Advanced Guide: sy0 401 pdf

Cause all that matters here is passing the CompTIA comptia security+ sy0 401 pdf exam. Cause all that you need is a high score of sy0 401 dump CompTIA Security+ Certification exam. The only one thing you need to do is downloading Ucertify comptia security+ study guide sy0 401 exam study guides now. We will not let you down with our money-back guarantee.

2018 NEW RECOMMEND

Free VCE & PDF File for CompTIA SY0-401 Real Exam
(Full Version!)

Pass on Your First TRY 100% Money Back Guarantee Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/SY0-401-dumps.html

Q141. A security administrator looking through IDS logs notices the following entry: (where email=joe@joe.com and passwd= ‘or 1==1’) 

Which of the following attacks had the administrator discovered? 

A. SQL injection 

B. XML injection 

C. Cross-site script 

D. Header manipulation 

Answer:

Explanation: 

The code in the question is an example of a SQL Injection attack. The code ‘1==1’ will always provide a value of true. This can be included in statement designed to return all rows in a SQL table. 

SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker). SQL injection must exploit a security vulnerability in an application's software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database. 

Q142. Which of the following preventative controls would be appropriate for responding to a directive to reduce the attack surface of a specific host? 

A. Installing anti-malware 

B. Implementing an IDS 

C. Taking a baseline configuration 

D. Disabling unnecessary services 

Answer:

Explanation: 

Preventive controls are to stop something from happening. These can include locked doors that keep intruders out, user training on potential harm (to keep them vigilant and alert), or even biometric devices and guards that deny access until authentication has occurred. By disabling all unnecessary services you would be reducing the attack surface because then there is less opportunity for risk incidents to happen. There are many risks with having many services enabled since a service can provide an attack vector that someone could exploit against your system. It is thus best practice to enable only those services that are absolutely required. 

Q143. Joe, a user, in a coffee shop is checking his email over a wireless network. An attacker records the temporary credentials being passed to Joe’s browser. The attacker later uses the credentials to impersonate Joe and creates SPAM messages. Which of the following attacks allows for this impersonation? 

A. XML injection 

B. Directory traversal 

C. Header manipulation 

D. Session hijacking 

Answer:

Explanation: 

In computer science, session hijacking, sometimes also known as cookie hijacking is the exploitation of a valid computer session—sometimes also called a session key—to gain unauthorized access to information or services in a computer system. In particular, it is used to refer to the theft of a magic cookie used to authenticate a user to a remote server. It has particular relevance to web developers, as the HTTP cookies used to maintain a session on many web sites can be easily stolen by an attacker using an intermediary computer or with access to the saved cookies on the victim's computer. 

Q144. The security officer is preparing a read-only USB stick with a document of important personal phone numbers, vendor contacts, an MD5 program, and other tools to provide to employees. At which of the following points in an incident should the officer instruct employees to use this information? 

A. Business Impact Analysis 

B. First Responder 

C. Damage and Loss Control 

D. Contingency Planning 

Answer:

Explanation: 

Incident response procedures involves: Preparation; Incident identification; Escalation and notification; Mitigation steps; Lessons learned; Reporting; Recover/reconstitution procedures; First responder; Incident isolation (Quarantine; Device removal); Data breach; Damage and loss control. In this scenario the security officer is carrying out an incident response measure that will address and be of benefit to those in the vanguard, i.e. the employees and they are the first responders. 

Q145. Ann an employee is visiting Joe, an employee in the Human Resources Department. While talking to Joe, Ann notices a spreadsheet open on Joe’s computer that lists the salaries of all employees in her department. Which of the following forms of social engineering would BEST describe this situation? 

A. Impersonation 

B. Dumpster diving 

C. Tailgating 

D. Shoulder surfing 

Answer:

Explanation: 

Ann was able to see the Spreadsheet on Joe’s computer. This direct observation is known as shoulder surfing. 

Shoulder surfing is using direct observation techniques, such as looking over someone's shoulder, to get information. Shoulder surfing is an effective way to get information in crowded places because it's relatively easy to stand next to someone and watch as they fill out a form, enter a PIN number at an ATM machine, or use a calling card at a public pay phone. Shoulder surfing can also be done long distance with the aid of binoculars or other vision-enhancing devices. To prevent shoulder surfing, experts recommend that you shield paperwork or your keypad from view by using your body or cupping your hand. 

Q146. Which of the following BEST describes a SQL Injection attack? 

A. The attacker attempts to have the receiving server pass information to a back-end database from which it can compromise the stored information. 

B. The attacker attempts to have the receiving server run a payload using programming commonly found on web servers. 

C. The attacker overwhelms a system or application, causing it to crash and bring the server down to cause an outage. 

D. The attacker overwhelms a system or application, causing it to crash, and then redirects the memory address to read from a location holding the payload. 

Answer:

Explanation: 

SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker). SQL injection must exploit a security vulnerability in an application's software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database. 

Q147. During a routine audit a web server is flagged for allowing the use of weak ciphers. Which of the following should be disabled to mitigate this risk? (Select TWO). 

A. SSL 1.0 

B. RC4 

C. SSL 3.0 

D. AES 

E. DES 

F. TLS 1.0 

Answer: A,E 

Explanation: 

TLS 1.0 and SSL 1.0 both have known vulnerabilities and have been replaced by later versions. Any systems running these ciphers should have them disabled. Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols designed to provide communications security over a computer network. They use X.509 certificates and hence asymmetric cryptography to authenticate the counterparty with whom they are communicating, and to exchange a symmetric key. This session key is then used to encrypt data flowing between the parties. This allows for data/message confidentiality, and message authentication codes for message integrity and as a by-product, message authentication Netscape developed the original SSL protocol. Version 1.0 was never publicly released because of serious security flaws in the protocol; version 2.0, released in February 1995, "contained a number of security flaws which ultimately led to the design of SSL version 3.0”. TLS 1.0 was first defined in RFC 2246 in January 1999 as an upgrade of SSL Version 3.0. As stated in the RFC, "the differences between this protocol and SSL 3.0 are not dramatic, but they are significant enough to preclude interoperability between TLS 1.0 and SSL 3.0". TLS 1.0 does include a means by which a TLS implementation can downgrade the connection to SSL 3.0, thus weakening security. TLS 1.1 and then TLS 1.2 were created to replace TLS 1.0. 

Q148. Identifying residual risk is MOST important to which of the following concepts? 

A. Risk deterrence 

B. Risk acceptance 

C. Risk mitigation 

D. Risk avoidance 

Answer:

Explanation: 

Risk acceptance is often the choice you must make when the cost of implementing any of the other four choices exceeds the value of the harm that would occur if the risk came to fruition. To truly qualify as acceptance, it cannot be a risk where the administrator or manager is unaware of its existence; it has to be an identified risk for which those involved understand the potential cost or damage and agree to accept it. Residual risk is always present and will remain a risk thus it should be accepted (risk acceptance) 

Q149. After working on his doctoral dissertation for two years, Joe, a user, is unable to open his dissertation file. The screen shows a warning that the dissertation file is corrupted because it is infected with a backdoor, and can only be recovered by upgrading the antivirus software from the free version to the commercial version. Which of the following types of malware is the laptop MOST likely infected with? 

A. Ransomware 

B. Trojan 

C. Backdoor 

D. Armored virus 

Answer:

Explanation: 

Q150. Which of the following should be enabled in a laptop’s BIOS prior to full disk encryption? 

A. USB 

B. HSM 

C. RAID 

D. TPM 

Answer:

Explanation: 

Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores cryptographic keys, passwords, or certificates.