Proper study guides for Update CompTIA CompTIA Security+ Certification certified begins with CompTIA SY0-401 preparation products which designed to deliver the Download SY0-401 questions by making you pass the SY0-401 test at your first time. Try the free SY0-401 demo right now.
♥♥ 2017 NEW RECOMMEND ♥♥
Free VCE & PDF File for CompTIA SY0-401 Real Exam
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
2017 Mar SY0-401 Study Guide Questions:
Q221. Failure to validate the size of a variable before writing it to memory could result in which of the following application attacks?
A. Malicious logic
B. Cross-site scripting
C. SQL injection
D. Buffer overflow
Q222. Which of the following devices is used for the transparent security inspection of network traffic by redirecting user packets prior to sending the packets to the intended destination?
B. Load balancers
C. Protocol analyzer
D. VPN concentrator
Q223. Which of the following types of logs could provide clues that someone has been attempting to compromise the SQL Server database?
Event logs include Application logs, such as those where SQL Server would write entries. This is where you would see logs with details of someone trying to access a SQL database.
Improved SY0-401 free question:
Q224. Which of the following is the BEST reason for placing a password lock on a mobile device?
A. Prevents an unauthorized user from accessing owner's data
B. Enables remote wipe capabilities
C. Stops an unauthorized user from using the device again
D. Prevents an unauthorized user from making phone calls
Q225. When performing the daily review of the system vulnerability scans of the network Joe, the administrator, noticed several security related vulnerabilities with an assigned vulnerability identification number. Joe researches the assigned vulnerability identification number from the vendor website. Joe proceeds with applying the recommended solution for identified vulnerability.
Which of the following is the type of vulnerability described?
A. Network based
C. Signature based
D. Host based
A signature-based monitoring or detection method relies on a database of signatures or patterns of known malicious or unwanted activity. The strength of a signature-based system is that it can quickly and accurately detect any event from its database of signatures.
Q226. TION NO: 74
Which of the following can be used as an equipment theft deterrent?
A. Screen locks
B. GPS tracking
C. Cable locks
D. Whole disk encryption
Cable locks are theft deterrent devices that can be used to tether a device to a fixed point keep smaller devices from being easy to steal.
Validated SY0-401 pack:
Q227. Which of the following concepts allows an organization to group large numbers of servers together in order to deliver a common service?
C. Backup Redundancy
D. Cold site
Anytime you connect multiple computers to work/act together as a single server, it is known as
clustering. Clustered systems utilize parallel processing (improving performance and availability)
and add redundancy (but also add costs).
Clustering is done whenever you connect multiple computers to work and act together as a single
server. It is meant to utilize parallel processing and can also add to redundancy.
Q228. Timestamps and sequence numbers act as countermeasures against which of the following types of attacks?
A replay attack (also known as playback attack) is a form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it, possibly as part of a masquerade attack by IP packet substitution (such as stream cipher attack).
For example: Suppose Alice wants to prove her identity to Bob. Bob requests her password as proof of identity, which Alice dutifully provides (possibly after some transformation like a hash function); meanwhile, Eve is eavesdropping on the conversation and keeps the password (or the hash). After the interchange is over, Eve (posing as Alice) connects to Bob; when asked for a proof of identity, Eve sends Alice's password (or hash) read from the last session, which Bob accepts thus granting access to Eve.
Countermeasures: A way to avoid replay attacks is by using session tokens: Bob sends a one-time token to Alice, which Alice uses to transform the password and send the result to Bob (e.g. computing a hash function of the session token appended to the password). On his side Bob performs the same computation; if and only if both values match, the login is successful. Now suppose Eve has captured this value and tries to use it on another session; Bob sends a different session token, and when Eve replies with the captured value it will be different from Bob's computation. Session tokens should be chosen by a (pseudo-) random process. Otherwise Eve may be able to pose as Bob, presenting some predicted future token, and convince Alice to use that token in her transformation. Eve can then replay her reply at a later time (when the previously predicted token is actually presented by Bob), and Bob will accept the authentication. One-time passwords are similar to session tokens in that the password expires after it has been used or after a very short amount of time. They can be used to authenticate individual transactions in addition to sessions. The technique has been widely implemented in personal online banking systems. Bob can also send nonces but should then include a message authentication code (MAC), which Alice should check. Timestamping is another way of preventing a replay attack. Synchronization should be achieved using a secure protocol. For example Bob periodically broadcasts the time on his clock together with a MAC. When Alice wants to send Bob a message, she includes her best estimate of the time on his clock in her message, which is also authenticated. Bob only accepts messages for which the timestamp is within a reasonable tolerance. The advantage of this scheme is that Bob does not need to generate (pseudo-) random numbers, with the trade-off being that replay attacks, if
they are performed quickly enough i.e. within that 'reasonable' limit, could succeed.
Q229. A security administrator wishes to increase the security of the wireless network. Which of the following BEST addresses this concern?
A. Change the encryption from TKIP-based to CCMP-based.
B. Set all nearby access points to operate on the same channel.
C. Configure the access point to use WEP instead of WPA2.
D. Enable all access points to broadcast their SSIDs.
CCMP makes use of 128-bit AES encryption with a 48-bit initialization vector. This initialization vector makes cracking a bit more difficult.
Q230. Several employees have been printing files that include personally identifiable information of customers. Auditors have raised concerns about the destruction of these hard copies after they are created, and management has decided the best way to address this concern is by preventing these files from being printed.
Which of the following would be the BEST control to implement?
A. File encryption
B. Printer hardening
C. Clean desk policies
D. Data loss prevention
Data loss prevention (DLP) systems monitor the contents of systems (workstations, servers, and networks) to make sure that key content is not deleted or removed. They also monitor who is using the data (looking for unauthorized access) and transmitting the data. This would address the concerns of the auditors.