Any CompTIA SY0-401 is one of the most in-demand accreditation that is capable of attracting virtually all corporations. Firms would certainly quickly generate an individual, should you be CompTIA SY0-401 qualified. Obtaining the SY0-401 makes an individuals return to incredibly strong and you could well be guaranteed associated with a good job, anywhere you go! This specific accreditation is the want many specialized along with your employment would certainly get a full reversal after getting this specific accreditation! Almost any CompTIA would give that you simply good growth, wherever you are! This specific SY0-401 quiz would certainly bring all your worries with regards to creating a good employment and you could well be guaranteed associated with an prompt acknowledgement. The quiz is usually CompTIA Security+ Certification. There are various associated certifications utilizing this type of SY0-401 quiz and another could possibly try them out within the CompTIA website.
2021 Mar SY0-401 answers
Q411. LDAP and Kerberos are commonly used for which of the following?
A. To perform queries on a directory service
B. To store usernames and passwords for Federated Identity
C. To sign SSL wildcard certificates for subdomains
D. To utilize single sign-on capabilities
Answer: D
Explanation:
Single sign-on is usually achieved via the Lightweight Directory Access Protocol (LDAP), although Kerberos can also be used.
Q412. A security administrator needs a locally stored record to remove the certificates of a terminated employee. Which of the following describes a service that could meet these requirements?
A. OCSP
B. PKI
C. CA
D. CRL
Answer: D
Explanation:
A CRL is a locally stored record containing revoked certificates and revoked keys.
Q413. Which of the following would a security administrator use to verify the integrity of a file?
A. Time stamp
B. MAC times
C. File descriptor
D. Hash
Answer: D
Explanation:
Hashing refers to the hash algorithms used in cryptography. It is used to store data, such as hash tables and it is a one-way transformation in order to validate the integrity of data.
Q414. NO: 104
A UNIX administrator would like to use native commands to provide a secure way of connecting to other devices remotely and to securely transfer files. Which of the following protocols could be utilized? (Select TWO).
A. RDP
B. SNMP
C. FTP
D. SCP
E. SSH
Answer: D,E
Explanation:
SSH is used to establish a command-line, text-only interface connection with a server, router,
switch, or similar device over any distance.
Secure Copy Protocol (SCP) is a secure file-transfer facility based on SSH and Remote Copy
Protocol (RCP). SCP is commonly used on Linux and Unix platforms.
Q415. In which of the following scenarios is PKI LEAST hardened?
A. The CRL is posted to a publicly accessible location.
B. The recorded time offsets are developed with symmetric keys.
C. A malicious CA certificate is loaded on all the clients.
D. All public keys are accessed by an unauthorized user.
Answer: C
Explanation:
A rogue Certification Authority (CA) certificate allows malicious users to impersonate any Web site on the Internet, including banking and e-commerce sites secured using the HTTPS protocol. A rogue CA certificate would be seen as trusted by Web browsers, and it is harmful because it can appear to be signed by one of the root CAs that browsers trust by default. A rogue Certification Authority (CA) certificate can be created using a vulnerability in the Internet Public Key Infrastructure (PKI) used to issue digital certificates for secure Web sites.
Abreast of the times SY0-401 exam cost:
Q416. Which of the following application attacks is used against a corporate directory service where there are unknown servers on the network?
A. Rogue access point
B. Zero day attack
C. Packet sniffing
D. LDAP injection
Answer: D
Explanation: A directory service is accessed by using LDAP (Lightweight Directory Access Protocol). LDAP injection is an attack against a directory service. Just as SQL injection attacks take statements that are input by users and exploit weaknesses within, an LDAP injection attack exploits weaknesses in LDAP (Lightweight Directory Access Protocol) implementations. This can occur when the user’s input is not properly filtered, and the result can be executed commands, modified content, or results returned to unauthorized queries. The best way to prevent LDAP injection attacks is to filter the user input and to use a validation scheme to make certain that queries do not contain exploits. One of the most common uses of LDAP is associated with user information. Numerous applications exist—such as employee directories—where users find other users by typing in a portion of their name. These queries are looking at the cn value or other fields (those defined for department, home directory, and so on). Someone attempting LDAP injection could feed unexpected values to the query to see what results are returned. All too often, finding employee information equates to finding usernames and values about those users that could be portions of their passwords.
Q417. Which of the following should Pete, a security manager, implement to reduce the risk of employees working in collusion to embezzle funds from their company?
A. Privacy Policy
B. Least Privilege
C. Acceptable Use
D. Mandatory Vacations
Answer: D
Explanation:
A mandatory vacation policy requires all users to take time away from work to refresh. But not only does mandatory vacation give the employee a chance to refresh, but it also gives the company a chance to make sure that others can fill in any gaps in skills and satisfies the need to have replication or duplication at all levels as well as an opportunity to discover fraud.
Q418. Which of the following ciphers would be BEST used to encrypt streaming video?
A. RSA
B. RC4
C. SHA1 D. 3DES
Answer: B
Explanation:
In cryptography, RC4 is the most widely used software stream cipher and is used in popular Internet protocols such as Transport Layer Security (TLS). While remarkable for its simplicity and speed in software, RC4 has weaknesses that argue against its use in new systems. It is especially vulnerable when the beginning of the output keystream is not discarded, or when nonrandom or related keys are used; some ways of using RC4 can lead to very insecure protocols such as WEP.
Because RC4 is a stream cipher, it is more malleable than common block ciphers. If not used together with a strong message authentication code (MAC), then encryption is vulnerable to a bit-flipping attack. The cipher is also vulnerable to a stream cipher attack if not implemented correctly. Furthermore, inadvertent double encryption of a message with the same key may accidentally output plaintext rather than ciphertext because the involutory nature of the XOR function would result in the second operation reversing the first. It is noteworthy, however, that RC4, being a stream cipher, was for a period of time the only common cipher that was immune to the 2011 BEAST attack on TLS 1.0. The attack exploits a known weakness in the way cipher block chaining mode is used with all of the other ciphers supported by TLS 1.0, which are all block ciphers.
Q419. Ann, a security analyst, has discovered that her company has very high staff turnover and often user accounts are not disabled after an employee leaves the company. Which of the following could Ann implement to help identify accounts that are still active for terminated employees?
A. Routine audits
B. Account expirations
C. Risk assessments
D. Change management
Answer: A
Explanation:
Q420. Which of the following concepts is BEST described as developing a new chain of command in the event of a contingency?
A. Business continuity planning
B. Continuity of operations
C. Business impact analysis
D. Succession planning
Answer: D
Explanation:
Succession planning outlines those internal to the organization who have the ability to step into positions when they open. By identifying key roles that cannot be left unfilled and associating internal employees who can step into these roles, you can groom those employees to make sure that they are up to speed when it comes time for them to fill those positions.