Act now and download your CompTIA comptia security+ get certified get ahead sy0 401 study guide test today! Do not waste time for the worthless CompTIA sy0 401 vce tutorials. Download Update CompTIA CompTIA Security+ Certification exam with real questions and answers and begin to learn CompTIA sy0 401 braindump with a classic professional.

Q61. A certificate used on an ecommerce web server is about to expire. Which of the following will occur if the certificate is allowed to expire? 

A. The certificate will be added to the Certificate Revocation List (CRL). 

B. Clients will be notified that the certificate is invalid. 

C. The ecommerce site will not function until the certificate is renewed. 

D. The ecommerce site will no longer use encryption. 

Answer:

Explanation: 

A similar process to certificate revocation will occur when a certificate is allowed to expire. Notification will be sent out to clients of the invalid certificate. The process of revoking a certificate begins when the CA is notified that a particular certificate needs to be revoked. This must be done whenever the private key becomes known. The owner of a certificate can request that it be revoked at any time, or the administrator can make the request. 


Q62. The Chief Security Officer (CSO) is concerned about misuse of company assets and wishes to determine who may be responsible. Which of the following would be the BEST course of action? 

A. Create a single, shared user account for every system that is audited and logged based upon time of use. 

B. Implement a single sign-on application on equipment with sensitive data and high-profile shares. 

C. Enact a policy that employees must use their vacation time in a staggered schedule. 

D. Separate employees into teams led by a person who acts as a single point of contact for observation purposes. 

Answer:

Explanation: 

A policy that states employees should use their vacation time in a staggered schedule is a way of employing mandatory vacations. A mandatory vacation policy requires all users to take time away from work while others step in and do the work of that employee on vacation. This will afford the CSO the opportunity to see who is using the company assets responsibly and who is abusing it. 


Q63. A team of firewall administrators have access to a `master password list’ containing service account passwords. Which of the following BEST protects the master password list? 

A. File encryption 

B. Password hashing 

C. USB encryption 

D. Full disk encryption 

Answer:

Explanation: 

File encryption can be used to protect the contents of individual files. It uses randomly generated symmetric encryption keys for the file and stores the key in an encrypted form using the user’s public key on the encrypted file. 


Q64. Which of the following is the MOST intrusive type of testing against a production system? 

A. White box testing 

B. War dialing 

C. Vulnerability testing 

D. Penetration testing 

Answer:

Explanation: 

Penetration testing is the most intrusive type of testing because you are actively trying to circumvent the system’s security controls to gain access to the system. Penetration testing (also called pen testing) is the practice of testing a computer system, network or Web application to find vulnerabilities that an attacker could exploit. Pen tests can be automated with software applications or they can be performed manually. Either way, the process includes gathering information about the target before the test (reconnaissance), identifying possible entry points, attempting to break in (either virtually or for real) and reporting back the findings. The main objective of penetration testing is to determine security weaknesses. A pen test can also be used to test an organization's security policy compliance, its employees' security awareness and the organization's ability to identify and respond to security incidents. Penetration tests are sometimes called white hat attacks because in a pen test, the good guys are attempting to break in. 

Pen test strategies include: 

Targeted testing Targeted testing is performed by the organization's IT team and the penetration testing team working together. It's sometimes referred to as a "lights-turned-on" approach because everyone can see the test being carried out. 

External testing This type of pen test targets a company's externally visible servers or devices including domain name servers (DNS), e-mail servers, Web servers or firewalls. The objective is to find out if an outside attacker can get in and how far they can get in once they've gained access. 

Internal testing This test mimics an inside attack behind the firewall by an authorized user with standard access privileges. This kind of test is useful for estimating how much damage a disgruntled employee could cause. 

Blind testing A blind test strategy simulates the actions and procedures of a real attacker by severely limiting the information given to the person or team that's performing the test beforehand. Typically, they may only be given the name of the company. Because this type of test can require a considerable amount of time for reconnaissance, it can be expensive. 

Double blind testing Double blind testing takes the blind test and carries it a step further. In this type of pen test, only one or two people within the organization might be aware a test is being conducted. Double-blind tests can be useful for testing an organization's security monitoring and incident identification as well as its response procedures. 


Q65. A security administrator wants to check user password complexity. Which of the following is the 

BEST tool to use? 

A. Password history 

B. Password logging 

C. Password cracker 

D. Password hashing 

Answer:

Explanation: 

The most important countermeasure against password crackers is to use long, complex passwords, which are changed regularly. Password-cracking tools compare hashes from potential passwords with the hashes stored in the accounts database. Each potential password is hashed, and that hash value is compared with the accounts database. If a match is found, the password-cracker tool has discovered a password for a user account. 


Q66. An administrator wants to ensure that the reclaimed space of a hard drive has been sanitized while the computer is in use. Which of the following can be implemented? 

A. Cluster tip wiping 

B. Individual file encryption 

C. Full disk encryption 

D. Storage retention 

Answer:

Explanation: 

A computer hard disk is divided into small segments called clusters. A file usually spans several clusters but rarely fills the last cluster, which is called cluster tip. This cluster tip area may contain file data because the size of the file you are working with may grow or shrink and needs to be securely deleted. 


Q67. When reviewing a digital certificate for accuracy, which of the following would Matt, a security administrator, focus on to determine who affirms the identity of the certificate owner? 

A. Trust models 

B. CRL 

C. CA 

D. Recovery agent 

Answer:

Explanation: 

A certificate authority (CA) is an organization that is responsible for issuing, revoking, and distributing certificates. The CA affirms the identity of the certificate owner. 


Q68. Which of the following is an effective way to ensure the BEST temperature for all equipment within a datacenter? 

A. Fire suppression 

B. Raised floor implementation 

C. EMI shielding 

D. Hot or cool aisle containment 

Answer:

Explanation: 

There are often multiple rows of servers located in racks in server rooms. The rows of servers are known as aisles, and they can be cooled as hot aisles and cold aisles. With a hot aisle, hot air outlets are used to cool the equipment, whereas with cold aisles, cold air intake is used to cool the equipment. Combining the two, you have cold air intake from below the aisle and hot air outtake above it, providing constant circulation. This is a more effective way of controlling temperature to safeguard your equipment in a data center. 


Q69. The system administrator has deployed updated security controls for the network to limit risk of attack. The security manager is concerned that controls continue to function as intended to maintain appropriate security posture. 

Which of the following risk mitigation strategies is MOST important to the security manager? 

A. User permissions 

B. Policy enforcement 

C. Routine audits 

D. Change management 

Answer:

Explanation: 

After you have implemented security controls based on risk, you must perform routine audits. These audits should include reviews of user rights and permissions as well as specific events. You should pay particular attention to false positives and negatives. 


Q70. Which of the following implementation steps would be appropriate for a public wireless hot-spot? 

A. Reduce power level 

B. Disable SSID broadcast 

C. Open system authentication 

D. MAC filter 

Answer:

Explanation: 

For a public wireless hot-spot, you want members of the public to be able to access the wireless network without having to provide them with a password. Therefore, Open System Authentication is the best solution. 

Open System Authentication (OSA) is a process by which a computer can gain access to a wireless network that uses the Wired Equivalent Privacy (WEP) protocol. With OSA, a computer equipped with a wireless modem can access any WEP network and receive files that are not encrypted. For OSA to work, the service set identifier (SSID) of the computer should match the SSID of the wireless access point. The SSID is a sequence of characters that uniquely names a wireless local area network (WLAN). The process occurs in three steps. First, the computer sends a request for authentication to the access point. Then the access point generates an authentication code, usually at random, intended for use only during that session. Finally, the computer accepts the authentication code and becomes part of the network as long as the session continues and the computer remains within range of the original access point. If it is necessary to exchange encrypted data between a WEP network access point and a wireless-equipped computer, a stronger authentication process called Shared Key Authentication (SKA) is required.