It is impossible to pass CompTIA comptia security+ get certified get ahead sy0 401 study guide exam without any help in the short term. Come to Pass4sure soon and find the most advanced, correct and guaranteed CompTIA sy0 401 vce practice questions. You will get a surprising result by our Replace CompTIA Security+ Certification practice guides.
2017 NEW RECOMMEND
Free VCE & PDF File for CompTIA SY0-401 Real Exam
Pass on Your First TRY 100% Money Back Guarantee Realistic Practice Exam Questions
Q401. Which of the following tests a number of security controls in the least invasive manner?
A. Vulnerability scan
B. Threat assessment
C. Penetration test
D. Ping sweep
Vulnerability scanning has minimal impact on network resource due to the passive nature of the scanning. A vulnerability scan is the process of scanning the network and/or I.T. infrastructure for threats and vulnerabilities. The threats and vulnerabilities are then evaluated in a risk assessment and the necessary actions taken to resolve and vulnerabilities. A vulnerability scan scans for known weaknesses such as missing patches or security updates.
A vulnerability scan is the automated process of proactively identifying security vulnerabilities of computing systems in a network in order to determine if and where a system can be exploited and/or threatened. While public servers are important for communication and data transfer over the Internet, they open the door to potential security breaches by threat agents, such as malicious hackers. Vulnerability scanning employs software that seeks out security flaws based on a database of known flaws, testing systems for the occurrence of these flaws and generating a report of the findings that an individual or an enterprise can use to tighten the network's security.
Q402. Which of the following fire suppression systems is MOST likely used in a datacenter?
FM200 is a gas and the principle of a gas system is that it displaces the oxygen in the room, thereby removing this essential component of a fi re. in a data center is is the preferred choice of fire suppressant.
Q403. Which of the following is a common coding error in which boundary checking is not performed?
A. Input validation
C. Secure coding
D. Cross-site scripting
Input validation is a defensive technique intended to mitigate against possible user input attacks, such as buffer overflows and fuzzing. Input validation checks every user input submitted to the application before processing that input. The check could be a length, a character type, a language type, or a domain.
Q404. Which of the following is built into the hardware of most laptops but is not setup for centralized management by default?
A. Whole disk encryption
B. TPM encryption
C. USB encryption
D. Individual file encryption
Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the systemâs motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores cryptographic keys, passwords, or certificates.
Q405. Which of the following would a security administrator implement in order to identify change from the standard configuration on a server?
A. Penetration test
B. Code review
C. Baseline review
D. Design review
The standard configuration on a server is known as the baseline.
The IT baseline protection approach is a methodology to identify and implement computer security
measures in an organization. The aim is the achievement of an adequate and appropriate level of
security for IT systems. This is known as a baseline.
A baseline report compares the current status of network systems in terms of security updates,
performance or other metrics to a predefined set of standards (the baseline).
Q406. A program displays:
ERROR: this program has caught an exception and will now terminate.
Which of the following is MOST likely accomplished by the programâs behavior?
A. Operating systemâs integrity is maintained
B. Programâs availability is maintained
C. Operating systemâs scalability is maintained
D. Userâs confidentiality is maintained
The purpose of error handling is to maintain the security and integrity of the system. Integrity is compromised when unauthorized modification occurs.
Q407. A security administrator must implement a wireless encryption system to secure mobile devicesâ communication. Some users have mobile devices which only support 56-bit encryption. Which of the following wireless encryption methods should be implemented?
RC4 is popular with wireless and WEP/WPA encryption. It is a streaming cipher that works with key sizes between 40 and 2048 bits, and it is used in SSL and TLS.
Q408. Joe Has read and write access to his own home directory. Joe and Ann are collaborating on a project, and Joe would like to give Ann write access to one particular file in this home directory. Which of the following types of access control would this reflect?
A. Role-based access control
B. Rule-based access control
C. Mandatory access control
D. Discretionary access control
Discretionary access control (DAC) allows access to be granted or restricted by an objectâs owner based on user identity and on the discretion of the object owner.
Q409. Which of the following provides additional encryption strength by repeating the encryption process with additional keys?
Triple-DES (3DES) is a technological upgrade of DES. 3DES is still used, even though AES is the preferred choice for government applications. 3DES is considerably harder to break than many other systems, and itâs more secure than DES. It increases the key length to 168 bits (using three 56-bit DES keys).
Q410. Use of a smart card to authenticate remote servers remains MOST susceptible to which of the following attacks?
A. Malicious code on the local system
B. Shoulder surfing
C. Brute force certificate cracking
D. Distributed dictionary attacks
Once a user authenticates to a remote server, malicious code on the userâs workstation could then infect the server.