High value of SY0-401 exam price materials and courses for CompTIA certification for customers, Real Success Guaranteed with Updated SY0-401 pdf dumps vce Materials. 100% PASS CompTIA Security+ Certification exam Today!
2016 Jun SY0-401 Study Guide Questions:
Q731. Encryption used by RADIUS is BEST described as:
B. Elliptical curve
The RADIUS server uses a symmetric encryption method.
Note: Symmetric algorithms require both ends of an encrypted message to have the same key and
processing algorithms. Symmetric algorithms generate a secret key that must be protected.
Q732. A company has several conference rooms with wired network jacks that are used by both employees and guests. Employees need access to internal resources and guests only need access to the Internet. Which of the following combinations is BEST to meet the requirements?
A. NAT and DMZ
B. VPN and IPSec
C. Switches and a firewall
D. 802.1x and VLANs
802.1x is a port-based authentication mechanism. It’s based on Extensible Authentication Protocol (EAP) and is commonly used in closed-environment wireless networks. 802.1x was initially used to compensate for the weaknesses of Wired Equivalent Privacy (WEP), but today it’s often used as a component in more complex authentication and connection-management systems, including Remote Authentication Dial-In User Service (RADIUS), Diameter, Cisco System’s Terminal Access Controller Access-Control System Plus (TACACS+), and Network Access Control (NAC).
A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. By default, all ports on a switch are part of VLAN 1. But as the switch administrator changes the VLAN assignment on a port-by-port basis, various ports can be grouped together and be distinct from other VLAN port designations. VLANs are used for traffic management. Communications between ports within the same VLAN occur without hindrance, but communications between VLANs require a routing function.
Q733. Which of the following are Data Loss Prevention (DLP) strategies that address data in transit issues? (Select TWO).
A. Scanning printing of documents.
B. Scanning of outbound IM (Instance Messaging).
C. Scanning copying of documents to USB.
D. Scanning of SharePoint document library.
E. Scanning of shared drives.
F. Scanning of HTTP user traffic.
DLP systems monitor the contents of systems (workstations, servers, networks) to make sure key content is not deleted or removed. They also monitor who is using the data (looking for unauthorized access) and transmitting the data. Outbound IM and HTTP user traffic refers to data over a network which falls within the DLP strategy.
Refresh sy0-401 exam:
Q734. While securing a network it is decided to allow active FTP connections into the network. Which of the following ports MUST be configured to allow active FTP connections? (Select TWO).
Q735. An administrator has a network subnet dedicated to a group of users. Due to concerns regarding data and network security, the administrator desires to provide network access for this group only. Which of the following would BEST address this desire?
A. Install a proxy server between the users’ computers and the switch to filter inbound network traffic.
B. Block commonly used ports and forward them to higher and unused port numbers.
C. Configure the switch to allow only traffic from computers based upon their physical address.
D. Install host-based intrusion detection software to monitor incoming DHCP Discover requests.
Configuring the switch to allow only traffic from computers based upon their physical address is known as MAC filtering. The physical address is known as the MAC address. Every network adapter has a unique MAC address hardcoded into the adapter. You can configure the ports of a switch to allow connections from computers with specific MAC addresses only and block all other MAC addresses. MAC filtering is commonly used in wireless networks but is considered insecure because a MAC address can be spoofed. However, in a wired network, it is more secure because it would be more difficult for a rogue computer to sniff a MAC address.
Q736. A computer is found to be infected with malware and a technician re-installs the operating system. The computer remains infected with malware. This is an example of:
A. a rootkit.
B. a MBR infection.
C. an exploit kit.
Pinpoint security plus certification sy0-401:
Q737. The call center supervisor has reported that many employees have been playing preinstalled games on company computers and this is reducing productivity.
Which of the following would be MOST effective for preventing this behavior?
A. Acceptable use policies
B. Host-based firewalls
C. Content inspection
D. Application whitelisting
Application whitelisting is a form of application security which prevents any software from running on a system unless it is included on a preapproved exception list.
Q738. Which of the following types of authentication packages user credentials in a ticket?
The basic process of Kerberos authentication is as follows:
The subject provides logon credentials.
The Kerberos client system encrypts the password and transmits the protected credentials to the
The KDC verifies the credentials and then creates a ticket-granting ticket (TGT—a hashed form of
the subject’s password with the addition of a time stamp that indicates a valid lifetime). The TGT is
encrypted and sent to the client.
The client receives the TGT. At this point, the subject is an authenticated principle in the Kerberos
The subject requests access to resources on a network server. This causes the client to request a
service ticket (ST) from the KDC.
The KDC verifies that the client has a valid TGT and then issues an ST to the client. The ST
includes a time stamp that indicates its valid lifetime.
The client receives the ST.
The client sends the ST to the network server that hosts the desired resource.
The network server verifies the ST. If it’s verified, it initiates a communication session with the
client. From this point forward, Kerberos is no longer involved.
Q739. Which of the following is a security concern regarding users bringing personally-owned devices that they connect to the corporate network?
A. Cross-platform compatibility issues between personal devices and server-based applications
B. Lack of controls in place to ensure that the devices have the latest system patches and signature files
C. Non-corporate devices are more difficult to locate when a user is terminated
D. Non-purchased or leased equipment may cause failure during the audits of company-owned assets
With employees who want to bring their own devices you will have to make them understand why they cannot. You do not want them plugging in a flash drive, let alone a camera, smartphone, tablet computer, or other device, on which company fi les could get intermingled with personal files. Allowing this to happen can create situations where data can leave the building that shouldn’t as well as introduce malware to the system. Employees should not sync unauthorized smartphones to their work systems. Some smartphones use multiple wireless spectrums and unwittingly open up the possibility for an attacker in the parking lot to gain access through the phone to the internal network. Thus if you do not have controls in place then your network is definitely at risk.
Q740. The security administrator notices a user logging into a corporate Unix server remotely as root.
Which of the following actions should the administrator take?
A. Create a firewall rule to block SSH
B. Delete the root account
C. Disable remote root logins
D. Ensure the root account has a strong password
see more CompTIA Security+ Certification