sy0 401 practice test (681 to 689)

It is impossible to pass CompTIA sy0 401 practice test exam without any help in the short term. Come to Ucertify soon and find the most advanced, correct and guaranteed CompTIA sy0 401 vce practice questions. You will get a surprising result by our Renew CompTIA Security+ Certification practice guides.


Free VCE & PDF File for CompTIA SY0-401 Real Exam
(Full Version!)

Pass on Your First TRY 100% Money Back Guarantee Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on:

Q681. Which of the following should Matt, a security administrator, include when encrypting smartphones? (Select TWO). 

A. Steganography images 

B. Internal memory 

C. Master boot records 

D. Removable memory cards 

E. Public keys 

Answer: B,D 


All useable data on the device should be encrypted. This data can be located on the hard drive, or removable drives, such as USB devices and memory cards, and on internal memory. 

Q682. The system administrator is reviewing the following logs from the company web server: 

12:34:56 GET /directory_listing.php?user=admin&pass=admin1 

12:34:57 GET /directory_listing.php?user=admin&pass=admin2 

12:34:58 GET /directory_listing.php?user=admin&pass=1admin 


 GET /directory_listing.php?user=admin&pass=2admin Which of the following is this an example of? 

A. Online rainbow table attack 

B. Offline brute force attack 

C. Offline dictionary attack 

D. Online hybrid attack 



Q683. A security administrator needs to determine which system a particular user is trying to login to at various times of the day. Which of the following log types would the administrator check? 

A. Firewall 

B. Application 


D. Security 



The security log records events such as valid and invalid logon attempts, as well as events related to resource use, such as the creating, opening, or deleting of files. For example, when logon auditing is enabled, an event is recorded in the security log each time a user attempts to log on to the computer. You must be logged on as Administrator or as a member of the Administrators group in order to turn on, use, and specify which events are recorded in the security log. 

Q684. A recently installed application update caused a vital application to crash during the middle of the workday. The application remained down until a previous version could be reinstalled on the server, and this resulted in a significant loss of data and revenue. 

Which of the following could BEST prevent this issue from occurring again? 

A. Application configuration baselines 

B. Application hardening 

C. Application access controls 

D. Application patch management 



Patch management is the process of maintaining the latest source code for applications and operating systems by applying the latest vendor updates. This helps protect a systems from newly discovered attacks and vulnerabilities. A part of patch management is testing the effects of vendor updates on a test system first to ensure that the updates do not have detrimental effects on the system, and, should the updates have no detrimental effects on the test systems, backing up the production systems before applying the updates on a production system. 

Q685. Several bins are located throughout a building for secure disposal of sensitive information. 

Which of the following does this prevent? 

A. Dumpster diving 

B. War driving 

C. Tailgating 

D. War chalking 



The bins in this question will be secure bins designed to prevent someone accessing the ‘rubbish’ to learn sensitive information. Dumpster diving is looking for treasure in someone else's trash. (A dumpster is a large trash container.) In the world of information technology, dumpster diving is a technique used to retrieve information that could be used to carry out an attack on a computer network. Dumpster diving isn't limited to searching through the trash for obvious treasures like access codes or passwords written down on sticky notes. Seemingly innocent information like a phone list, calendar, or organizational chart can be used to assist an attacker using social engineering techniques to gain access to the network. To prevent dumpster divers from learning anything valuable from your trash, experts recommend that your company establish a disposal policy where all paper, including print-outs, is shredded in a cross-cut shredder before being recycled, all storage media is erased, and all staff is educated about the danger of untracked trash. 

Q686. After Matt, a user enters his username and password at the login screen of a web enabled portal, the following appears on his screen: 

`Please only use letters and numbers on these fields’ 

Which of the following is this an example of? 

A. Proper error handling 

B. Proper input validation 

C. Improper input validation 

D. Improper error handling 



Input validation is an aspect of secure coding and is intended to mitigate against possible user input attacks, such as buffer overflows and fuzzing. Input validation checks every user input submitted to the application before processing that input. The check could be a length, a character type, a language type, or a domain. 

Q687. Which of the following is used to verify data integrity? 


B. 3DES 





SHA stands for "secure hash algorithm". SHA-1 is the most widely used of the existing SHA hash 

functions, and is employed in several widely used applications and protocols including TLS and 

SSL, PGP, SSH, S/MIME, and IPsec. It is used to ensure data integrity. 


A hash value (or simply hash), also called a message digest, is a number generated from a string 

of text. The hash is substantially smaller than the text itself, and is generated by a formula in such 

a way that it is extremely unlikely that some other text will produce the same hash value. 

Hashes play a role in security systems where they're used to ensure that transmitted messages 

have not been tampered with. The sender generates a hash of the message, encrypts it, and sends it with the message itself. The recipient then decrypts both the message and the hash, produces another hash from the received message, and compares the two hashes. If they're the same, there is a very high probability that the message was transmitted intact. This is how hashing is used to ensure data integrity. 

Q688. An organization has introduced token-based authentication to system administrators due to risk of password compromise. The tokens have a set of numbers that automatically change every 30 seconds. Which of the following type of authentication mechanism is this? 


B. Smart card 





Time-based one-time password (TOTP) tokens are devices or applications that generate passwords at fixed time intervals. In this case, it’s every 30 seconds. 

Q689. Which of the following is the BEST approach to perform risk mitigation of user access control rights? 

A. Conduct surveys and rank the results. 

B. Perform routine user permission reviews. 

C. Implement periodic vulnerability scanning. 

D. Disable user accounts that have not been used within the last two weeks. 



Risk mitigation is accomplished any time you take steps to reduce risk. This category includes installing antivirus software, educating users about possible threats, monitoring network traffic, adding a firewall, and so on. User permissions may be the most basic aspect of security and is best coupled with a principle of least privilege. And related to permissions is the concept of the access control list (ACL). An ACL is literally a list of who can access what resource and at what level. Thus the best risk mitigation steps insofar as access control rights are concerned, is the regular/routine review of user permissions.