Electronic move forward with present moments offers maxed all of degrees of anticipation. More modern and better solutions having bigger level regarding technology are definitely the telephone through the day. Software programs companies are generally causing not any natural stone unturned that will mistake the top available resources to handle this technology. Proficient manpower is actually necessary for the Information technology companies to carry send these studies and growth. CompTIA Security+ Certification about SY0-401 documentation examination is but one these types of examination which often testing this techie learn. Staying done simply by CompTIA, the following documentation is commonly generally known as SY0-401 documentation. The benefits this will deliver all around your corporation area should you take care of CompTIA tactics pertaining to will probably be that will you?¡¥ll today tolerate this self confidence your staff members feature the ability they need to defeat organization endeavors, profit simply by maximised productiveness and productivity.

2021 Mar SY0-401 rapidshare

Q331. Which of the following defines a business goal for system restoration and acceptable data loss? 

A. MTTR 

B. MTBF 

C. RPO 

D. Warm site 

Answer:

Explanation: 

The recovery point objective (RPO) defines the point at which the system needs to be restored. This could be where the system was two days before it crashed (whip out the old backup tapes) or five minutes before it crashed (requiring complete redundancy). This is an essential business goal insofar as system restoration and acceptable data loss is concerned. 


Q332. Several employees clicked on a link in a malicious message that bypassed the spam filter and their PCs were infected with malware as a result. Which of the following BEST prevents this situation from occurring in the future? 

A. Data loss prevention 

B. Enforcing complex passwords 

C. Security awareness training 

D. Digital signatures 

Answer:

Explanation: 


Q333. Which of the following would BEST deter an attacker trying to brute force 4-digit PIN numbers to access an account at a bank teller machine? 

A. Account expiration settings 

B. Complexity of PIN 

C. Account lockout settings 

D. PIN history requirements 

Answer:

Explanation: 

Account lockout settings determine the number of failed login attempts before the account gets locked and how long the account will be locked out for. For example, an account can be configured to lock if three incorrect passwords (or in this case PIN’s) are entered. The account can then be configured to automatically unlock after a period of time or stay locked until someone manually unlocks it. 


Q334. Ann, the Chief Information Officer (CIO) of a company, sees cloud computing as a way to save money while providing valuable services. She is looking for a cost-effective solution to assist in capacity planning as well as visibility into the performance of the network. Which of the following cloud technologies should she look into? 

A. IaaS 

B. MaaS 

C. SaaS 

D. PaaS 

Answer:

Explanation: 


Q335. Which of the following attacks could be used to initiate a subsequent man-in-the-middle attack? 

A. ARP poisoning 

B. DoS 

C. Replay 

D. Brute force 

Answer:

Explanation: 

A replay attack (also known as playback attack) is a form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it, possibly as part of a masquerade attack by IP packet substitution (such as stream cipher attack). 

For example: Suppose Alice wants to prove her identity to Bob. Bob requests her password as proof of identity, which Alice dutifully provides (possibly after some transformation like a hash function); meanwhile, Eve is eavesdropping on the conversation and keeps the password (or the hash). After the interchange is over, Eve (posing as Alice) connects to Bob; when asked for a proof of identity, Eve sends Alice's password (or hash) read from the last session, which Bob accepts thus granting access to Eve. 

Countermeasures: A way to avoid replay attacks is by using session tokens: Bob sends a one-time token to Alice, which Alice uses to transform the password and send the result to Bob (e.g. computing a hash function of the session token appended to the password). On his side Bob performs the same computation; if and only if both values match, the login is successful. Now suppose Eve has captured this value and tries to use it on another session; Bob sends a different session token, and when Eve replies with the captured value it will be different from Bob's computation. Session tokens should be chosen by a (pseudo-) random process. Otherwise Eve may be able to pose as Bob, presenting some predicted future token, and convince Alice to use that token in her transformation. Eve can then replay her reply at a later time (when the previously predicted token is actually presented by Bob), and Bob will accept the authentication. One-time passwords are similar to session tokens in that the password expires after it has been used or after a very short amount of time. They can be used to authenticate individual transactions in addition to sessions. The technique has been widely implemented in personal online banking systems. Bob can also send nonces but should then include a message authentication code (MAC), which Alice should check. Timestamping is another way of preventing a replay attack. Synchronization should be achieved using a secure protocol. For example Bob periodically broadcasts the time on his clock together with a MAC. When Alice wants to send Bob a message, she includes her best estimate of the time on his clock in her message, which is also authenticated. Bob only accepts messages for which the timestamp is within a reasonable tolerance. The advantage of this scheme is that Bob does not need to generate (pseudo-) random numbers, with the trade-off being that replay attacks, if they are performed quickly enough i.e. within that 'reasonable' limit, could succeed. 


Up to date SY0-401 test:

Q336. HOTSPOT 

For each of the given items, select the appropriate authentication category from the dropdown choices. 

Instructions: When you have completed the simu-lation, please select the Done button to submit. 

Answer: 


Q337. A system administrator has been instructed by the head of security to protect their data at-rest. 

Which of the following would provide the strongest protection? 

A. Prohibiting removable media 

B. Incorporating a full-disk encryption system 

C. Biometric controls on data center entry points 

D. A host-based intrusion detection system 

Answer:

Explanation: 

Full disk encryption can be used to encrypt an entire volume with 128-bit encryption. When the entire volume is encrypted, the data is not accessible to someone who might boot another operating system in an attempt to bypass the computer’s security. Full disk encryption is sometimes referred to as hard drive encryption. This would be best to protect data that is at rest. 


Q338. An access point has been configured for AES encryption but a client is unable to connect to it. Which of the following should be configured on the client to fix this issue? 

A. WEP 

B. CCMP 

C. TKIP 

D. RC4 

Answer:

Explanation: 

CCMP is an encryption protocol designed for Wireless LAN products that implement the standards of the IEEE 802.11i amendment to the original IEEE 802.11 standard. CCMP is an enhanced data cryptographic encapsulation mechanism designed for data confidentiality and based upon the Counter Mode with CBC-MAC (CCM) of the AES standard. 


Q339. After a user performed a war driving attack, the network administrator noticed several similar markings where WiFi was available throughout the enterprise. Which of the following is the term used to describe these markings? 

A. IV attack 

B. War dialing 

C. Rogue access points 

D. War chalking 

Answer:

Explanation: 

War chalking is the act of making chalk marks on outdoor surfaces (walls, sidewalks, buildings, sign posts, trees) to indicate the existence of an open wireless network connection, usually offering an Internet connection so that others can benefit from the free wireless access. The open connections typically come from the access points of wireless networks located within buildings to serve enterprises. The chalk symbols indicate the type of access point that is available at that specific spot. 


Q340. A database administrator contacts a security administrator to request firewall changes for a connection to a new internal application. The security administrator notices that the new application uses a port typically monopolized by a virus. The security administrator denies the request and suggests a new port or service be used to complete the application’s task. Which of the following is the security administrator practicing in this example? 

A. Explicit deny 

B. Port security 

C. Access control lists 

D. Implicit deny 

Answer:

Explanation: 

Traffic that comes into the router is compared to ACL entries based on the order that the entries occur in the router. New statements are added to the end of the list. The router continues to look until it has a match. If no matches are found when the router reaches the end of the list, the traffic is denied. For this reason, you should have the frequently hit entries at the top of the list. There is an implied deny for traffic that is not permitted.