Having a CompTIA CompTIA certification throughout hand will certainly increase your employment chances and increase up your current confidence in the career market. CompTIA CompTIA certificate is actually one of these most chosen certifications. Due to the fierce competitors in the The idea field, the actual certificate of CompTIA SY0-401 is actually an advantage in your case to have the place inside the world of Internet Technological innovation. That is why nearly all of the The idea aspirants want to receive the CompTIA SY0-401 certification. Your expertise will be enhanced by simply preparing the actual CompTIA SY0-401 exam questions. Tired of a myriad of advertisements about CompTIA CompTIA exam preparation on the web, you should cease at Testking. Testking will certainly provide with all the high-quality and useful CompTIA SY0-401 studying materials that are beneficial in the course of your operate.
2021 Feb SY0-401 free exam questions
Q11. Matt, a security administrator, wants to ensure that the message he is sending does not get intercepted or modified in transit. This concern relates to which of the following concepts?
A. Availability
B. Integrity
C. Accounting
D. Confidentiality
Answer: B
Explanation:
Integrity means ensuring that data has not been altered. Hashing and message authentication codes are the most common methods to accomplish this. In addition, ensuring nonrepudiation via digital signatures supports integrity.
Q12. Which of the following is described as an attack against an application using a malicious file?
A. Client side attack
B. Spam
C. Impersonation attack
D. Phishing attack
Answer: A
Explanation:
In this question, a malicious file is used to attack an application. If the application is running on a
client computer, this would be a client side attack. Attacking a service or application on a server
would be a server side attack.
Client-side attacks target vulnerabilities in client applications interacting with a malicious data. The
difference is the client is the one initiating the bad connection.
Client-side attacks are becoming more popular. This is because server side attacks are not as
easy as they once were according to apache.org.
Attackers are finding success going after weaknesses in desktop applications such as browsers,
media players, common office applications and e-mail clients.
To defend against client-side attacks keep-up the most current application patch levels, keep
antivirus software updated and keep authorized software to a minimum.
Q13. An auditor’s report discovered several accounts with no activity for over 60 days. The accounts were later identified as contractors’ accounts who would be returning in three months and would need to resume the activities. Which of the following would mitigate and secure the auditors finding?
A. Disable unnecessary contractor accounts and inform the auditor of the update.
B. Reset contractor accounts and inform the auditor of the update.
C. Inform the auditor that the accounts belong to the contractors.
D. Delete contractor accounts and inform the auditor of the update.
Answer: A
Explanation:
A disabled account cannot be used. It is ‘disabled’. Whenever an employee leaves a company, the employee’s user account should be disabled. The question states that the accounts are contractors’ accounts who would be returning in three months. Therefore, it would be easier to keep the accounts rather than deleting them which would require that the accounts are recreated in three months time. By disabling the accounts, we can ensure that the accounts cannot be used; in three months when the contractors are back, we can simply re-enable the accounts.
Q14. A security administrator wants to ensure that the message the administrator sends out to their Chief Financial Officer (CFO) does not get changed in route. Which of the following is the administrator MOST concerned with?
A. Data confidentiality
B. High availability
C. Data integrity
D. Business continuity
Answer: C
Explanation:
Integrity is the process of ensuring that the information has not been altered during transmission. This can be accomplished by means of hashing.
Q15. Which of the following fire suppression systems is MOST likely used in a datacenter?
A. FM-200
B. Dry-pipe
C. Wet-pipe
D. Vacuum
Answer: A
Explanation:
FM200 is a gas and the principle of a gas system is that it displaces the oxygen in the room, thereby removing this essential component of a fi re. in a data center is is the preferred choice of fire suppressant.
Abreast of the times SY0-401 rapidshare:
Q16. An IT director is looking to reduce the footprint of their company’s server environment. They have decided to move several internally developed software applications to an alternate environment, supported by an external company. Which of the following BEST describes this arrangement?
A. Infrastructure as a Service
B. Storage as a Service
C. Platform as a Service
D. Software as a Service
Answer: A
Explanation:
Cloud users install operating-system images and their application software on the cloud infrastructure to deploy their applications. In this model, the cloud user patches and maintains the operating systems and the application software.
Q17. HOTSPOT
The security administrator has installed a new firewall which implements an implicit DENY policy by default Click on the firewall and configure it to allow ONLY the following communication.
1. The Accounting workstation can ONLY access the web server on the public network over the default HTTPS port. The accounting workstation should not access other networks.
2. The HR workstation should be restricted to communicate with the Financial server ONLY, over the default SCP port
3. The Admin workstation should ONLY be able to access the servers on the secure network over the default TFTP port.
Instructions: The firewall will process the rules in a top-down manner in order as a first match The port number must be typed in and only one port number can be entered per rule Type ANY for all ports. The original firewall configuration can be reset at any time by pressing the reset button. Once you have met the simulation requirements, click save and then Done to submit.
Answer:
Q18. A company’s employees were victims of a spear phishing campaign impersonating the CEO. The company would now like to implement a solution to improve the overall security posture by assuring their employees that email originated from the CEO. Which of the following controls could they implement to BEST meet this goal?
A. Spam filter
B. Digital signatures
C. Antivirus software
D. Digital certificates
Answer: B
Explanation:
A digital signature is a mathematical technique used to validate the authenticity and integrity of a message, software, or digital document. The digital equivalent of a handwritten signature or stamped seal, but offering far more inherent security, a digital signature is intended to solve the problem of tampering and impersonation in digital communications. Digital signatures can provide the added assurances of evidence to origin, identity and status of an electronic document, transaction or message, as well as acknowledging informed consent by the signer. Digital signatures are based on public key cryptography, also known as asymmetric cryptography. Using a public key algorithm such as RSA, one can generate two keys that are mathematically linked: one private and one public. To create a digital signature, signing software (such as an email program) creates a one-way hash of the electronic data to be signed. The private key is then used to encrypt the hash. The encrypted hash -- along with other information, such as the hashing algorithm -- is the digital signature. The reason for encrypting the hash instead of the entire message or document is that a hash function can convert an arbitrary input into a fixed length value, which is usually much shorter. This saves time since hashing is much faster than signing.
Q19. The Chief Technology Officer (CTO) wants to improve security surrounding storage of customer passwords.
The company currently stores passwords as SHA hashes. Which of the following can the CTO implement requiring the LEAST change to existing systems?
A. Smart cards
B. TOTP
C. Key stretching
D. Asymmetric keys
Answer: A
Explanation:
Smart cards usually come in two forms. The most common takes the form of a rectangular piece of plastic with an embedded microchip. The second is as a USB token. It contains a built in processor and has the ability to securely store and process information. A "contact" smart card communicates with a PC using a smart card reader whereas a "contactless" card sends encrypted information via radio waves to the PC. Typical scenarios in which smart cards are used include interactive logon, e-mail signing, e-mail decryption and remote access authentication. However, smart cards are programmable and can contain programs and data for many different applications. For example smart cards may be used to store medical histories for use in emergencies, to make electronic cash payments or to verify the identity of a customer to an e-retailer. Microsoft provides two device independent APIs to insulate application developers from differences between current and future implementations: CryptoAPI and Microsoft Win32. SCard APIs. The Cryptography API contains functions that allow applications to encrypt or digitally sign data in a flexible manner, while providing protection for the user's sensitive private key data. All cryptographic operations are performed by independent modules known as cryptographic service providers (CSPs). There are many different cryptographic algorithms and even when implementing the same algorithm there are many choices to make about key sizes and padding for example. For this reason, CSPs are grouped into types, in which each supported CryptoAPI function, by default, performs in a way particular to that type. For example, CSPs in the PROV_DSS provider type support DSS Signatures and MD5 and SHA hashing.
Q20. To help prevent unauthorized access to PCs, a security administrator implements screen savers that lock the PC after five minutes of inactivity. Which of the following controls is being described in this situation?
A. Management
B. Administrative
C. Technical
D. Operational
Answer: C
Explanation:
controls such as preventing unauthorized access to PC’s and applying screensavers that lock the PC after five minutes of inactivity is a technical control type, the same as Identification and Authentication, Access Control, Audit and Accountability as well as System and Communication Protection.