The Only Tip You Need: jk0-022 vs sy0-401

SY0-401 Royal Pack Testengine pdf

100% Actual & Verified — 100% PASS

Unlimited access to the world's largest Dumps library!

https://www.2passeasy.com/dumps/SY0-401/

It is impossible to pass CompTIA SY0-401 exam without any help in the short term. Come to Actualtests soon and find the most advanced, correct and guaranteed CompTIA SY0-401 practice questions. You will get a surprising result by our Rebirth CompTIA Security+ Certification practice guides.

2016 Jul security+ sy0-401 cheat sheet:

Q561. Which of the following allows lower level domains to access resources in a separate Public Key Infrastructure? 

A. Trust Model 

B. Recovery Agent 

C. Public Key 

D. Private Key 

Answer: A 

Explanation: 

In a bridge trust model allows lower level domains to access resources in a separate PKI through the root CA. A trust Model is collection of rules that informs application on how to decide the legitimacy of a 

Digital Certificate. 

In a bridge trust model, a peer-to-peer relationship exists among the root CAs. The root CAs can 

communicate with one another, allowing cross certification. This arrangement allows a certification 

process to be established between organizations or departments. 

Each intermediate CA trusts only the CAs above and below it, but the CA structure can be 

expanded without creating additional layers of CAs. 


Q562. Digital certificates can be used to ensure which of the following? (Select TWO). 

A. Availability 

B. Confidentiality 

C. Verification 

D. Authorization 

E. Non-repudiation 

Answer: B,E 

Explanation: 

Digital Signatures is used to validate the integrity of the message and the sender. Digital certificates refer to cryptography which is mainly concerned with Confidentiality, Integrity, Authentication, Nonrepudiation and Access Control. Nonrepudiation prevents one party from denying actions they carried out. 


Q563. The datacenter manager is reviewing a problem with a humidity factor that is too low. Which of the following environmental problems may occur? 

A. EMI emanations 

B. Static electricity 

C. Condensation 

D. Dry-pipe fire suppression 

Answer: B 

Explanation: 

Humidity control prevents the buildup of static electricity in the environment. If the humidity drops much below 50 percent, electronic components are extremely vulnerable to damage from electrostatic shock. 


Q564. The system administrator is reviewing the following logs from the company web server: 

12:34:56 GET /directory_listing.php?user=admin&pass=admin1 

12:34:57 GET /directory_listing.php?user=admin&pass=admin2 

12:34:58 GET /directory_listing.php?user=admin&pass=1admin 

12:34:59

 GET /directory_listing.php?user=admin&pass=2admin Which of the following is this an example of? 

A. Online rainbow table attack 

B. Offline brute force attack 

C. Offline dictionary attack 

D. Online hybrid attack 

Answer: D 

Explanation: 


Q565. During the analysis of a PCAP file, a security analyst noticed several communications with a remote server on port 53. Which of the following protocol types is observed in this traffic? 

A. FTP 

B. DNS 

C. Email 

D. NetBIOS 

Answer: B 

Explanation: 

DNS (Domain Name System) uses port 53. 


SY0-401  test preparation

Replace free security plus practice exam sy0-401:

Q566. Which of the following is best practice to put at the end of an ACL? 

A. Implicit deny 

B. Time of day restrictions 

C. Implicit allow 

D. SNMP string 

Answer: A 

Explanation: 

An implicit deny clause is implied at the end of each ACL. This implies that if you aren’t specifically granted access or privileges for a resource, you’re denied access by default. The implicit deny clause is set by the system. 


Q567. An organization is recovering data following a datacenter outage and determines that backup copies of files containing personal information were stored in an unsecure location, because the sensitivity was unknown. Which of the following activities should occur to prevent this in the future? 

A. Business continuity planning 

B. Quantitative assessment 

C. Data classification 

D. Qualitative assessment 

Answer: C 

Explanation: 

Information classification is done by confidentiality and comprises of three categories, namely: public use, internal use and restricted use. Knowing how to apply these categories and matching it up with the appropriate data handling will address the situation of the data ‘unknown sensitivity’ 


Q568. Joe, a user, wants to protect sensitive information stored on his hard drive. He uses a program that encrypted the whole hard drive. Once the hard drive is fully encrypted, he uses the same program to create a hidden volume within the encrypted hard drive and stores the sensitive information within the hidden volume. This is an example of which of the following? (Select TWO). 

A. Multi-pass encryption 

B. Transport encryption 

C. Plausible deniability 

D. Steganography 

E. Transitive encryption 

F. Trust models 

Answer: C,D 

Explanation: 


Q569. When creating a public / private key pair, for which of the following ciphers would a user need to specify the key strength? 

A. SHA 

B. AES 

C. DES 

D. RSA 

Answer: D 

Explanation: 

RSA (an asymmetric algorithm) uses keys of a minimum length of 2048 bits. 


Q570. According to company policy an administrator must logically keep the Human Resources department separated from the Accounting department. Which of the following would be the simplest way to accomplish this? 

A. NIDS 

B. DMZ 

C. NAT 

D. VLAN 

Answer: D 

Explanation: A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. 



see more CompTIA Security+ Certification