Proper study guides for Far out CompTIA CompTIA Security+ Certification certified begins with CompTIA sy0 401 vce preparation products which designed to deliver the Practical sy0 401 practice test questions by making you pass the comptia security+ get certified get ahead sy0 401 study guide test at your first time. Try the free sy0 401 pdf demo right now.


♥♥ 2021 NEW RECOMMEND ♥♥

Free VCE & PDF File for CompTIA SY0-401 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/SY0-401-exam-dumps.html

Q571. Pete, an employee, is terminated from the company and the legal department needs documents from his encrypted hard drive. Which of the following should be used to accomplish this task? (Select TWO). 

A. Private hash 

B. Recovery agent 

C. Public key 

D. Key escrow 

E. CRL 

Answer: B,D 

Explanation: 

B: If an employee leaves and we need access to data he has encrypted, we can use the key recovery agent to retrieve his decryption key. We can use this recovered key to access the data. A key recovery agent is an entity that has the ability to recover a key, key components, or plaintext messages as needed. As opposed to escrow, recovery agents are typically used to access information that is encrypted with older keys. 

D: If a key need to be recovered for legal purposes the key escrow can be used. Key escrow addresses the possibility that a third party may need to access keys. Under the conditions of key escrow, the keys needed to encrypt/decrypt data are held in an escrow account (think of the term as it relates to home mortgages) and made available if that third party requests them. The third party in question is generally the government, but it could also be an employer if an employee’s private messages have been called into question. 


Q572. Which of the following protocols allows for the LARGEST address space? 

A. IPX 

B. IPv4 

C. IPv6 

D. Appletalk 

Answer:

Explanation: 

The main advantage of IPv6 over IPv4 is its larger address space. The length of an IPv6 address is 128 bits, compared with 32 bits in IPv4. 


Q573. A security administrator needs to determine which system a particular user is trying to login to at various times of the day. Which of the following log types would the administrator check? 

A. Firewall 

B. Application 

C. IDS 

D. Security 

Answer:

Explanation: 

The security log records events such as valid and invalid logon attempts, as well as events related to resource use, such as the creating, opening, or deleting of files. For example, when logon auditing is enabled, an event is recorded in the security log each time a user attempts to log on to the computer. You must be logged on as Administrator or as a member of the Administrators group in order to turn on, use, and specify which events are recorded in the security log. 


Q574. Which of the following defines a business goal for system restoration and acceptable data loss? 

A. MTTR 

B. MTBF 

C. RPO 

D. Warm site 

Answer:

Explanation: 

The recovery point objective (RPO) defines the point at which the system needs to be restored. This could be where the system was two days before it crashed (whip out the old backup tapes) or five minutes before it crashed (requiring complete redundancy). This is an essential business goal insofar as system restoration and acceptable data loss is concerned. 


Q575. Which of the following would MOST likely involve GPS? 

A. Wardriving 

B. Protocol analyzer 

C. Replay attack 

D. WPS attack 

Answer:

Explanation: 


Q576. A datacenter requires that staff be able to identify whether or not items have been removed from the facility. Which of the following controls will allow the organization to provide automated notification of item removal? 

A. CCTV 

B. Environmental monitoring 

C. RFID 

D. EMI shielding 

Answer:

Explanation: 

RFID is radio frequency identification that works with readers that work with 13.56 MHz smart cards and 125 kHz proximity cards and can open turnstiles, gates, and any other physical security safeguards once the signal is read. Fitting out the equipment with RFID will allow you to provide automated notification of item removal in the event of any of the equipped items is taken off the premises. 


Q577. A security engineer is asked by the company’s development team to recommend the most secure method for password storage. 

Which of the following provide the BEST protection against brute forcing stored passwords? (Select TWO). 

A. PBKDF2 

B. MD5 

C. SHA2 

D. Bcrypt 

E. AES 

F. CHAP 

Answer: A,D 

Explanation: 

A: PBKDF2 (Password-Based Key Derivation Function 2) is part of PKCS #5 v. 2.01. It applies some function (like a hash or HMAC) to the password or passphrase along with Salt to produce a derived key. 

D: bcrypt is a key derivation function for passwords based on the Blowfish cipher. Besides incorporating a salt to protect against rainbow table attacks, bcrypt is an adaptive function: over time, the iteration count can be increased to make it slower, so it remains resistant to brute-force search attacks even with increasing computation power. The bcrypt function is the default password hash algorithm for BSD and many other systems. 

References: 

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, 

Indianapolis, 2014, pp 109-110, 139, 143, 250, 255-256, 256 


Q578. Which of the following is a vulnerability associated with disabling pop-up blockers? 

A. An alert message from the administrator may not be visible 

B. A form submitted by the user may not open 

C. The help window may not be displayed 

D. Another browser instance may execute malicious code 

Answer:

Explanation: Pop-up blockers prevent websites from opening new browser windows without the users consent. These are often used for advertisements but can also be used to distribute malicious code. 


Q579. Which of the following uses both a public and private key? 

A. RSA 

B. AES 

C. MD5 

D. SHA 

Answer:

Explanation: 

The RSA algorithm is an early public-key encryption system that uses large integers as the basis 

for the process. 

RSA uses both a public key and a secret. 

RSA key generation process: 

1.

 Generate two large random primes, p and q, of approximately equal size such that their product, n = pq, is of the required bit length (such as 2048 bits, 4096 bits, and so forth). Let n = pq Let m = (p-1)(q-1) 

2.

 Choose a small number e, co-prime to m (note: Two numbers are co-prime if they have no common factors). 

3.

 Find d, such that de % m = 1 

4.

 Publish e and n as the public key. Keep d and n as the secret key. 


Q580. A security administrator is segregating all web-facing server traffic from the internal network and restricting it to a single interface on a firewall. Which of the following BEST describes this new network? 

A. VLAN 

B. Subnet 

C. VPN 

D. DMZ 

Answer:

Explanation: 

A DMZ or demilitarized zone (sometimes referred to as a perimeter network) is a physical or logical subnetwork that contains and exposes an organization's external-facing services to a larger and untrusted network, usually the Internet. The purpose of a DMZ is to add an additional layer of security to an organization's local area network (LAN); an external network node only has direct access to equipment in the DMZ, rather than any other part of the network. The name is derived from the term "demilitarized zone", an area between nation states in which military operation is not permitted.