining several functions.
Which of the following descriptions fits this new implementation? (Select TWO).
A. Cloud computing
B. Virtualization
C. All-in-one device
D. Load balancing
E. Single point of failure
Answer: C,E
Explanation:
The disadvantages of combining everything into one include a potential single point of failure, and the dependence on the one vendor. The all –in-one device represents a single point of failure risk being taken on.
Q326. Which of the following components MUST be trusted by all parties in PKI?
A. Key escrow
B. CA
C. Private key
D. Recovery key
Answer: B
Explanation:
A certificate authority (CA) is an organization that is responsible for issuing, revoking, and
distributing certificates. In a simple trust model all parties must trust the CA.
In a more complicated trust model all parties must trust the Root CA.
Q327. Which of the following wireless security technologies continuously supplies new keys for WEP?
A. TKIP
B. Mac filtering
C. WPA2
D. WPA
Answer: A
Explanation:
TKIP is a suite of algorithms that works as a "wrapper" to WEP, which allows users of legacy WLAN equipment to upgrade to TKIP without replacing hardware. TKIP uses the original WEP programming but "wraps" additional code at the beginning and end to encapsulate and modify it.
Q328. A server administrator notes that a legacy application often stops running due to a memory error. When reviewing the debugging logs, they notice code being run calling an internal process to exploit the machine. Which of the following attacks does this describe?
A. Zero-day
B. Buffer overflow
C. Cross site scripting
D. Malicious add-on
Answer: B
Explanation:
This question describes a buffer overflow attack.
A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. Although it may occur accidentally through programming error, buffer overflow is an increasingly common type of security attack on data integrity. In buffer overflow attacks, the extra data may contain codes designed to trigger specific actions, in effect sending new instructions to the attacked computer that could, for example, damage the user's files, change data, or disclose confidential information. Buffer overflow attacks are said to have arisen because the C programming language supplied the framework, and poor programming practices supplied the vulnerability.
Q329. Which of the following is a measure of biometrics performance which rates the ability of a system to correctly authenticate an authorized user?
A. Failure to capture
B. Type II
C. Mean time to register
D. Template capacity
Answer: B
Explanation:
Type II, or false acceptance rate (FAR), is the measure of the likelihood that the biometric security system will incorrectly accept an access attempt by an unauthorized user.
Q330. After an assessment, auditors recommended that an application hosting company should contract with additional data providers for redundant high speed Internet connections. Which of the following is MOST likely the reason for this recommendation? (Select TWO).
A. To allow load balancing for cloud support
B. To allow for business continuity if one provider goes out of business
C. To eliminate a single point of failure
D. To allow for a hot site in case of disaster
E. To improve intranet communication speeds
Answer: B,C
Explanation:
A high-speed internet connection to a second data provider could be used to keep an up-to-date replicate of the main site. In case of problem on the first site, operation can quickly switch to the second site. This eliminates the single point of failure and allows the business to continue uninterrupted on the second site. Note: Recovery Time Objective The recovery time objective (RTO) is the maximum amount of time that a process or service is allowed to be down and the consequences still be considered acceptable. Beyond this time, the break in business continuity is considered to affect the business negatively. The RTO is agreed on during BIA creation.