Refined of SY0-401 brain dumps materials and training materials for CompTIA certification for IT professionals, Real Success Guaranteed with Updated SY0-401 pdf dumps vce Materials. 100% PASS CompTIA Security+ Certification exam Today!

2021 Jan SY0-401 free exam

Q161. An active directory setting restricts querying to only secure connections. Which of the following ports should be selected to establish a successful connection? 

A. 389 

B. 440 

C. 636 

D. 3286 

Answer:

Explanation: 


Q162. It is MOST important to make sure that the firewall is configured to do which of the following? 

A. Alert management of a possible intrusion. 

B. Deny all traffic and only permit by exception. 

C. Deny all traffic based on known signatures. 

D. Alert the administrator of a possible intrusion. 

Answer:

Explanation: 


Q163. Which of the following best practices makes a wireless network more difficult to find? 

A. Implement MAC filtering 

B. UseWPA2-PSK 

C. Disable SSID broadcast 

D. Power down unused WAPs 

Answer:

Explanation: 

Network administrators may choose to disable SSID broadcast to hide their network from unauthorized personnel. However, the SSID is still needed to direct packets to and from the base station, so it’s a discoverable value using a wireless packet sniffer. Thus, the SSID should be disabled if the network isn’t for public use. 


Q164. The IT department has setup a website with a series of questions to allow end users to reset their own accounts. Which of the following account management practices does this help? 

A. Account Disablements 

B. Password Expiration 

C. Password Complexity 

D. Password Recovery 

Answer:

Explanation: 

People tend to forget their own passwords and because a user’s password in not stored on the operating system, only a hash value is kept and most operating systems allows the administrator to change the value meaning that the password can then be recovered. If you allow end users to reset their own accounts then the password recovery process is helped along. 


Q165. Ann, a security administrator at a call center, has been experiencing problems with users intentionally installing unapproved and occasionally malicious software on their computers. Due to the nature of their jobs, Ann cannot change their permissions. Which of the following would BEST alleviate her concerns? 

A. Deploy a HIDS suite on the users' computers to prevent application installation. 

B. Maintain the baseline posture at the highest OS patch level. 

C. Enable the pop-up blockers on the users' browsers to prevent malware. 

D. Create an approved application list and block anything not on it. 

Answer:

Explanation: 


Up to the immediate present SY0-401 exam answers:

Q166. Which of the following should be done before resetting a user’s password due to expiration? 

A. Verify the user’s domain membership. 

B. Verify the user’s identity. 

C. Advise the user of new policies. 

D. Verify the proper group membership. 

Answer:

Explanation: 

When resetting a password, users have to establish their identity by answering a series of personal questions, using a hardware authentication token, or responding to a password notification e-mail. Users can then either specify a new, unlocked password, or ask that a randomly generated one be provided. This can be done from their workstation login prompt, or through a telephone call. 


Q167. Sara, a security analyst, is trying to prove to management what costs they could incur if their customer database was breached. This database contains 250 records with PII. Studies show that the cost per record for a breach is $300. The likelihood that their database would be breached in the next year is only 5%. Which of the following is the ALE that Sara should report to management for a security breach? 

A. $1,500 

B. $3,750 

C. $15,000 

D. $75,000 

Answer:

Explanation: 

SLE × ARO = ALE, where SLE is equal to asset value (AV) times exposure factor (EF); and ARO 

is the annualized rate of occurrence. 

SLE = 250 x $300; ARO = 5% 

$75000 x 0.05 = $3750 


Q168. Which of the following would be MOST appropriate to secure an existing SCADA system by preventing connections from unauthorized networks? 

A. Implement a HIDS to protect the SCADA system 

B. Implement a Layer 2 switch to access the SCADA system 

C. Implement a firewall to protect the SCADA system 

D. Implement a NIDS to protect the SCADA system 

Answer:

Explanation: 


Q169. A company uses PGP to ensure that sensitive email is protected. Which of the following types of cryptography is being used here for the key exchange? 

A. Symmetric 

B. Session-based 

C. Hashing 

D. Asymmetric 

Answer:

Explanation: 

PGP combines symmetric-key encryption and public-key encryption. The message is encrypted using a symmetric encryption algorithm, which requires a symmetric key. Each symmetric key is used only once and is also called a session key. 


Q170. A server with the IP address of 10.10.2.4 has been having intermittent connection issues. The logs show repeated connection attempts from the following IPs: 

10.10.3.16 

10.10.3.23 

212.178.24.26 

217.24.94.83 

These attempts are overloading the server to the point that it cannot respond to traffic. Which of the following attacks is occurring? 

A. XSS 

B. DDoS 

C. DoS 

D. Xmas 

Answer:

Explanation: 

A Distributed Denial of Service (DDoS) attack is an attack from several different computers targeting a single computer. One common method of attack involves saturating the target machine with external communications requests, so much so that it cannot respond to legitimate traffic, or responds so slowly as to be rendered essentially unavailable. Such attacks usually lead to a server overload. 

A distributed denial-of-service (DDoS) attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. Such an attack is often the result of multiple compromised systems (for example a botnet) flooding the targeted system with traffic. When a server is overloaded with connections, new connections can no longer be accepted. The major advantages to an attacker of using a distributed denial-of-service attack are that multiple machines can generate more attack traffic than one machine, multiple attack machines are harder to turn off than one attack machine, and that the behavior of each attack machine can be stealthier, making it harder to track and shut down. These attacker advantages cause challenges for defense mechanisms. For example, merely purchasing more incoming bandwidth than the current volume of the attack might not help, because the attacker might be able to simply add more attack machines. This after all will end up completely crashing a website for periods of time. Malware can carry DDoS attack mechanisms; one of the better-known examples of this was MyDoom. Its DoS mechanism was triggered on a specific date and time. This type of DDoS involved hardcoding the target IP address prior to release of the malware and no further interaction was necessary to launch the attack.