Pass4sure offers free demo for sy0 401 study guide pdf exam. "CompTIA Security+ Certification", also known as sy0 401 practice exam exam, is a CompTIA Certification. This set of posts, Passing the CompTIA sy0 401 dump exam, will help you answer those questions. The sy0 401 study guide pdf Questions & Answers covers all the knowledge points of the real exam. 100% real CompTIA comptia sy0 401 exams and revised by experts!
Q171. An administrator is concerned that a company’s web server has not been patched. Which of the following would be the BEST assessment for the administrator to perform?
A. Vulnerability scan
B. Risk assessment
C. Virus scan
D. Network sniffer
Answer: A
Explanation:
A vulnerability scan is the process of scanning the network and/or I.T. infrastructure for threats and vulnerabilities. Vulnerabilities include computer systems that do not have the latest security patches installed. The threats and vulnerabilities are then evaluated in a risk assessment and the necessary actions taken to resolve and vulnerabilities. A vulnerability scan is the automated process of proactively identifying security vulnerabilities of computing systems in a network in order to determine if and where a system can be exploited and/or threatened. While public servers are important for communication and data transfer over the Internet, they open the door to potential security breaches by threat agents, such as malicious hackers. Vulnerability scanning employs software that seeks out security flaws based on a database of known flaws, testing systems for the occurrence of these flaws and generating a report of the findings that an individual or an enterprise can use to tighten the network's security. Vulnerability scanning typically refers to the scanning of systems that are connected to the Internet but can also refer to system audits on internal networks that are not connected to the Internet in order to assess the threat of rogue software or malicious employees in an enterprise.
Q172. Which of the following is an example of a false negative?
A. The IDS does not identify a buffer overflow.
B. Anti-virus identifies a benign application as malware.
C. Anti-virus protection interferes with the normal operation of an application.
D. A user account is locked out after the user mistypes the password too many times.
Answer: A
Explanation:
With a false negative, you are not alerted to a situation when you should be alerted.
Q173. The IT department has installed new wireless access points but discovers that the signal extends far into the parking lot. Which of the following actions should be taken to correct this?
A. Disable the SSID broadcasting
B. Configure the access points so that MAC filtering is not used
C. Implement WEP encryption on the access points
D. Lower the power for office coverage only
Answer: D
Explanation:
On the chance that the signal is actually traveling too far, some access points include power level controls, which allow you to reduce the amount of output provided.
Q174. A user has plugged in a wireless router from home with default configurations into a network jack at the office. This is known as:
A. an evil twin.
B. an IV attack.
C. a rogue access point.
D. an unauthorized entry point.
Answer: C
Explanation:
Q175. During a disaster recovery planning session, a security administrator has been tasked with determining which threats and vulnerabilities pose a risk to the organization. Which of the following should the administrator rate as having the HIGHEST frequency of risk to the organization?
A. Hostile takeovers
B. Large scale natural disasters
C. Malware and viruses
D. Corporate espionage
Answer: C
Explanation:
Q176. A security administrator wants to ensure that the message the administrator sends out to their Chief Financial Officer (CFO) does not get changed in route. Which of the following is the administrator MOST concerned with?
A. Data confidentiality
B. High availability
C. Data integrity
D. Business continuity
Answer: C
Explanation:
Integrity is the process of ensuring that the information has not been altered during transmission. This can be accomplished by means of hashing.
Q177. Which of the following protocols provides for mutual authentication of the client and server?
A. Two-factor authentication
B. Radius
C. Secure LDAP
D. Biometrics
Answer: C
Explanation:
C: The LDAP directory service is based on a client-server model. The function of LDAP is to enable access to an existing directory. Because it is a client-server model it makes provision for mutual authentication between the two parties.
Q178. A technician wants to securely collect network device configurations and statistics through a scheduled and automated process. Which of the following should be implemented if configuration integrity is most important and a credential compromise should not allow interactive logons?
A. SNMPv3
B. TFTP
C. SSH
D. TLS
Answer: A
Explanation:
Q179. Which of the following can be implemented with multiple bit strength?
A. AES
B. DES
C. SHA-1
D. MD5
E. MD4
Answer: A
Explanation:
AES (a symmetric algorithm) uses key sizes of 128, 192, or 256 bits.
Q180. The information security team does a presentation on social media and advises the participants not to provide too much personal information on social media web sites. This advice would BEST protect people from which of the following?
A. Rainbow tables attacks
B. Brute force attacks
C. Birthday attacks
D. Cognitive passwords attacks
Answer: D
Explanation:
Social Networking Dangers are ‘amplified’ in that social media networks are designed to mass distribute personal messages. If an employee reveals too much personal information it would be easy for miscreants to use the messages containing the personal information to work out possible passwords.