Realistic of SY0-401 question materials and practice for CompTIA certification for IT engineers, Real Success Guaranteed with Updated SY0-401 pdf dumps vce Materials. 100% PASS CompTIA Security+ Certification exam Today!

2021 Jan SY0-401 test

Q281. Which of the following wireless security measures can an attacker defeat by spoofing certain properties of their network interface card? 

A. WEP 

B. MAC filtering 

C. Disabled SSID broadcast 

D. TKIP 

Answer:

Explanation: 

MAC filtering is typically used in wireless networks. In computer networking, MAC Filtering (or GUI filtering, or layer 2 address filtering) refers to a security access control method whereby the 48-bit address assigned to each network card is used to determine access to the network. MAC addresses are uniquely assigned to each card, so using MAC filtering on a network permits and denies network access to specific devices through the use of blacklists and whitelists. While the restriction of network access through the use of lists is straightforward, an individual person is not identified by a MAC address, rather a device only, so an authorized person will need to have a whitelist entry for each device that he or she would use to access the network. While giving a wireless network some additional protection, MAC filtering can be circumvented by scanning a valid MAC (via airodumping) and then spoofing one's own MAC into a validated one. 


Q282. A customer has provided an email address and password to a website as part of the login process. Which of the following BEST describes the email address? 

A. Identification 

B. Authorization 

C. Access control 

D. Authentication 

Answer:


Q283. A technician wants to verify the authenticity of the system files of a potentially compromised system. Which of the following can the technician use to verify if a system file was compromised? (Select TWO). 

A. AES 

B. PGP 

C. SHA 

D. MD5 

E. ECDHE 

Answer: C,D 

Explanation: 


Q284. Which of the following is used to verify data integrity? 

A. SHA 

B. 3DES 

C. AES 

D. RSA 

Answer:

Explanation: 

SHA stands for "secure hash algorithm". SHA-1 is the most widely used of the existing SHA hash 

functions, and is employed in several widely used applications and protocols including TLS and 

SSL, PGP, SSH, S/MIME, and IPsec. It is used to ensure data integrity. 

Note: 

A hash value (or simply hash), also called a message digest, is a number generated from a string 

of text. The hash is substantially smaller than the text itself, and is generated by a formula in such 

a way that it is extremely unlikely that some other text will produce the same hash value. 

Hashes play a role in security systems where they're used to ensure that transmitted messages 

have not been tampered with. The sender generates a hash of the message, encrypts it, and sends it with the message itself. The recipient then decrypts both the message and the hash, produces another hash from the received message, and compares the two hashes. If they're the same, there is a very high probability that the message was transmitted intact. This is how hashing is used to ensure data integrity. 


Q285. A company is looking to improve their security posture by addressing risks uncovered by a recent penetration test. Which of the following risks is MOST likely to affect the business on a day-to-day basis? 

A. Insufficient encryption methods 

B. Large scale natural disasters 

C. Corporate espionage 

D. Lack of antivirus software 

Answer:

Explanation: 

The most common threat to computers is computer viruses. A computer can become infected with a virus through day-to-day activities such as browsing web sites or emails. As browsing and opening emails are the most common activities performed by all users, computer viruses represent the most likely risk to a business. 


Regenerate SY0-401 practice exam:

Q286. Which of the following protocols provides transport security for virtual terminal emulation? 

A. TLS 

B. SSH 

C. SCP 

D. S/MIME 

Answer:

Explanation: 

Secure Shell (SSH) is a tunneling protocol originally designed for Unix systems. It uses encryption to establish a secure connection between two systems. SSH also provides alternative, security-equivalent programs for such Unix standards as Telnet, FTP, and many other communications-oriented applications. SSH is available for use on Windows systems as well. This makes it the preferred method of security for Telnet and other cleartext oriented programs in the Unix environment. 


Q287. Which of the following protocols allows for the LARGEST address space? 

A. IPX 

B. IPv4 

C. IPv6 

D. Appletalk 

Answer:

Explanation: 

The main advantage of IPv6 over IPv4 is its larger address space. The length of an IPv6 address is 128 bits, compared with 32 bits in IPv4. 


Q288. Users report that they are unable to access network printing services. The security technician checks the router access list and sees that web, email, and secure shell are allowed. Which of the following is blocking network printing? 

A. Port security 

B. Flood guards 

C. Loop protection 

D. Implicit deny 

Answer:

Explanation: 

Implicit deny says that if you aren’t explicitly granted access or privileges for a resource, you’re denied access by default. The scenario does not state that network printing is allowed in the router access list, therefore, it must be denied by default. 


Q289. Users at a company report that a popular news website keeps taking them to a web page with derogatory content. This is an example of which of the following? 

A. Evil twin 

B. DNS poisoning 

C. Vishing 

D. Session hijacking 

Answer:

Explanation: 

DNS spoofing (or DNS cache poisoning) is a computer hacking attack, whereby data is introduced into a Domain Name System (DNS) resolver's cache, causing the name server to return an incorrect IP address, diverting traffic to the attacker's computer (or any other computer). A domain name system server translates a human-readable domain name (such as example.com) into a numerical IP address that is used to route communications between nodes. Normally if the server doesn't know a requested translation it will ask another server, and the process continues recursively. To increase performance, a server will typically remember (cache) these translations for a certain amount of time, so that, if it receives another request for the same translation, it can reply without having to ask the other server again. When a DNS server has received a false translation and caches it for performance optimization, it is considered poisoned, and it supplies the false data to clients. If a DNS server is poisoned, it may return an incorrect IP address, diverting traffic to another computer (in this case, the server hosting the web page with derogatory content). 


Q290. Which of the following types of logs could provide clues that someone has been attempting to compromise the SQL Server database? 

A. Event 

B. SQL_LOG 

C. Security 

D. Access 

Answer:

Explanation: 

Event logs include Application logs, such as those where SQL Server would write entries. This is where you would see logs with details of someone trying to access a SQL database.