[Down to date] security plus sy0-401 practice test

SY0-401 Royal Pack Testengine pdf

100% Actual & Verified — 100% PASS

Unlimited access to the world's largest Dumps library!

https://www.2passeasy.com/dumps/SY0-401/

Downloadable of SY0-401 rapidshare materials and pack for CompTIA certification for IT specialist, Real Success Guaranteed with Updated SY0-401 pdf dumps vce Materials. 100% PASS CompTIA Security+ Certification exam Today!

2016 May SY0-401 Study Guide Questions:

Q271. A database administrator receives a call on an outside telephone line from a person who states that they work for a well-known database vendor. The caller states there have been problems applying the newly released vulnerability patch for their database system, and asks what version is being used so that they can assist. Which of the following is the BEST action for the administrator to take? 

A. Thank the caller, report the contact to the manager, and contact the vendor support line to verify any reported patch issues. 

B. Obtain the vendor’s email and phone number and call them back after identifying the number of systems affected by the patch. 

C. Give the caller the database version and patch level so that they can receive help applying the patch. 

D. Call the police to report the contact about the database systems, and then check system logs for attack attempts. 

Answer: A 

Explanation: 

Impersonation is where a person, computer, software application or service pretends to be someone or something it’s not. Impersonation is commonly non-maliciously used in client/server applications. However, it can also be used as a security threat. 

In this question, the person making the call may be impersonating someone who works for a well-known database vendor. The actions described in this answer would mitigate the risk. By not divulging information about your database system and contacting the vendor directly, you can be sure that you are talking to the right people. 


Q272. Which of the following security concepts would Sara, the security administrator, use to mitigate the risk of data loss? 

A. Record time offset 

B. Clean desk policy 

C. Cloud computing 

D. Routine log review 

Answer: B 

Explanation: 

Clean Desk Policy Information on a desk—in terms of printouts, pads of note paper, sticky notes, and the like—can be easily seen by prying eyes and taken by thieving hands. To protect data and your business, encourage employees to maintain clean desks and to leave out only those papers that are relevant to the project they are working on at that moment. All sensitive information should be put away when the employee is away from their desk. This will mitigate the risk of data loss when applied. 


Q273. Which of the following can use RC4 for encryption? (Select TWO). 

A. CHAP 

B. SSL 

C. WEP 

D. AES 

E. 3DES 

Answer: B,C 

Explanation: B: In cryptography, RC4 (Rivest Cipher 4 also known as ARC4 or ARCFOUR meaning Alleged RC4) is the most widely used software stream cipher and is used in popular Internet protocols such as Secure Sockets Layer (SSL) and Transport Layer Security (TLS). 

C: WEP also uses RC4, however WEP is still unsecure. 


SY0-401  rapidshare

Improved sy0-401 pdf:

Q274. A computer supply company is located in a building with three wireless networks. The system security team implemented a quarterly security scan and saw the following. 

SSIDStateChannelLevel 

Computer AreUs1connected170dbm 

Computer AreUs2connected580dbm 

Computer AreUs3connected375dbm 

Computer AreUs4connected695dbm 

Which of the following is this an example of? 

A. Rogue access point 

B. Near field communication 

C. Jamming 

D. Packet sniffing 

Answer: A 

Explanation: 

The question states that the building has three wireless networks. However, the scan is showing four wireless networks with the SSIDs: Computer AreUs1 , Computer AreUs2 , Computer AreUs3 and Computer AreUs4. Therefore, one of these wireless networks probably shouldn’t be there. This is an example of a rogue access point. A rogue access point is a wireless access point that has either been installed on a secure company network without explicit authorization from a local network administrator, or has been created to allow a hacker to conduct a man-in-the-middle attack. Rogue access points of the first kind can pose a security threat to large organizations with many employees, because anyone with access to the premises can install (maliciously or non-maliciously) an inexpensive wireless router that can potentially allow access to a secure network to unauthorized parties. Rogue access points of the second kind target networks that do not employ mutual authentication (client-server server-client) and may be used in conjunction with a rogue RADIUS server, depending on security configuration of the target network. To prevent the installation of rogue access points, organizations can install wireless intrusion prevention systems to monitor the radio spectrum for unauthorized access points. 


Q275. Which of the following techniques can be used to prevent the disclosure of system information resulting from arbitrary inputs when implemented properly? 

A. Fuzzing 

B. Patch management 

C. Error handling 

D. Strong passwords 

Answer: C 

Explanation: 

Exception handling is an aspect of secure coding. When errors occur, the system should revert back to a secure state. This must be coded into the system by the programmer, and should capture errors and exceptions so that they could be handled by the application. 


Q276. Pete, a network administrator, is capturing packets on the network and notices that a large amount of the traffic on the LAN is SIP and RTP protocols. Which of the following should he do to segment that traffic from the other traffic? 

A. Connect the WAP to a different switch. 

B. Create a voice VLAN. 

C. Create a DMZ. 

D. Set the switch ports to 802.1q mode. 

Answer: B 

Explanation: 

It is a common and recommended practice to separate voice and data traffic by using VLANs. Separating voice and data traffic using VLANs provides a solid security boundary, preventing data applications from reaching the voice traffic. It also gives you a simpler method to deploy QoS, prioritizing the voice traffic over the data. 


2passeasy.com

High quality security plus certification sy0-401:

Q277. Which of the following is BEST carried out immediately after a security breach is discovered? 

A. Risk transference 

B. Access control revalidation 

C. Change management 

D. Incident management 

Answer: D 

Explanation: 

Incident management is the steps followed when security incident occurs. 


Q278. Mike, a network administrator, has been asked to passively monitor network traffic to the company’s sales websites. Which of the following would be BEST suited for this task? 

A. HIDS 

B. Firewall 

C. NIPS 

D. Spam filter 

Answer: C 

Explanation: 

Network-based intrusion prevention system (NIPS) monitors the entire network for suspicious traffic by analyzing protocol activity. 


Q279. The Chief Technology Officer (CTO) wants to improve security surrounding storage of customer passwords. 

The company currently stores passwords as SHA hashes. Which of the following can the CTO implement requiring the LEAST change to existing systems? 

A. Smart cards 

B. TOTP 

C. Key stretching 

D. Asymmetric keys 

Answer: A 

Explanation: 

Smart cards usually come in two forms. The most common takes the form of a rectangular piece of plastic with an embedded microchip. The second is as a USB token. It contains a built in processor and has the ability to securely store and process information. A "contact" smart card communicates with a PC using a smart card reader whereas a "contactless" card sends encrypted information via radio waves to the PC. Typical scenarios in which smart cards are used include interactive logon, e-mail signing, e-mail decryption and remote access authentication. However, smart cards are programmable and can contain programs and data for many different applications. For example smart cards may be used to store medical histories for use in emergencies, to make electronic cash payments or to verify the identity of a customer to an e-retailer. Microsoft provides two device independent APIs to insulate application developers from differences between current and future implementations: CryptoAPI and Microsoft Win32. SCard APIs. The Cryptography API contains functions that allow applications to encrypt or digitally sign data in a flexible manner, while providing protection for the user's sensitive private key data. All cryptographic operations are performed by independent modules known as cryptographic service providers (CSPs). There are many different cryptographic algorithms and even when implementing the same algorithm there are many choices to make about key sizes and padding for example. For this reason, CSPs are grouped into types, in which each supported CryptoAPI function, by default, performs in a way particular to that type. For example, CSPs in the PROV_DSS provider type support DSS Signatures and MD5 and SHA hashing. 


Q280. An IT security manager is asked to provide the total risk to the business. Which of the following calculations would he security manager choose to determine total risk? 

A. (Threats X vulnerability X asset value) x controls gap 

B. (Threats X vulnerability X profit) x asset value 

C. Threats X vulnerability X control gap 

D. Threats X vulnerability X asset value 

Answer: D 

Explanation: 

Threats X vulnerability X asset value is equal to asset value (AV) times exposure factor (EF). This is used to calculate a risk. 



see more CompTIA Security+ Certification