Want to know Examcollection SY0-401 Exam practice test features? Want to lear more about CompTIA CompTIA Security+ Certification certification experience? Study Downloadable CompTIA SY0-401 answers to Up to the minute SY0-401 questions at Examcollection. Gat a success with an absolute guarantee to pass CompTIA SY0-401 (CompTIA Security+ Certification) test on your first attempt.

2021 Dec SY0-401 test engine

Q41. Which of the following is a concern when encrypting wireless data with WEP? 

A. WEP displays the plain text entire key when wireless packet captures are reassembled 

B. WEP implements weak initialization vectors for key transmission 

C. WEP uses a very weak encryption algorithm 

D. WEP allows for only four pre-shared keys to be configured 

Answer:

Explanation: 

The initialization vector (IV) that WEP uses for encryption is 24-bit, which is quite weak and means that IVs are reused with the same key. By examining the repeating result, it was easy for attackers to crack the WEP secret key. This is known as an IV attack. 


Q42. A company is trying to implement physical deterrent controls to improve the overall security posture of their data center. Which of the following BEST meets their goal? 

A. Visitor logs 

B. Firewall 

C. Hardware locks 

D. Environmental monitoring 

Answer:

Explanation: 

Hardware security involves applying physical security modifications to secure the system(s) and preventing them from leaving the facility. Don’t spend all of your time worrying about intruders coming through the network wire while overlooking the obvious need for physical security. Hardware security involves the use of locks to prevent someone from picking up and carrying out your equipment. 


Q43. An organization must implement controls to protect the confidentiality of its most sensitive data. The company is currently using a central storage system and group based access control for its sensitive information. Which of the following controls can further secure the data in the central storage system? 

A. Data encryption 

B. Patching the system 

C. Digital signatures 

D. File hashing 

Answer:

Explanation: 


Q44. Several users’ computers are no longer responding normally and sending out spam email to the users’ entire contact list. This is an example of which of the following? 

A. Trojan virus 

B. Botnet 

C. Worm outbreak 

D. Logic bomb 

Answer:

Explanation: 

A worm is similar to a virus but is typically less malicious. A virus will usually cause damage to the system or files whereas a worm will usually just spread itself either using the network or by sending emails. A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. Often, it uses a computer network to spread itself, relying on security failures on the target computer to access it. Unlike a computer virus, it does not need to attach itself to an existing program. Worms almost always cause at least some harm to the network, even if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer. 


Q45. Which of the following practices reduces the management burden of access management? 

A. Password complexity policies 

B. User account audit 

C. Log analysis and review 

D. Group based privileges 

Answer:

Explanation: Granting permissions to all members of a group is quicker than individually assigning them to each user. This means an administrator will spend less time on assigning permissions to users who require the same access privileges. 


Up to the minute SY0-401 free draindumps:

Q46. A security administrator must implement a system to allow clients to securely negotiate encryption keys with the company’s server over a public unencrypted communication channel. 

Which of the following implements the required secure key negotiation? (Select TWO). 

A. PBKDF2 

B. Symmetric encryption 

C. Steganography 

D. ECDHE 

E. Diffie-Hellman 

Answer: D,E 

Explanation: 

Elliptic curve Diffie–Hellman (ECDH) is an anonymous key agreement protocol that allows two parties, each having an elliptic curve public-private key pair, to establish a shared secret over an insecure channel. This shared secret may be directly used as a key, or better yet, to derive another key which can then be used to encrypt subsequent communications using a symmetric key cipher. It is a variant of the Diffie–Hellman protocol using elliptic curve cryptography. Note: Adding an ephemeral key to Diffie-Hellman turns it into DHE (which, despite the order of the acronym, stands for Ephemeral Diffie-Hellman). Adding an ephemeral key to Elliptic Curve Diffie-Hellman turns it into ECDHE (again, overlook the order of the acronym letters, it is called Ephemeral Elliptic Curve Diffie-Hellman). It is the ephemeral component of each of these that provides the perfect forward secrecy. 


Q47. A security administrator is segregating all web-facing server traffic from the internal network and restricting it to a single interface on a firewall. Which of the following BEST describes this new network? 

A. VLAN 

B. Subnet 

C. VPN 

D. DMZ 

Answer:

Explanation: 

A DMZ or demilitarized zone (sometimes referred to as a perimeter network) is a physical or logical subnetwork that contains and exposes an organization's external-facing services to a larger and untrusted network, usually the Internet. The purpose of a DMZ is to add an additional layer of security to an organization's local area network (LAN); an external network node only has direct access to equipment in the DMZ, rather than any other part of the network. The name is derived from the term "demilitarized zone", an area between nation states in which military operation is not permitted. 


Q48. An attacker attempted to compromise a web form by inserting the following input into the username field: admin)(|(password=*)) 

Which of the following types of attacks was attempted? 

A. SQL injection 

B. Cross-site scripting 

C. Command injection 

D. LDAP injection 

Answer:

Explanation: 

LDAP Injection is an attack used to exploit web based applications that construct LDAP statements based on user input. When an application fails to properly sanitize user input, it’s possible to modify LDAP statements using a local proxy. This could result in the execution of arbitrary commands such as granting permissions to unauthorized queries, and content modification inside the LDAP tree. The same advanced exploitation techniques available in SQL Injection can be similarly applied in LDAP Injection. In a page with a user search form, the following code is responsible to catch input value and generate a LDAP query that will be used in LDAP database. <input type="text" size=20 name="userName">Insert the username</input> The LDAP query is narrowed down for performance and the underlying code for this function might be the following: String ldapSearchQuery = "(cn=" + $userName + ")"; System.out.println(ldapSearchQuery); 

If the variable $userName is not validated, it could be possible accomplish LDAP injection, as follows: If a user puts “*” on box search, the system may return all the usernames on the LDAP base If a user puts “jonys) (| (password = * ) )”, it will generate the code bellow revealing jonys’ password ( cn = jonys ) ( | (password = * ) ) 


Q49. An organizations' security policy requires that users change passwords every 30 days. After a security audit, it was determined that users were recycling previously used passwords. Which of the following password enforcement policies would have mitigated this issue? 

A. Password history 

B. Password complexity 

C. Password length 

D. Password expiration 

Answer:

Explanation: 


Q50. Which of the following would Matt, a security administrator, use to encrypt transmissions from an internal database to an internal server, keeping in mind that the encryption process must add as little latency to the process as possible? 

A. ECC 

B. RSA 

C. SHA 

D. 3DES 

Answer:

Explanation: 

3DES would be less secure compared to ECC, but 3DES would require less computational power. Triple-DES (3DES) is a technological upgrade of DES. 3DES is still used, even though AES is the preferred choice for government applications. 3DES is considerably harder to break than many other systems, and it’s more secure than DES. It increases the key length to 168 bits (using three 56-bit DES keys).