Go beyond this CompTIA SY0-401 guide in addition to throw themselves straight into SY0-401 Review forms when using the unparalleled CompTIA Security+ Certification ¡§C CompTIA SY0-401 Exercise Review Expertise hassle-free Testking. SY0-401 Exercise Review in addition to SY0-401 will be unheard of in Quality in addition to Testking offer 100% make sure that you will cross an individuals SY0-401 Review.
2021 Dec SY0-401 exam cram
Q141. In order to secure additional budget, a security manager wants to quantify the financial impact of a one-time compromise. Which of the following is MOST important to the security manager?
A. Impact
B. SLE
C. ALE
D. ARO
Answer: B
Explanation:
Q142. Which of the following is characterized by an attacker attempting to map out an organization’s staff hierarchy in order to send targeted emails?
A. Whaling
B. Impersonation
C. Privilege escalation
D. Spear phishing
Answer: A
Explanation:
A whaling attack is targeted at company executives. Mapping out an organization’s staff hierarchy to determine who the people at the top are is also part of a whaling attack. Whaling is a specific kind of malicious hacking within the more general category of phishing, which involves hunting for data that can be used by the hacker. In general, phishing efforts are focused on collecting personal data about users. In whaling, the targets are high-ranking bankers, executives or others in powerful positions or job titles. Hackers who engage in whaling often describe these efforts as "reeling in a big fish," applying a familiar metaphor to the process of scouring technologies for loopholes and opportunities for data theft. Those who are engaged in whaling may, for example, hack into specific networks where these powerful individuals work or store sensitive data. They may also set up keylogging or other malware on a work station associated with one of these executives. There are many ways that hackers can pursue whaling, leading C-level or top-level executives in business and government to stay vigilant about the possibility of cyber threats.
Q143. Which of the following is the BEST way to prevent Cross-Site Request Forgery (XSRF) attacks?
A. Check the referrer field in the HTTP header
B. Disable Flash content
C. Use only cookies for authentication
D. Use only HTTPS URLs
Answer: A
Explanation:
XSRF or cross-site request forgery applies to web applications and is an attack that exploits the web application’s trust of a user who known or is supposed to have been authenticated. This is accomplished by changing values in the HTTP header and even in the user’s cookie to falsify access. It can be prevented by embedding additional authentication data into requests that allows the web application to detect requests from unauthorized locations. Examples are synchronizer token patterns, cookie-to-header tokens, and checking the HTTP Referrer header and the HTTP Origin header.
Q144. Which of the following controls can be implemented together to prevent data loss in the event of theft of a mobile device storing sensitive information? (Select TWO).
A. Full device encryption
B. Screen locks
C. GPS
D. Asset tracking
E. Inventory control
Answer: A,B
Explanation:
A: Device encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should the device be stolen.
B: Screen locks are a security feature that requires the user to enter a PIN or a password after a short period of inactivity before they can access the system again. This feature ensures that if your device is left unattended or is lost or stolen, it will be difficult for anyone else to access your data or applications.
Q145. Although a vulnerability scan report shows no vulnerabilities have been discovered, a subsequent penetration test reveals vulnerabilities on the network. Which of the following has been reported by the vulnerability scan?
A. Passive scan
B. Active scan
C. False positive
D. False negative
Answer: D
Explanation:
Most recent SY0-401 test questions:
Q146. A forensic analyst is reviewing electronic evidence after a robbery. Security cameras installed at the site were facing the wrong direction to capture the incident. The analyst ensures the cameras are turned to face the proper direction. Which of the following types of controls is being used?
A. Detective
B. Deterrent
C. Corrective
D. Preventive
Answer: C
Explanation:
A corrective control would be any corrective action taken to correct any existing control that were faulty or wrongly installed – as in this case the cameras were already there, it just had to be adjusted to perform its function as intended.
Q147. Which of the following is a vulnerability associated with disabling pop-up blockers?
A. An alert message from the administrator may not be visible
B. A form submitted by the user may not open
C. The help window may not be displayed
D. Another browser instance may execute malicious code
Answer: D
Explanation: Pop-up blockers prevent websites from opening new browser windows without the users consent. These are often used for advertisements but can also be used to distribute malicious code.
Q148. A security architect wishes to implement a wireless network with connectivity to the company’s internal network. Before they inform all employees that this network is being put in place, the architect wants to roll it out to a small test segment. Which of the following allows for greater secrecy about this network during this initial phase of implementation?
A. Disabling SSID broadcasting
B. Implementing WPA2 - TKIP
C. Implementing WPA2 - CCMP
D. Filtering test workstations by MAC address
Answer: A
Explanation:
Network administrators may choose to disable SSID broadcast to hide their network from unauthorized personnel. However, the SSID is still needed to direct packets to and from the base station, so it’s a discoverable value using a wireless packet sniffer. Thus, the SSID should be disabled if the network isn’t for public use.
Q149. Users are utilizing thumb drives to connect to USB ports on company workstations. A technician is concerned that sensitive files can be copied to the USB drives. Which of the following mitigation techniques would address this concern? (Select TWO).
A. Disable the USB root hub within the OS.
B. Install anti-virus software on the USB drives.
C. Disable USB within the workstations BIOS.
D. Apply the concept of least privilege to USB devices.
E. Run spyware detection against all workstations.
Answer: A,C
Explanation:
A: The USB root hub can be disabled from within the operating system.
C: USB can also be configured and disabled in the system BIOS.
Q150. Which of the following offers the LEAST secure encryption capabilities?
A. TwoFish
B. PAP
C. NTLM
D. CHAP
Answer: B
Explanation:
PAP transmits unencrypted ASCII passwords over the network and is therefore considered insecure. It is used as a last resort when the remote server does not support a stronger authentication protocol, like CHAP or EAP.