aiotestking uk

SY0-401 Exam Questions - Online Test


SY0-401 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. A security administrator wants to perform routine tests on the network during working hours when certain applications are being accessed by the most people. Which of the following would allow the security administrator to test the lack of security controls for those applications with the least impact to the system? 

A. Penetration test 

B. Vulnerability scan 

C. Load testing 

D. Port scanner 

Answer:

Explanation: 

A vulnerability scan is the process of scanning the network and/or I.T. infrastructure for threats and vulnerabilities. The threats and vulnerabilities are then evaluated in a risk assessment and the necessary actions taken to resolve and vulnerabilities. A vulnerability scan scans for known weaknesses such as missing patches or security updates. 

A vulnerability scan is the automated process of proactively identifying security vulnerabilities of computing systems in a network in order to determine if and where a system can be exploited and/or threatened. While public servers are important for communication and data transfer over the Internet, they open the door to potential security breaches by threat agents, such as malicious hackers. Vulnerability scanning employs software that seeks out security flaws based on a database of known flaws, testing systems for the occurrence of these flaws and generating a report of the findings that an individual or an enterprise can use to tighten the network's security. 

Q2. Sara, the Chief Security Officer (CSO), has had four security breaches during the past two years. 

Each breach has cost the company $3,000. A third party vendor has offered to repair the security hole in the system for $25,000. The breached system is scheduled to be replaced in five years. 

Which of the following should Sara do to address the risk? 

A. Accept the risk saving $10,000. 

B. Ignore the risk saving $5,000. 

C. Mitigate the risk saving $10,000. 

D. Transfer the risk saving $5,000. 

Answer:

Explanation: 

Risk transference involves sharing some of the risk burden with someone else, such as an insurance company. The cost of the security breach over a period of 5 years would amount to $30,000 and it is better to save $5,000. 

Q3. Company A submitted a bid on a contract to do work for Company B via email. Company B was insistent that the bid did not come from Company A. Which of the following would have assured that the bid was submitted by Company A? 

A. Steganography 

B. Hashing 

C. Encryption 

D. Digital Signatures 

Answer:

Explanation: 

A digital signature is similar in function to a standard signature on a document. It validates the integrity of the message and the sender. The message is encrypted using the encryption system, and a second piece of information, the digital signature, is added to the message. 

Q4. The system administrator notices that their application is no longer able to keep up with the large amounts of traffic their server is receiving daily. Several packets are dropped and sometimes the server is taken offline. Which of the following would be a possible solution to look into to ensure their application remains secure and available? 

A. Cloud computing 

B. Full disk encryption 

C. Data Loss Prevention 

D. HSM 

Answer:

Explanation: 

Cloud computing means hosting services and data on the Internet instead of hosting it locally. There is thus no issue when the company’s server is taken offline. 

Q5. Which of the following techniques describes the use of application isolation during execution to prevent system compromise if the application is compromised? 

A. Least privilege 

B. Sandboxing 

C. Black box 

D. Application hardening 

Answer:

Explanation: 

Sandboxing is the process of isolating a system before installing new applications on it so as to restrict any potential malware that may be embedded in the new application from being able to cause harm to production systems. 

Q6. Which of the following would Pete, a security administrator, MOST likely implement in order to allow employees to have secure remote access to certain internal network services such as file servers? 

A. Packet filtering firewall 

B. VPN gateway 

C. Switch 

D. Router 

Answer:

Explanation: 

VPNs are usually employed to allow remote access users to connect to and access the network, and offer connectivity between two or more private networks or LANs. A VPN gateway (VPN router) is a connection point that connects two LANs via a nonsecure network such as the Internet. 

Q7. Which of the following application attacks is used to gain access to SEH? 

A. Cookie stealing 

B. Buffer overflow 

C. Directory traversal 

D. XML injection 

Answer:

Explanation: 

Buffer overflow protection is used to detect the most common buffer overflows by checking that the stack has not been altered when a function returns. If it has been altered, the program exits with a segmentation fault. Microsoft's implementation of Data Execution Prevention (DEP) mode explicitly protects the pointer to the Structured Exception Handler (SEH) from being overwritten. A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. Although it may occur accidentally through programming error, buffer overflow is an increasingly common type of security attack on data integrity. In buffer overflow attacks, the extra data may contain codes designed to trigger specific actions, in effect sending new instructions to the attacked computer that could, for example, damage the user's files, change data, or disclose confidential information. Buffer overflow attacks are said to have arisen because the C programming language supplied the framework, and poor programming practices supplied the vulnerability. 

Q8. Ann, a sales manager, successfully connected her company-issued smartphone to the wireless network in her office without supplying a username/password combination. Upon disconnecting from the wireless network, she attempted to connect her personal tablet computer to the same wireless network and could not connect. 

Which of the following is MOST likely the reason? 

A. The company wireless is using a MAC filter. 

B. The company wireless has SSID broadcast disabled. 

C. The company wireless is using WEP. 

D. The company wireless is using WPA2. 

Answer:

Explanation: 

MAC filtering allows you to include or exclude computers and devices based on their MAC address. 

Q9. Which of the following is an important implementation consideration when deploying a wireless network that uses a shared password? 

A. Authentication server 

B. Server certificate 

C. Key length 

D. EAP method 

Answer:

Explanation: 

Key length is the main issue of concern since the wireless network uses a shared password. With risks of shared passwords makes the length of the password a crucial factor to risk mitigation. 

Q10. An attacker crafts a message that appears to be from a trusted source, but in reality it redirects the recipient to a malicious site where information is harvested. The message is narrowly tailored so it is effective on only a small number of victims. This describes which of the following? 

A. Spear phishing 

B. Phishing 

C. Smurf attack 

D. Vishing 

Answer:

Explanation: