Our pass rate is high to 98.9% and the similarity percentage between our sy0 401 pdf study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the CompTIA sy0 401 vce exam in just one try? I am currently studying for the CompTIA sy0 401 pdf exam. Latest CompTIA comptia security+ get certified get ahead sy0 401 study guide Test exam practice questions and answers, Try CompTIA comptia security+ study guide sy0 401 Brain Dumps First.
P.S. Realistic SY0-401 preparation are available on Google Drive, GET MORE: https://drive.google.com/open?id=1-cGZus8ct-Srv-6oYT2mo7R9fIxOVla2
New CompTIA SY0-401 Exam Dumps Collection (Question 5 - Question 14)
Question No: 5
A security administrator must implement a secure key exchange protocol that will allow company clients to autonomously exchange symmetric encryption keys over an unencrypted channel. Which of the following MUST be implemented?
A. SHA-256
B. AES
C. Diffie-Hellman
D. 3DES
Answer: C
Explanation:
Diffie-Hellman key exchange (D-H) is a means of securely generating symmetric encryption keys across an insecure medium.
Question No: 6
A security manager is preparing the training portion of an incident plan. Which of the following job roles should receive training on forensics, chain of custody, and the order of volatility?
A. System owners
B. Data custodians
C. First responders
D. Security guards
Answer: C
Question No: 7
Ann a new small business owner decides to implement WiFi access for her customers. There are several other businesses nearby who also have WiFi hot spots. Ann is concerned about security of the wireless network and wants to ensure that only her customers have access. Which of the following choices BEST meets her intent of security and access?
A. Enable port security
B. Enable WPA
C. Disable SSID broadcasting
D. Enable WEP
Answer: B
Question No: 8
A security technician has been tasked with opening ports on a firewall to allow users to browse the internet. Which of the following ports should be opened on the firewall? (Select Three)
A. 22
B. 53
C. 80
D. 110
E. 443
F. 445
G. 8080
Answer: C,E,G
Question No: 9
Digital Signatures provide which of the following?
A. Confidentiality
B. Authorization
C. Integrity
D. Authentication
E. Availability
Answer: C
Explanation:
A digital signature is similar in function to a standard signature on a document. It validates the integrity of the message and the sender.
Question No: 10
A security technician would like to use ciphers that generate ephemeral keys for secure communication. Which of the following algorithms support ephemeral modes? (Select TWO)
A. Diffie-Hellman
B. RC4
C. RIPEMO
D. NTLMv2
E. PAP
F. RSA
Answer: A,F
Question No: 11
A systems administrator has made several unauthorized changes to the server cluster that resulted in a major outage. This event has been brought to the attention of the Chief Information Office (CIO) and he has requested immediately implement a risk mitigation strategy to prevent this type of event from reoccurring. Which of the following would be the BEST risk mitigation strategy to implement in order to meet this request?
A. Asset Management
B. Change Management
C. Configuration Management
D. Incident Management
Answer: B
Question No: 12
Which of the following is true about PKI? (Select TWO).
A. When encrypting a message with the public key, only the public key can decrypt it.
B. When encrypting a message with the private key, only the private key can decrypt it.
C. When encrypting a message with the public key, only the CA can decrypt it.
D. When encrypting a message with the public key, only the private key can decrypt it.
E. When encrypting a message with the private key, only the public key can decrypt it.
Answer: D,E
Explanation:
E: You encrypt data with the private key and decrypt with the public key, though the opposite is much more frequent.
Public-key cryptography, also known as asymmetric cryptography, is a class of cryptographic protocols based on algorithms that require two separate keys, one of which is secret (or private) and one of which is public. Although different, the two parts of this key pair are mathematically linked.
D: In a PKI the sender encrypts the data using the receiver's public key. The receiver decrypts the data using his own private key.
PKI is a two-key, asymmetric system with four main components: certificate authority (CA), registration authority (RA), RSA (the encryption algorithm), and digital certificates. Messages are encrypted with a public key and decrypted with a private key.
A PKI example:
You want to send an encrypted message to Jordan, so you request his public key. Jordan responds by sending you that key.
You use the public key he sends you to encrypt the message. You send the message to him.
Jordan uses his private key to decrypt the message.
Question No: 13
Which of the following is a best practice when setting up a client to use the LDAPS protocol with a server?
A. The client should follow LDAP referrals to other secure servers on the network
B. The client should trust the CA that signed the serveru2021s certificate
C. The client should present a self-signed certificate to the server
D. The client should have access to port 389 on the server
Answer: C
Question No: 14
Which of the following allows an organization to store a sensitive PKI component with a trusted third party?
A. Trust model
B. Public Key Infrastructure
C. Private key
D. Key escrow
Answer: D
Explanation:
Sensitive PKI data, such as private keys, can be put into key escrow data. The key escrow data can be kept at a trusted third party.
Key escrow is an arrangement in which the keys needed to decrypt encrypted data are held in escrow so that, under certain circumstances, an authorized third party may gain access to those keys. These third parties may include businesses, who may want access to employees' private communications, or governments, who may wish to be able to view the contents of encrypted communications.
Recommend!! Get the Realistic SY0-401 dumps in VCE and PDF From Certleader, Welcome to download: https://www.certleader.com/SY0-401-dumps.html (New 1781 Q&As Version)