CompTIA SY0-401 exam braindumps covers the core demands appearing in the SY0-401 actual test. The achievement ratio will probably be enhanced with the aid of SY0-401 certification practice questions and answers, and also the confidence will be boosted accordingly. Youll definitely acquire through the CompTIA CompTIA SY0-401 exam. Normally, we present full refund or even another free of charge CompTIA SY0-401 product for you personally. Dont acquire stressed about the SY0-401 real exam. As long as anyone prepare this by our CompTIA practice demos step by step, you may be surely pass. Dont wait for too lengthy, change your current career and also change your life.
2021 Nov SY0-401 practice test
Q411. Which of the following is the below pseudo-code an example of?
IF VARIABLE (CONTAINS NUMBERS = TRUE) THEN EXIT
A. Buffer overflow prevention
B. Input validation
C. CSRF prevention
D. Cross-site scripting prevention
Answer: B
Explanation:
Input validation is a defensive technique intended to mitigate against possible user input attacks, such as buffer overflows and fuzzing. Input validation checks every user input submitted to the application before processing that input. The check could be a length, a character type, a language type, or a domain.
Q412. Which of the following is characterized by an attack against a mobile device?
A. Evil twin
B. Header manipulation
C. Blue jacking
D. Rogue AP
Answer: C
Explanation:
A bluejacking attack is where unsolicited messages are sent to mobile devices using Bluetooth. Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs or laptop computers, sending a vCard which typically contains a message in the name field (i.e., for bluedating or bluechat) to another Bluetooth-enabled device via the OBEX protocol. Bluetooth has a very limited range, usually around 10 metres (32.8 ft) on mobile phones, but laptops can reach up to 100 metres (328 ft) with powerful (Class 1) transmitters. Bluejacking is usually harmless, but because bluejacked people generally don't know what has happened, they may think that their phone is malfunctioning. Usually, a bluejacker will only send a text message, but with modern phones it's possible to send images or sounds as well. Bluejacking has been used in guerrilla marketing campaigns to promote advergames.
Q413. Company A sends a PGP encrypted file to company B. If company A used company B’s public key to encrypt the file, which of the following should be used to decrypt data at company B?
A. Registration
B. Public key
C. CRLs
D. Private key
Answer: D
Explanation:
In a PKI the sender encrypts the data using the receiver's public key. The receiver decrypts the
data using his own private key.
PKI is a two-key, asymmetric system with four main components: certificate authority (CA),
registration authority (RA), RSA (the encryption algorithm), and digital certificates. Messages are
encrypted with a public key and decrypted with a private key.
A PKI example:
1.
You want to send an encrypted message to Jordan, so you request his public key.
2.
Jordan responds by sending you that key.
3.
You use the public key he sends you to encrypt the message.
4.
You send the message to him.
5.
Jordan uses his private key to decrypt the message.
Q414. Which of the following types of data encryption would Matt, a security administrator, use to encrypt a specific table?
A. Full disk
B. Individual files
C. Database
D. Removable media
Answer: C
Explanation:
A table is stored in a database. Database encryption makes use of cryptography functions that are built into the database software to encrypt the data stored in the database. This often offers granular encryption options which allows for the encryptions of the entire database, specific database tables, or specific database fields, such as a credit card number field.
Q415. A company hired Joe, an accountant. The IT administrator will need to create a new account for
Joe. The company uses groups for ease of management and administration of user accounts.
Joe will need network access to all directories, folders and files within the accounting department.
Which of the following configurations will meet the requirements?
A. Create a user account and assign the user account to the accounting group.
B. Create an account with role-based access control for accounting.
C. Create a user account with password reset and notify Joe of the account creation.
D. Create two accounts: a user account and an account with full network administration rights.
Answer: B
Explanation:
Role-based Access Control is basically based on a user’s job description. When a user is assigned a specific role in an environment, that user’s access to objects is granted based on the required tasks of that role. The IT administrator should, therefore, create an account with role-based access control for accounting for Joe.
Improve SY0-401 practice test:
Q416. A security analyst performs the following activities: monitors security logs, installs surveillance cameras and analyzes trend reports. Which of the following job responsibilities is the analyst performing? (Select TWO).
A. Detect security incidents
B. Reduce attack surface of systems
C. Implement monitoring controls
D. Hardening network devices
E. Prevent unauthorized access
Answer: A,C
Explanation:
Q417. Which of the following is the MOST secure protocol to transfer files?
A. FTP
B. FTPS
C. SSH
D. TELNET
Answer: B
Explanation:
FTPS refers to FTP Secure, or FTP SSL. It is a secure variation of File Transfer Protocol (FTP).
Q418. Users are utilizing thumb drives to connect to USB ports on company workstations. A technician is concerned that sensitive files can be copied to the USB drives. Which of the following mitigation techniques would address this concern? (Select TWO).
A. Disable the USB root hub within the OS.
B. Install anti-virus software on the USB drives.
C. Disable USB within the workstations BIOS.
D. Apply the concept of least privilege to USB devices.
E. Run spyware detection against all workstations.
Answer: A,C
Explanation:
A: The USB root hub can be disabled from within the operating system.
C: USB can also be configured and disabled in the system BIOS.
Q419. An administrator implements SELinux on a production web server. After implementing this, the web server no longer serves up files from users' home directories. To rectify this, the administrator creates a new policy as the root user. This is an example of which of the following? (Select TWO).
A. Enforcing SELinux in the OS kernel is role-based access control
B. Enforcing SELinux in the OS kernel is rule-based access control
C. The policy added by the root user is mandatory access control
D. Enforcing SELinux in the OS kernel is mandatory access control
E. The policy added by the root user is role-based access control
F. The policy added by the root user is rule-based access control
Answer: D,F
Explanation:
Q420. A system administrator is notified by a staff member that their laptop has been lost. The laptop contains the user’s digital certificate. Which of the following will help resolve the issue? (Select TWO).
A. Revoke the digital certificate
B. Mark the key as private and import it
C. Restore the certificate using a CRL
D. Issue a new digital certificate
E. Restore the certificate using a recovery agent
Answer: A,D
Explanation:
The user's certificate must be revoked to ensure that the stolen computer cannot access
resources the user has had access to.
To grant the user access to the resources he must be issued a new certificate.