Your It all multi-level is growing quickly. Its got designed room regarding countless domains, and they are generally accelerating quickly far too. Your CompTIA is definitely the one of the many Career fields today thats accelerating together with every single day. Usually the one with the favorite accreditation today includes a great importance inside the market sectors. Your CompTIA Business did very hard to accomplish that standard, for this reason many people created any official certifications method to the people who wishes to work expert later on by just CompTIA.

2021 Jan SY0-401 test question

Q111. Which of the following is the LEAST volatile when performing incident response procedures? 

A. Registers 

B. RAID cache 

C. RAM 

D. Hard drive 

Answer:

Explanation: 

An example of OOV in an investigation may be RAM, hard drive data, CDs/DVDs, and printouts. Of the options stated in the question the hard drive would be the least volatile. 


Q112. Sara, a company’s security officer, often receives reports of unauthorized personnel having access codes to the cipher locks of secure areas in the building. Sara should immediately implement which of the following? 

A. Acceptable Use Policy 

B. Physical security controls 

C. Technical controls 

D. Security awareness training 

Answer:

Explanation: 

Security awareness and training include explaining policies, procedures, and current threats to both users and management. A security awareness and training program can do much to assist in your efforts to improve and maintain security. A good security awareness training program for the entire organization should cover the following areas: Importance of security; Responsibilities of people in the organization; Policies and procedures; Usage policies; Account and password-selection criteria as well as Social engineering prevention. 


Q113. A security engineer is reviewing log data and sees the output below: 

POST: /payload.php HTTP/1.1 HOST: localhost Accept: */* Referrer: http://localhost/ ******* HTTP/1.1 403 Forbidden Connection: close 

Log: Access denied with 403. Pattern matches form bypass Which of the following technologies was MOST likely being used to generate this log? 

A. Host-based Intrusion Detection System 

B. Web application firewall 

C. Network-based Intrusion Detection System 

D. Stateful Inspection Firewall 

E. URL Content Filter 

Answer:

Explanation: 

A web application firewall is a device, server add-on, virtual service, or system filter that defines a strict set of communication rules for a website and all visitors. It’s intended to be an application-specific firewall to prevent cross-site scripting, SQL injection, and other web application attacks. 


Q114. Which of the following attacks targets high level executives to gain company information? 

A. Phishing 

B. Whaling 

C. Vishing 

D. Spoofing 

Answer:

Explanation: 

Whaling is a specific kind of malicious hacking within the more general category of phishing, which involves hunting for data that can be used by the hacker. In general, phishing efforts are focused on collecting personal data about users. In whaling, the targets are high-ranking bankers, executives or others in powerful positions or job titles. Hackers who engage in whaling often describe these efforts as "reeling in a big fish," applying a familiar metaphor to the process of scouring technologies for loopholes and opportunities for data theft. Those who are engaged in whaling may, for example, hack into specific networks where these powerful individuals work or store sensitive data. They may also set up keylogging or other malware on a work station associated with one of these executives. There are many ways that hackers can pursue whaling, leading C-level or top-level executives in business and government to stay vigilant about the possibility of cyber threats. 


Q115. Which of the following MOST interferes with network-based detection techniques? 

A. Mime-encoding 

B. SSL 

C. FTP 

D. Anonymous email accounts 

Answer:

Explanation: 

Secure Sockets Layer (SSL) is used to establish secure TCP communication between two machines by encrypting the communication. Encrypted communications cannot easily be inspected for anomalies by network-based intrusion detection systems (NIDS). 


Renewal SY0-401 braindumps:

Q116. A security analyst discovered data such as images and word documents hidden within different types of files. Which of the following cryptographic concepts describes what was discovered? 

A. Symmetric encryption 

B. Non-repudiation 

C. Steganography 

D. Hashing 

Answer:

Explanation: 

Steganography is the process of concealing a file, message, image, or video within another file, message, image, or video. Note: The advantage of steganography over cryptography alone is that the intended secret message does not attract attention to itself as an object of scrutiny. Plainly visible encrypted messages, no matter how unbreakable will arouse interest, and may in themselves be incriminating in countries where encryption is illegal. Thus, whereas cryptography is the practice of protecting the contents of a message alone, steganography is concerned with concealing the fact that a secret message is being sent, as well as concealing the contents of the message. 


Q117. The system administrator notices that their application is no longer able to keep up with the large amounts of traffic their server is receiving daily. Several packets are dropped and sometimes the server is taken offline. Which of the following would be a possible solution to look into to ensure their application remains secure and available? 

A. Cloud computing 

B. Full disk encryption 

C. Data Loss Prevention 

D. HSM 

Answer:

Explanation: 

Cloud computing means hosting services and data on the Internet instead of hosting it locally. There is thus no issue when the company’s server is taken offline. 


Q118. Pete, the security administrator, has been notified by the IDS that the company website is under attack. Analysis of the web logs show the following string, indicating a user is trying to post a comment on the public bulletin board. 

INSERT INTO message `<script>source=http://evilsite</script> 

This is an example of which of the following? 

A. XSS attack 

B. XML injection attack 

C. Buffer overflow attack 

D. SQL injection attack 

Answer:

Explanation: 

The <script> </script> tags indicate that script is being inserted. Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications. XSS enables attackers to inject client-side script into Web pages viewed by other users. Cross-site scripting uses known vulnerabilities in web-based applications, their servers, or plug-in systems on which they rely. Exploiting one of these, attackers fold malicious content into the content being delivered from the compromised site. When the resulting combined content arrives at the client-side web browser, it has all been delivered from the trusted source, and thus operates under the permissions granted to that system. By finding ways of injecting malicious scripts into web pages, an attacker can gain elevated access-privileges to sensitive page content, session cookies, and a variety of other information maintained by the browser on behalf of the user. 


Q119. A new web server has been provisioned at a third party hosting provider for processing credit card transactions. The security administrator runs the netstat command on the server and notices that ports 80, 443, and 3389 are in a `listening’ state. No other ports are open. Which of the following services should be disabled to ensure secure communications? 

A. HTTPS 

B. HTTP 

C. RDP 

D. TELNET 

Answer:

Explanation: 

HTTP uses port 80. HTTP does not provide encrypted communications. Port 443 is used by HTTPS which provides secure encrypted communications. Port 3389 is used by RDP (Remote Desktop Protocol) which does provide encrypted communications. 


Q120. Which of the following concepts is a term that directly relates to customer privacy considerations? 

A. Data handling policies 

B. Personally identifiable information 

C. Information classification 

D. Clean desk policies 

Answer:

Explanation: 

Personally identifiable information (PII) is a catchall for any data that can be used to uniquely identify an individual. This data can be anything from the person’s name to a fingerprint (think biometrics), credit card number, or patient record. This has a direct relation to customer privacy considerations.