High quality of sy0 401 vce free question materials and pack for CompTIA certification for IT specialist, Real Success Guaranteed with Updated sy0 401 practice test pdf dumps vce Materials. 100% PASS CompTIA Security+ Certification exam Today!
Q321. Which of the following is the MOST secure protocol to transfer files?
A. FTP
B. FTPS
C. SSH
D. TELNET
Answer: B
Explanation:
FTPS refers to FTP Secure, or FTP SSL. It is a secure variation of File Transfer Protocol (FTP).
Q322. Which of the following is a hardware-based security technology included in a computer?
A. Symmetric key
B. Asymmetric key
C. Whole disk encryption
D. Trusted platform module
Answer: D
Explanation:
Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores cryptographic keys, passwords, or certificates.
Q323. The main corporate website has a service level agreement that requires availability 100% of the time, even in the case of a disaster. Which of the following would be required to meet this demand?
A. Warm site implementation for the datacenter
B. Geographically disparate site redundant datacenter
C. Localized clustering of the datacenter
D. Cold site implementation for the datacenter
Answer: B
Explanation:
Data backups, redundant systems, and disaster recovery plans all support availability. AN in this case a geographically disparate site redundant datacenter represents 100% availability regardless of whether a disaster event occurs.
Q324. Which of the following is true about asymmetric encryption?
A. A message encrypted with the private key can be decrypted by the same key
B. A message encrypted with the public key can be decrypted with a shared key.
C. A message encrypted with a shared key, can be decrypted by the same key.
D. A message encrypted with the public key can be decrypted with the private key.
Answer: D
Explanation:
Asymmetric algorithms use two keys to encrypt and decrypt data. These asymmetric keys are referred to as the public key and the private key. The sender uses the public key to encrypt a message, and the receiver uses the private key to decrypt the message; what one key does, the other one undoes.
Q325. A user reports being unable to access a file on a network share. The security administrator determines that the file is marked as confidential and that the user does not have the appropriate access level for that file. Which of the following is being implemented?
A. Mandatory access control
B. Discretionary access control
C. Rule based access control
D. Role based access control
Answer: A
Explanation:
Mandatory Access Control (MAC) allows access to be granted or restricted based on the rules of classification. MAC in corporate business environments involve the following four sensitivity levels Public Sensitive Private Confidential
MAC assigns subjects a clearance level and assigns objects a sensitivity label. The name of the clearance level must be the same as the name of the sensitivity label assigned to objects or resources. In this case the file is marked confidential, and the user does not have that clearance level and cannot access the file.
Q326. A security administrator has concerns regarding employees saving data on company provided mobile devices. Which of the following would BEST address the administrator’s concerns?
A. Install a mobile application that tracks read and write functions on the device.
B. Create a company policy prohibiting the use of mobile devices for personal use.
C. Enable GPS functionality to track the location of the mobile devices.
D. Configure the devices so that removable media use is disabled.
Answer: D
Explanation:
Mobile devices can be plugged into computers where they appear as an additional disk in the same way as a USB drive. This is known as removable media. This would enable users to copy company data onto the mobile devices. By disabling removable media use, the users will not be able to copy data onto the mobile devices.
Q327. Which of the following are examples of detective controls?
A. Biometrics, motion sensors and mantraps.
B. Audit, firewall, anti-virus and biometrics.
C. Motion sensors, intruder alarm and audit.
D. Intruder alarm, mantraps and firewall.
Answer: C
Explanation:
Q328. While opening an email attachment, Pete, a customer, receives an error that the application has encountered an unexpected issue and must be shut down. This could be an example of which of the following attacks?
A. Cross-site scripting
B. Buffer overflow
C. Header manipulation
D. Directory traversal
Answer: B
Explanation:
When the user opens an attachment, the attachment is loaded into memory. The error is caused by a memory issue due to a buffer overflow attack.
A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. Although it may occur accidentally through programming error, buffer overflow is an increasingly common type of security attack on data integrity. In buffer overflow attacks, the extra data may contain codes designed to trigger specific actions, in effect sending new instructions to the attacked computer that could, for example, damage the user's files, change data, or disclose confidential information. Buffer overflow attacks are said to have arisen because the C programming language supplied the framework, and poor programming practices supplied the vulnerability.
Q329. A security analyst noticed a colleague typing the following command:
`Telnet some-host 443’
Which of the following was the colleague performing?
A. A hacking attempt to the some-host web server with the purpose of achieving a distributed denial of service attack.
B. A quick test to see if there is a service running on some-host TCP/443, which is being routed correctly and not blocked by a firewall.
C. Trying to establish an insecure remote management session. The colleague should be using SSH or terminal services instead.
D. A mistaken port being entered because telnet servers typically do not listen on port 443.
Answer: B
Explanation:
B: The Telnet program parameters are: telnet <hostname> <port>
<hostname> is the name or IP address of the remote server to connect to.
<port> is the port number of the service to use for the connection.
TCP port 443 provides the HTTPS (used for secure web connections) service; it is the default SSL
port. By running the Telnet some-host 443 command, the security analyst is checking that routing
is done properly and not blocked by a firewall.
Q330. A security administrator is tasked with ensuring that all devices have updated virus definition files before they are allowed to access network resources. Which of the following technologies would be used to accomplish this goal?
A. NIDS
B. NAC
C. DLP
D. DMZ
E. Port Security
Answer: B
Explanation: