To pass that CompTIA SY0-401 quiz is not a difficult task. Youve just got a desire to have particular methods of attaining amazing success. Ucertify SY0-401 documentation perform content have become useful trying to keep the prep effective or over on the draw. Were featuring 100% likely good results within SY0-401 real quiz and also SY0-401 while using the aid of each of our perform quiz. And so by way of exercising each of our SY0-401 teaching content, get those expected documentation and continue to turned into a best Them pro.

2021 Nov SY0-401 exam price

Q481. Which of the following functions provides an output which cannot be reversed and converts data into a string of characters? 

A. Hashing 

B. Stream ciphers 

C. Steganography 

D. Block ciphers 

Answer:

Explanation: 

Hashing refers to the hash algorithms used in cryptography. It is used to store data, such as hash tables one of its characteristics is that it must be one-way – it is not reversible. 


Q482. A security administrator suspects that an increase in the amount of TFTP traffic on the network is due to unauthorized file transfers, and wants to configure a firewall to block all TFTP traffic. 

Which of the following would accomplish this task? 

A. Deny TCP port 68 

B. Deny TCP port 69 

C. Deny UDP port 68 

D. Deny UDP port 69 

Answer:

Explanation: 

Trivial File Transfer Protocol (TFTP) is a simple file-exchange protocol that doesn’t require authentication. It operates on UDP port 69. 


Q483. A system administrator has noticed that users change their password many times to cycle back to the original password when their passwords expire. Which of the following would BEST prevent this behavior? 

A. Assign users passwords based upon job role. 

B. Enforce a minimum password age policy. 

C. Prevent users from choosing their own passwords. 

D. Increase the password expiration time frame. 

Answer:

Explanation: 

A minimum password age policy defines the period that a password must be used for before it can be changed. 


Q484. Which of the following is used to certify intermediate authorities in a large PKI deployment? 

A. Root CA 

B. Recovery agent 

C. Root user 

D. Key escrow 

Answer:

Explanation: 

The root CA certifies other certification authorities to publish and manage certificates within the organization. In a hierarchical trust model, also known as a tree, a root CA at the top provides all of the information. The intermediate CAs are next in the hierarchy, and they trust only information provided by the root CA. The root CA also trusts intermediate CAs that are in their level in the hierarchy and none that aren’t. This arrangement allows a high level of control at all levels of the hierarchical tree. . 


Q485. A software firm posts patches and updates to a publicly accessible FTP site. The software firm also posts digitally signed checksums of all patches and updates. The firm does this to address: 

A. Integrity of downloaded software. 

B. Availability of the FTP site. 

C. Confidentiality of downloaded software. 

D. Integrity of the server logs. 

Answer:

Explanation: 

Digital Signatures is used to validate the integrity of the message and the sender. In this case the software firm that posted the patches and updates digitally signed the checksums of all patches and updates. 


Up to date SY0-401 exam prep:

Q486. Mike, a security professional, is tasked with actively verifying the strength of the security controls on a company’s live modem pool. Which of the following activities is MOST appropriate? 

A. War dialing 

B. War chalking 

C. War driving 

D. Bluesnarfing 

Answer:

Explanation: 

War dialing is a technique of using a modem to automatically scan a list of telephone numbers, usually dialing every number in a local area code to search for computers, Bulletin board systems and fax machines. Hackers use the resulting lists for various purposes: hobbyists for exploration, and crackers - malicious hackers who specialize in computer security - for guessing user accounts (by capturing voicemail greetings), or locating modems that might provide an entry-point into computer or other electronic systems. It may also be used by security personnel, for example, to detect unauthorized devices, such as modems or faxes, on a company's telephone network. 


Q487. Which of the following should be considered to mitigate data theft when using CAT5 wiring? 

A. CCTV 

B. Environmental monitoring 

C. Multimode fiber 

D. EMI shielding 

Answer:

Explanation: 

EMI Shielding refers to the process of preventing electronic emissions from your computer systems from being used to gather intelligence and preventing outside electronic emissions from disrupting your information-processing abilities. Thus all wiring should be shielded to mitigate data theft. 


Q488. Due to hardware limitation, a technician must implement a wireless encryption algorithm that uses the RC4 protocol. Which of the following is a wireless encryption solution that the technician should implement while ensuring the STRONGEST level of security? 

A. WPA2-AES 

B. 802.11ac 

C. WPA-TKIP 

D. WEP 

Answer:

Explanation: 

WPA-TKIP uses the RC4 cipher. 

TKIP and the related WPA standard implement three new security features to address security problems encountered in WEP protected networks. First, TKIP implements a key mixing function that combines the secret root key with the initialization vector before passing it to the RC4 initialization. WEP, in comparison, merely concatenated the initialization vector to the root key, and passed this value to the RC4 routine. This permitted the vast majority of the RC4 based WEP 

related key attacks. Second, WPA implements a sequence counter to protect against replay 

attacks. Packets received out of order will be rejected by the access point. Finally, TKIP 

implements a 64-bit Message Integrity Check (MIC) 

To be able to run on legacy WEP hardware with minor upgrades, TKIP uses RC4 as its cipher. 

TKIP also provides a rekeying mechanism. TKIP ensures that every data packet is sent with a 

unique encryption key. 


Q489. An administrator notices that former temporary employees’ accounts are still active on a domain. 

Which of the following can be implemented to increase security and prevent this from happening? 

A. Implement a password expiration policy. 

B. Implement an account expiration date for permanent employees. 

C. Implement time of day restrictions for all temporary employees. 

D. Run a last logon script to look for inactive accounts. 

Answer:

Explanation: 

You can run a script to return a list of all accounts that haven’t been used for a number of days, for example 30 days. If an account hasn’t been logged into for 30 days, it’s a safe bet that the user the account belonged to is no longer with the company. You can then disable all the accounts that the script returns. A disabled account cannot be used to log in to a system. This is a good security measure. As soon as an employee leaves the company, the employees account should always be disabled. 


Q490. Which of the following attacks involves the use of previously captured network traffic? 

A. Replay 

B. Smurf 

C. Vishing 

D. DDoS 

Answer:

Explanation: