Most of our own customers keep trust on us because of our own warranty that around 95% passing guarantee. In any other case, full refund as well as another products. We additionally provide with consolation for the unsuccessful customers. Without any delay if they fail the CompTIA CompTIA exam. Simply contact our own Customer Help to claim the actual refund or exchange the products. Further far more, you have to attach the actual failed transcript.
2021 Dec SY0-401 torrent
Q651. A small company wants to employ PKI. The company wants a cost effective solution that must be simple and trusted. They are considering two options: X.509 and PGP. Which of the following would be the BEST option?
A. PGP, because it employs a web-of-trust that is the most trusted form of PKI.
B. PGP, because it is simple to incorporate into a small environment.
C. X.509, because it uses a hierarchical design that is the most trusted form of PKI.
D. X.509, because it is simple to incorporate into a small environment.
Answer: B
Explanation:
Q652. Methods to test the responses of software and web applications to unusual or unexpected inputs are known as:
A. Brute force.
B. HTML encoding.
C. Web crawling.
D. Fuzzing.
Answer: D
Explanation:
Fuzzing is a software testing technique that involves providing invalid, unexpected, or random data to as inputs to a computer program. The program is then monitored for exceptions such as crashes, or failed validation, or memory leaks.
Q653. The security administrator is observing unusual network behavior from a workstation. The workstation is communicating with a known malicious destination over an encrypted tunnel. A full antivirus scan, with an updated antivirus definition file, does not show any signs of infection.
Which of the following has happened on the workstation?
A. Zero-day attack
B. Known malware infection
C. Session hijacking
D. Cookie stealing
Answer: A
Explanation:
The vulnerability was unknown in that the full antivirus scan did not detect it. This is zero day vulnerability. A zero day vulnerability refers to a hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it—this exploit is called a zero day attack. Uses of zero day attacks can include infiltrating malware, spyware or allowing unwanted access to user information. The term “zero day” refers to the unknown nature of the hole to those outside of the hackers, specifically, the developers. Once the vulnerability becomes known, a race begins for the developer, who must protect users.
Q654. A security administrator needs a locally stored record to remove the certificates of a terminated employee. Which of the following describes a service that could meet these requirements?
A. OCSP
B. PKI
C. CA
D. CRL
Answer: D
Explanation:
A CRL is a locally stored record containing revoked certificates and revoked keys.
Q655. A network administrator has been tasked with securing the WLAN. Which of the following cryptographic products would be used to provide the MOST secure environment for the WLAN?
A. WPA2 CCMP
B. WPA
C. WPA with MAC filtering
D. WPA2 TKIP
Answer: A
Explanation:
CCMP is the standard encryption protocol for use with the WPA2 standard and is much more secure than the WEP protocol and TKIP protocol of WPA. CCMP provides the following security services: Data confidentiality; ensures only authorized parties can access the information Authentication; provides proof of genuineness of the user Access control in conjunction with layer management
Because CCMP is a block cipher mode using a 128-bit key, it is secure against attacks to the 264 steps of operation.
Most recent SY0-401 exam topics:
Q656. In order for Sara, a client, to logon to her desktop computer, she must provide her username, password, and a four digit PIN. Which of the following authentication methods is Sara using?
A. Three factor
B. Single factor
C. Two factor
D. Four factor
Answer: B
Explanation:
Single-factor authentication is when only one authentication factor is used. In this case, Something you know is being used as an authentication factor. Username, password, and PIN form part of Something you know.
Q657. All executive officers have changed their monitor location so it cannot be easily viewed when passing by their offices. Which of the following attacks does this action remediate?
A. Dumpster Diving
B. Impersonation
C. Shoulder Surfing
D. Whaling
Answer: C
Explanation:
Viewing confidential information on someone’s monitor is known as shoulder surfing. By moving their monitors so they cannot be seen, the executives are preventing users passing by ‘shoulder surfing’.
Shoulder surfing is using direct observation techniques, such as looking over someone's shoulder, to get information. Shoulder surfing is an effective way to get information in crowded places because it's relatively easy to stand next to someone and watch as they fill out a form, enter a PIN number at an ATM machine, or use a calling card at a public pay phone. Shoulder surfing can also be done long distance with the aid of binoculars or other vision-enhancing devices. To prevent shoulder surfing, experts recommend that you shield paperwork or your keypad from view by using your body or cupping your hand.
Q658. When implementing fire suppression controls in a datacenter it is important to:
A. Select a fire suppression system which protects equipment but may harm technicians.
B. Ensure proper placement of sprinkler lines to avoid accidental leakage onto servers.
C. Integrate maintenance procedures to include regularly discharging the system.
D. Use a system with audible alarms to ensure technicians have 20 minutes to evacuate.
Answer: B
Explanation:
Water-based systems can cause serious damage to all electrical equipment and the sprinkler lines in a fire suppression control system should be placed in such a way so as not to leak onto computers when it do get activated because it works with overhead nozzles.
Q659. A security analyst noticed a colleague typing the following command:
`Telnet some-host 443’
Which of the following was the colleague performing?
A. A hacking attempt to the some-host web server with the purpose of achieving a distributed denial of service attack.
B. A quick test to see if there is a service running on some-host TCP/443, which is being routed correctly and not blocked by a firewall.
C. Trying to establish an insecure remote management session. The colleague should be using SSH or terminal services instead.
D. A mistaken port being entered because telnet servers typically do not listen on port 443.
Answer: B
Explanation:
B: The Telnet program parameters are: telnet <hostname> <port>
<hostname> is the name or IP address of the remote server to connect to.
<port> is the port number of the service to use for the connection.
TCP port 443 provides the HTTPS (used for secure web connections) service; it is the default SSL
port. By running the Telnet some-host 443 command, the security analyst is checking that routing
is done properly and not blocked by a firewall.
Q660. A CRL is comprised of.
A. Malicious IP addresses.
B. Trusted CA’s.
C. Untrusted private keys.
D. Public keys.
Answer: D
Explanation:
A certificate revocation list (CRL) is created and distributed to all CAs to revoke a certificate or
key.
By checking the CRL you can check if a particular certificate has been revoked.
The certificates for which a CRL should be maintained are often X.509/public key certificates, as
this format is commonly used by PKI schemes.