Super to sy0 401 vce

Act now and download your CompTIA comptia sy0 401 test today! Do not waste time for the worthless CompTIA comptia security+ sy0 401 tutorials. Download Up to the immediate present CompTIA CompTIA Security+ Certification exam with real questions and answers and begin to learn CompTIA comptia security+ get certified get ahead sy0 401 study guide with a classic professional.


Free VCE & PDF File for CompTIA SY0-401 Real Exam
(Full Version!)

Pass on Your First TRY 100% Money Back Guarantee Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on:

P.S. Tested SY0-401 practice exam are available on Google Drive, GET MORE:

New CompTIA SY0-401 Exam Dumps Collection (Question 11 – Question 20)

Question No: 11

Which of the following is an XML based open standard used in the exchange of authentication and authorization information between different parties?




D. Kerberos

Answer: B


Security Assertion Markup Language (SAML) is an open-standard data format centred on XML. It is used for supporting the exchange of authentication and authorization details between systems, services, and devices.

Question No: 12

Joe, a network administrator, is able to manage the backup software console by using his network login credentials. Which of the following authentication services is the MOST likely using?




D. Two-factor authentication

Answer: B


Joe is able to manage the backup system by logging into the network. This is an example of Single Sign-on.

A common usage of LDAP is to provide a "single sign on" where one password for a user is shared between many services, such as applying a company login code to web pages (so that staff log in only once to company computers, and then are automatically logged into the company intranet).

The Lightweight Directory Access Protocol is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. Directory services play an important role in developing intranet and Internet applications by allowing the sharing of information about users, systems, networks, services, and applications throughout the network. As examples, directory services may provide any organized set of records, often with a hierarchical structure, such as a corporate email directory. Similarly, a telephone directory is a list of subscribers with an address and a phone number.

Question No: 13

A security administrator discovers an image file that has several plain text documents hidden in the file. Which of the following security goals is met by camouflaging data inside of other files?

A. Integrity

B. Confidentiality

C. Steganography

D. Availability

Answer: C


Steganography is the process of concealing a file, message, image, or video within another file, message, image, or video.

Note: The advantage of steganography over cryptography alone is that the intended secret message does not attract attention to itself as an object of scrutiny. Plainly visible encrypted messages, no matter how unbreakable will arouse interest, and may in themselves be incriminating in countries where encryption is illegal. Thus, whereas cryptography is the practice of protecting the contents of a message alone, steganography is concerned with concealing the fact that a secret message is being sent, as well as concealing the contents of the message.

Question No: 14

Users need to exchange a shared secret to begin communicating securely. Which of the following is another name for this symmetric key?

A. Session Key

B. Public Key

C. Private Key

D. Digital Signature

Answer: C


Symmetric algorithms require both ends of an encrypted message to have the same key and processing algorithms. Symmetric algorithms generate a secret key that must be protected. A symmetric key, sometimes referred to as a secret key or private key, is a key that isnu2019t disclosed to people who arenu2019t authorized to use the encryption system.

Question No: 15

After encrypting all laptop hard drives, an executive officeru2019s laptop has trouble booting to the operating system. Now that it is successfully encrypted the helpdesk cannot retrieve the data.

Which of the following can be used to decrypt the information for retrieval?

A. Recovery agent

B. Private key

C. Trust models

D. Public key

Answer: A


To access the data the hard drive need to be decrypted. To decrypt the hard drive you would need the proper private key. The key recovery agent can retrieve the required key. A key recovery agent is an entity that has the ability to recover a key, key components, or plaintext messages as needed.

Question No: 16

Which of the following identifies certificates that have been compromised or suspected of being compromised?

A. Certificate revocation list

B. Access control list

C. Key escrow registry

D. Certificate authority

Answer: A


Certificates that have been compromised or are suspected of being compromised are revoked.

A CRL is a locally stored record containing revoked certificates and revoked keys.

Question No: 17

A software development company wants to implement a digital rights management solution to protect its intellectual property. Which of the following should the company implement to enforce software digital rights?

A. Transport encryption

B. IPsec

C. Non-repudiation

D. Public key infrastructure

Answer: D


The Public-Key Infrastructure (PKI) is intended to offer a means of providing security to messages and transactions on a grand scale. The need for universal systems to support e- commerce, secure transactions, and information privacy is one aspect of the issues being addressed with PKI. A PKI can be used to protect software.

Question No: 18

Pete, an employee, needs a certificate to encrypt data. Which of the following would issue Pete a certificate?

A. Certification authority

B. Key escrow

C. Certificate revocation list

D. Registration authority

Answer: A


A certificate authority (CA) is an organization that is responsible for issuing, revoking, and distributing certificates.

Question No: 19

Which of the following allows lower level domains to access resources in a separate Public Key Infrastructure?

A. Trust Model

B. Recovery Agent

C. Public Key

D. Private Key

Answer: A


In a bridge trust model allows lower level domains to access resources in a separate PKI through the root CA.

A trust Model is collection of rules that informs application on how to decide the legitimacy of a Digital Certificate.

In a bridge trust model, a peer-to-peer relationship exists among the root CAs. The root CAs can communicate with one another, allowing cross certification. This arrangement allows a certification process to be established between organizations or departments.

Each intermediate CA trusts only the CAs above and below it, but the CA structure can be expanded without creating additional layers of CAs.

Question No: 20

A company with a US-based sales force has requested that the VPN system be configured to authenticate the sales team based on their username, password and a client side certificate.

Additionally, the security administrator has restricted the VPN to only allow authentication from the US territory. How many authentication factors are in use by the VPN system?

A. 1

B. 2

C. 3

D. 4

Answer: C


Three different types of authentication factors have been used in this question: Something you know u2013 username and password.

Something you have – client side certificate.

Somewhere you are – authentication to the VPN is only allowed from the U.S. territory.

Recommend!! Get the Tested SY0-401 dumps in VCE and PDF From Examcollectionplus, Welcome to download: (New 1781 Q&As Version)