Act now and download your CompTIA sy0 401 dump test today! Do not waste time for the worthless CompTIA sy0 401 vce tutorials. Download Far out CompTIA CompTIA Security+ Certification exam with real questions and answers and begin to learn CompTIA sy0 401 dump with a classic professional.
Q71. Symmetric encryption utilizes __________, while asymmetric encryption utilizes _________.
A. Public keys, one time
B. Shared keys, private keys
C. Private keys, session keys
D. Private keys, public keys
Answer: D
Explanation:
Symmetrical systems require the key to be private between the two parties. With asymmetric
systems, each circuit has one key.
In more detail:
*
Symmetric algorithms require both ends of an encrypted message to have the same key and processing algorithms. Symmetric algorithms generate a secret key that must be protected. A symmetric key, sometimes referred to as a secret key or private key, is a key that isn’t disclosed to people who aren’t authorized to use the encryption system.
*
Asymmetric algorithms use two keys to encrypt and decrypt data. These asymmetric keys are referred to as the public key and the private key. The sender uses the public key to encrypt a message, and the receiver uses the private key to decrypt the message; what one key does, the other one undoes.
Q72. The datacenter manager is reviewing a problem with a humidity factor that is too low. Which of the following environmental problems may occur?
A. EMI emanations
B. Static electricity
C. Condensation
D. Dry-pipe fire suppression
Answer: B
Explanation:
Humidity control prevents the buildup of static electricity in the environment. If the humidity drops much below 50 percent, electronic components are extremely vulnerable to damage from electrostatic shock.
Q73. Joe, a network administrator, is able to manage the backup software console by using his network login credentials. Which of the following authentication services is he MOST likely using?
A. SAML
B. LDAP
C. iSCSI
D. Two-factor authentication
Answer: B
Explanation:
Q74. XYZ Corporation is about to purchase another company to expand its operations. The CEO is concerned about information leaking out, especially with the cleaning crew that comes in at night.
The CEO would like to ensure no paper files are leaked. Which of the following is the BEST policy to implement?
A. Social media policy
B. Data retention policy
C. CCTV policy
D. Clean desk policy
Answer: D
Explanation:
Clean Desk Policy Information on a desk—in terms of printouts, pads of note paper, sticky notes, and the like—can be easily seen by prying eyes and taken by thieving hands. To protect data and your business, encourage employees to maintain clean desks and to leave out only those papers that are relevant to the project they are working on at that moment. All sensitive information should be put away when the employee is away from their desk.
Q75. A security analyst has been tasked with securing a guest wireless network. They recommend the company use an authentication server but are told the funds are not available to set this up.
Which of the following BEST allows the analyst to restrict user access to approved devices?
A. Antenna placement
B. Power level adjustment
C. Disable SSID broadcasting
D. MAC filtering
Answer: D
Explanation:
A MAC filter is a list of authorized wireless client interface MAC addresses that is used by a WAP to block access to all unauthorized devices.
Q76. Which of the following allows Pete, a security technician, to provide the MOST secure wireless implementation?
A. Implement WPA
B. Disable SSID
C. Adjust antenna placement
D. Implement WEP
Answer: A
Explanation: Of the options supplied, WiFi Protected Access (WPA) is the most secure and is the replacement for WEP.
Q77. An administrator was asked to review user accounts. Which of the following has the potential to cause the MOST amount of damage if the account was compromised?
A. A password that has not changed in 180 days
B. A single account shared by multiple users
C. A user account with administrative rights
D. An account that has not been logged into since creation
Answer: C
Explanation:
Q78. Various network outages have occurred recently due to unapproved changes to network and security devices. All changes were made using various system credentials. The security analyst has been tasked to update the security policy. Which of the following risk mitigation strategies would also need to be implemented to reduce the number of network outages due to unauthorized changes?
A. User rights and permissions review
B. Configuration management
C. Incident management
D. Implement security controls on Layer 3 devices
Answer: A
Explanation:
Reviewing user rights and permissions can be used to determine that all groups, users, and other accounts have the appropriate privileges assigned according to the policies of the corporation and their job descriptions. Also reviewing user rights and permissions will afford the security analyst the opportunity to put the principle of least privilege in practice as well as update the security policy
Q79. A company that has a mandatory vacation policy has implemented which of the following controls?
A. Risk control
B. Privacy control
C. Technical control
D. Physical control
Answer: A
Explanation:
Risk mitigation is done anytime you take steps to reduce risks. Thus mandatory vacation implementation is done as a risk control measure because it is a step that is taken as risk mitigation.
Q80. An administrator needs to secure RADIUS traffic between two servers. Which of the following is the BEST solution?
A. Require IPSec with AH between the servers
B. Require the message-authenticator attribute for each message
C. Use MSCHAPv2 with MPPE instead of PAP
D. Require a long and complex shared secret for the servers
Answer: A
Explanation: