It is impossible to pass CompTIA sy0 401 practice test exam without any help in the short term. Come to Testking soon and find the most advanced, correct and guaranteed CompTIA security+ sy0 401 practice questions. You will get a surprising result by our Rebirth CompTIA Security+ Certification practice guides.
Q201. A system administrator attempts to ping a hostname and the response is 2001:4860:0:2001::68.
Which of the following replies has the administrator received?
A. The loopback address
B. The local MAC address
C. IPv4 address
D. IPv6 address
Answer: D
Explanation:
IPv6 addresses are 128-bits in length. An IPv6 address is represented as eight groups of four hexadecimal digits, each group representing 16 bits (two octets). The groups are separated by colons (:). The hexadecimal digits are case-insensitive, but IETF recommendations suggest the use of lower case letters. The full representation of eight 4-digit groups may be simplified by several techniques, eliminating parts of the representation.
Q202. The process of making certain that an entity (operating system, application, etc.) is as secure as it can be is known as:
A. Stabilizing
B. Reinforcing
C. Hardening
D. Toughening
Answer: C
Explanation:
Hardening is the process of securing a system by reducing its surface of vulnerability. Reducing the surface of vulnerability typically includes removing unnecessary functions and features, removing unnecessary usernames or logins and disabling unnecessary services.
Q203. A user ID and password together provide which of the following?
A. Authorization
B. Auditing
C. Authentication
D. Identification
Answer: C
Explanation:
Authentication generally requires one or more of the following:
Something you know: a password, code, PIN, combination, or secret phrase.
Something you have: a smart card, token device, or key.
Something you are: a fingerprint, a retina scan, or voice recognition; often referred to as
biometrics, discussed later in this chapter.
Somewhere you are: a physical or logical location.
Something you do: typing rhythm, a secret handshake, or a private knock.
Q204. Configuring the mode, encryption methods, and security associations are part of which of the following?
A. IPSec
B. Full disk encryption
C. 802.1x
D. PKI
Answer: A
Explanation:
IPSec can operate in tunnel mode or transport mode. It uses symmetric cryptography to provide encryption security. Furthermore, it makes use of Internet Security Association and Key Management Protocol (ISAKMP).
Q205. Jane, a security administrator, needs to implement a secure wireless authentication method that uses a remote RADIUS server for authentication.
Which of the following is an authentication method Jane should use?
A. WPA2-PSK
B. WEP-PSK
C. CCMP
D. LEAP
Answer: D
Explanation:
A RADIUS server is a server with a database of user accounts and passwords used as a central authentication database for users requiring network access. The Lightweight Extensible Authentication Protocol (LEAP) is a proprietary wireless LAN authentication method developed by Cisco Systems. Important features of LEAP are dynamic WEP keys and mutual authentication (between a wireless client and a RADIUS server). LEAP allows for clients to reauthenticate frequently; upon each successful authentication, the clients acquire a new WEP key (with the hope that the WEP keys don't live long enough to be cracked). LEAP may be configured to use TKIP instead of dynamic WEP.
Q206. Which of the following protocols uses TCP instead of UDP and is incompatible with all previous versions?
A. TACACS
B. XTACACS
C. RADIUS
D. TACACS+
Answer: D
Explanation:
TACACS+ is not compatible with TACACS and XTACACS, and makes use of TCP.
Q207. Which of the following offers the LEAST amount of protection against data theft by USB drives?
A. DLP
B. Database encryption
C. TPM
D. Cloud computing
Answer: D
Explanation:
Cloud computing refers to performing data processing and storage elsewhere, over a network connection, rather than locally. Because users have access to the data, it can easily be copied to a USB device.
Q208. Pete, an employee, is terminated from the company and the legal department needs documents from his encrypted hard drive. Which of the following should be used to accomplish this task? (Select TWO).
A. Private hash
B. Recovery agent
C. Public key
D. Key escrow
E. CRL
Answer: B,D
Explanation:
B: If an employee leaves and we need access to data he has encrypted, we can use the key recovery agent to retrieve his decryption key. We can use this recovered key to access the data. A key recovery agent is an entity that has the ability to recover a key, key components, or plaintext messages as needed. As opposed to escrow, recovery agents are typically used to access information that is encrypted with older keys.
D: If a key need to be recovered for legal purposes the key escrow can be used. Key escrow addresses the possibility that a third party may need to access keys. Under the conditions of key escrow, the keys needed to encrypt/decrypt data are held in an escrow account (think of the term as it relates to home mortgages) and made available if that third party requests them. The third party in question is generally the government, but it could also be an employer if an employee’s private messages have been called into question.
Q209. A company has purchased an application that integrates into their enterprise user directory for account authentication. Users are still prompted to type in their usernames and passwords. Which of the following types of authentication is being utilized here?
A. Separation of duties
B. Least privilege
C. Same sign-on
D. Single sign-on
Answer: C
Explanation: Same sign-on requires the users to re-enter their credentials but it allows them to use the same credentials that they use to sign on locally.
Q210. The security administrator has been tasked to update all the access points to provide a more secure connection. All access points currently use WPA TKIP for encryption. Which of the following would be configured to provide more secure connections?
A. WEP
B. WPA2 CCMP
C. Disable SSID broadcast and increase power levels
D. MAC filtering
Answer: B
Explanation:
CCMP makes use of 128-bit AES encryption with a 48-bit initialization vector. This initialization vector makes cracking a bit more difficult.