Cause all that matters here is passing the CompTIA SY0-401 exam. Cause all that you need is a high score of SY0-401 CompTIA Security+ Certification exam. The only one thing you need to do is downloading Exambible SY0-401 exam study guides now. We will not let you down with our money-back guarantee.
2021 Feb SY0-401 test question
Q161. After Matt, a user enters his username and password at the login screen of a web enabled portal, the following appears on his screen:
`Please only use letters and numbers on these fields’
Which of the following is this an example of?
A. Proper error handling
B. Proper input validation
C. Improper input validation
D. Improper error handling
Answer: B
Explanation:
Input validation is an aspect of secure coding and is intended to mitigate against possible user input attacks, such as buffer overflows and fuzzing. Input validation checks every user input submitted to the application before processing that input. The check could be a length, a character type, a language type, or a domain.
Q162. Which of the following types of authentication packages user credentials in a ticket?
A. Kerberos
B. LDAP
C. TACACS+
D. RADIUS
Answer: A
Explanation:
The basic process of Kerberos authentication is as follows:
The subject provides logon credentials.
The Kerberos client system encrypts the password and transmits the protected credentials to the
KDC.
The KDC verifies the credentials and then creates a ticket-granting ticket (TGT—a hashed form of
the subject’s password with the addition of a time stamp that indicates a valid lifetime). The TGT is
encrypted and sent to the client.
The client receives the TGT. At this point, the subject is an authenticated principle in the Kerberos
realm.
The subject requests access to resources on a network server. This causes the client to request a
service ticket (ST) from the KDC.
The KDC verifies that the client has a valid TGT and then issues an ST to the client. The ST
includes a time stamp that indicates its valid lifetime.
The client receives the ST.
The client sends the ST to the network server that hosts the desired resource.
The network server verifies the ST. If it’s verified, it initiates a communication session with the
client. From this point forward, Kerberos is no longer involved.
Q163. A company has several conference rooms with wired network jacks that are used by both employees and guests. Employees need access to internal resources and guests only need access to the Internet. Which of the following combinations is BEST to meet the requirements?
A. NAT and DMZ
B. VPN and IPSec
C. Switches and a firewall
D. 802.1x and VLANs
Answer: D
Explanation:
802.1x is a port-based authentication mechanism. It’s based on Extensible Authentication Protocol (EAP) and is commonly used in closed-environment wireless networks. 802.1x was initially used to compensate for the weaknesses of Wired Equivalent Privacy (WEP), but today it’s often used as a component in more complex authentication and connection-management systems, including Remote Authentication Dial-In User Service (RADIUS), Diameter, Cisco System’s Terminal Access Controller Access-Control System Plus (TACACS+), and Network Access Control (NAC).
A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. By default, all ports on a switch are part of VLAN 1. But as the switch administrator changes the VLAN assignment on a port-by-port basis, various ports can be grouped together and be distinct from other VLAN port designations. VLANs are used for traffic management. Communications between ports within the same VLAN occur without hindrance, but communications between VLANs require a routing function.
Q164. Which of the following devices would be MOST useful to ensure availability when there are a large number of requests to a certain website?
A. Protocol analyzer
B. Load balancer
C. VPN concentrator
D. Web security gateway
Answer: B
Explanation:
Load balancing refers to shifting a load from one device to another. A load balancer can be implemented as a software or hardware solution, and it is usually associated with a device—a router, a firewall, NAT appliance, and so on. In its most common implementation, a load balancer splits the traffic intended for a website into individual requests that are then rotated to redundant servers as they become available.
Q165. Joe, a security analyst, asks each employee of an organization to sign a statement saying that they understand how their activities may be monitored. Which of the following BEST describes this statement? (Select TWO).
A. Acceptable use policy
B. Risk acceptance policy
C. Privacy policy
D. Email policy
E. Security policy
Answer: A,C
Explanation:
Privacy policies define what controls are required to implement and maintain the sanctity of data privacy in the work environment. Privacy policy is a legal document that outlines how data collected is secured. It should encompass information regarding the information the company collects, privacy choices you have based on your account, potential information sharing of your data with other parties, security measures in place, and enforcement. Acceptable use policies (AUPs) describe how the employees in an organization can use company systems and resources, both software and hardware.
Rebirth SY0-401 training:
Q166. During a recent investigation, an auditor discovered that an engineer’s compromised workstation was being used to connect to SCADA systems while the engineer was not logged in. The engineer is responsible for administering the SCADA systems and cannot be blocked from connecting to them. The SCADA systems cannot be modified without vendor approval which requires months of testing.
Which of the following is MOST likely to protect the SCADA systems from misuse?
A. Update anti-virus definitions on SCADA systems
B. Audit accounts on the SCADA systems
C. Install a firewall on the SCADA network
D. Deploy NIPS at the edge of the SCADA network
Answer: D
Explanation:
A supervisory control and data acquisition (SCADA) system is an industrial control system (ICS) that is used to control infrastructure processes, facility-based processes, or industrial processes. A network-based IPS (NIPS) is an intrusion detection and prevention system that scans network traffic in real time against a database of attack signatures. It is useful for detecting and responding to network-based attacks originating from outside the organization.
Q167. Which of the following types of cryptography should be used when minimal overhead is necessary for a mobile device?
A. Block cipher
B. Elliptical curve cryptography
C. Diffie-Hellman algorithm
D. Stream cipher
Answer: B
Explanation:
Regarding the performance of ECC applications on various mobile devices, ECC is the most suitable PKC (Public-key cryptography) scheme for use in a constrained environment. Note: Elliptic curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. One of the main benefits in comparison with non-ECC cryptography (with plain Galois fields as a basis) is the same level of security provided by keys of smaller size. Using smaller key size would be faster.
Q168. Which of the following pseudocodes can be used to handle program exceptions?
A. If program detects another instance of itself, then kill program instance.
B. If user enters invalid input, then restart program.
C. If program module crashes, then restart program module.
D. If user’s input exceeds buffer length, then truncate the input.
Answer: C
Explanation:
Exception handling is an aspect of secure coding. When errors occur, the system should revert back to a secure state. This must be coded into the system by the programmer, and should capture all errors and exceptions that could cause the application or its modules to crash. Restarting the application or module would ensure that the application reverts back to a secure state.
Q169. Which of the following security architecture elements also has sniffer functionality? (Select TWO).
A. HSM
B. IPS
C. SSL accelerator
D. WAP
E. IDS
Answer: B,E
Explanation:
Sniffer functionality means the ability to capture and analyze the content of data packets as they
are transmitted across the network.
IDS and IPS systems perform their functions by capturing and analyzing the content of data
packets.
An intrusion detection system (IDS) is a device or software application that monitors network or
system activities for malicious activities or policy violations and produces reports to a management
station. IDS come in a variety of “flavors” and approach the goal of detecting suspicious traffic in
different ways. There are network based (NIDS) and host based (HIDS) intrusion detection
systems. Some systems may attempt to stop an intrusion attempt but this is neither required nor
expected of a monitoring system. Intrusion detection and prevention systems (IDPS) are primarily
focused on identifying possible incidents, logging information about them, and reporting attempts.
In addition, organizations use IDPSes for other purposes, such as identifying problems with
security policies, documenting existing threats and deterring individuals from violating security
policies. IDPSes have become a necessary addition to the security infrastructure of nearly every
organization.
IDPSes typically record information related to observed events, notify security administrators of
important observed events and produce reports. Many IDPSes can also respond to a detected
threat by attempting to prevent it from succeeding. They use several response techniques, which
involve the IDPS stopping the attack itself, changing the security environment (e.g. reconfiguring a
firewall) or changing the attack's content.
Q170. Which of the following application security testing techniques is implemented when an automated system generates random input data?
A. Fuzzing
B. XSRF
C. Hardening
D. Input validation
Answer: A
Explanation:
Fuzzing is a software testing technique that involves providing invalid, unexpected, or random data to as inputs to a computer program. The program is then monitored for exceptions such as crashes, or failed validation, or memory leaks.