aiotestking uk

SY0-401 Exam Questions - Online Test


SY0-401 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. Ann, the security administrator, received a report from the security technician, that an unauthorized new user account was added to the server over two weeks ago. Which of the following could have mitigated this event? 

A. Routine log audits 

B. Job rotation 

C. Risk likelihood assessment 

D. Separation of duties 

Answer:

Explanation: 

When a new user account is created, an entry is added to the Event Logs. By routinely auditing the event logs, you would know that an account has been created. 

Q2. Digital Signatures provide which of the following? 

A. Confidentiality 

B. Authorization 

C. Integrity 

D. Authentication 

E. Availability 

Answer:

Explanation: 

A digital signature is similar in function to a standard signature on a document. It validates the integrity of the message and the sender. 

Q3. In which of the following steps of incident response does a team analyse the incident and determine steps to prevent a future occurrence? 

A. Mitigation 

B. Identification 

C. Preparation 

D. Lessons learned 

Answer:

Explanation: 

Incident response procedures involves in chronological order: Preparation; Incident identification; Escalation and notification; Mitigation steps; Lessons learned; Reporting; Recover/reconstitution procedures; First responder; Incident isolation (Quarantine; Device removal); Data breach; Damage and loss control. Thus lessons are only learned after the mitigation occurred. For only then can you ‘step back’ and analyze the incident to prevent the same occurrence in future. 

Q4. Which of the following protocols encapsulates an IP packet with an additional IP header? 

A. SFTP 

B. IPSec 

C. HTTPS 

D. SSL 

Answer:

Explanation: 

Authentication Header (AH) is a member of the IPsec protocol suite. AH operates directly on top of IP, using IP protocol number 51. 

Q5. Joe, a user, wants to send an encrypted email to Ann. Which of the following will Ann need to use to verify that the email came from Joe and decrypt it? (Select TWO). 

A. The CA’s public key 

B. Ann’s public key 

C. Joe’s private key 

D. Ann’s private key 

E. The CA’s private key 

F. Joe’s public key 

Answer: D,F 

Explanation: 

Joe wants to send a message to Ann. It’s important that this message not be altered. Joe will use the private key to create a digital signature. The message is, in effect, signed with the private key. Joe then sends the message to Ann. Ann will use the public key attached to the message to validate the digital signature. If the values match, Ann knows the message is authentic and came from Joe. Ann will use a key provided by Joe—the public key—to decrypt the message. Most digital signature implementations also use a hash to verify that the message has not been altered, intentionally or accidently, in transit. Thus Ann would compare the signature area referred to as a message in the message with the calculated value digest (her private key in this case). If the values match, the message hasn’t been tampered with and the originator is verified as the person they claim to be. 

Q6. Which of the following would prevent a user from installing a program on a company-owned mobile device? 

A. White-listing 

B. Access control lists 

C. Geotagging 

D. Remote wipe 

Answer:

Explanation: 

Application whitelisting is a form of application security which prevents any software from running on a system unless it is included on a preapproved exception list. 

Q7. Pete, the security engineer, would like to prevent wireless attacks on his network. Pete has implemented a security control to limit the connecting MAC addresses to a single port. Which of the following wireless attacks would this address? 

A. Interference 

B. Man-in-the-middle 

C. ARP poisoning 

D. Rogue access point 

Answer:

Explanation: 

MAC filtering is typically used in wireless networks. In computer networking, MAC Filtering (or GUI filtering, or layer 2 address filtering) refers to a security access control method whereby the 48-bit address assigned to each network card is used to determine access to the network. MAC addresses are uniquely assigned to each card, so using MAC filtering on a network permits and denies network access to specific devices through the use of blacklists and whitelists. 

In this question, a rogue access point would need to be able to connect to the network to provide access to network resources. If the MAC address of the rogue access point isn’t allowed to connect to the network port, then the rogue access point will not be able to connect to the network. 

Q8. An organization's security policy states that users must authenticate using something you do. Which of the following would meet the objectives of the security policy? 

A. Fingerprint analysis 

B. Signature analysis 

C. Swipe a badge 

D. Password 

Answer:

Explanation: 

Q9. DRAG DROP 

Determine the types of attacks below by selecting an option from the dropdown list. Determine the types of Attacks from right to specific action. 

Answer:  

Explanation: 

A. Phishing. 

B. Whaling. 

C. Vishing. 

D. Spim. 

E. Social engineering. 

A: Phishing is the act of sending an email to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. Phishing email will direct the user to visit a website where they are asked to update personal information, such as a password, credit card, social security, or bank account numbers, that the legitimate organization already has. The website, however, is bogus and set up only to steal the information the user enters on the page. 

B: Whaling is a specific kind of malicious hacking within the more general category of phishing, which involves hunting for data that can be used by the hacker. In general, phishing efforts are focused on collecting personal data about users. In whaling, the targets are high-ranking bankers, executives or others in powerful positions or job titles. Hackers who engage in whaling often describe these efforts as "reeling in a big fish," applying a familiar metaphor to the process of scouring technologies for loopholes and opportunities for data theft. Those who are engaged in whaling may, for example, hack into specific networks where these powerful individuals work or store sensitive data. They may also set up keylogging or other malware on a work station associated with one of these executives. There are many ways that hackers can pursue whaling, leading C-level or top-level executives in business and government to stay vigilant about the possibility of cyber threats. 

C: Vishing is the act of using the telephone in an attempt to scam the user into surrendering private information that will be used for identity theft. The scammer usually pretends to be a legitimate business, and fools the victim into thinking he or she will profit. 

D: SPIM is a term sometimes used to refer to spam over IM (Instant Messaging). It’s also called just spam, instant spam, or IM marketing. No matter what the name, it consists of unwanted messages transmitted through some form of instant messaging service, which can include Short Message Service (SMS). 

E: Social engineering is a non-technical method of intrusion hackers use that relies heavily on human interaction and often involves tricking people into breaking normal security procedures. It is one of the greatest threats that organizations today encounter. A social engineer runs what used to be called a "con game." For example, a person using social engineering to break into a computer network might try to gain the confidence of an authorized user and get them to reveal information that compromises the network's security. Social engineers often rely on the natural helpfulness of people as well as on their weaknesses. They might, for example, call the authorized employee with some kind of urgent problem that requires immediate network access. Appealing to vanity, appealing to authority, appealing to greed, and old-fashioned eavesdropping are other typical social engineering techniques. 

References: 

http://www.webopedia.com/TERM/P/phishing.html http://www.techopedia.com/definition/28643/whaling http://www.webopedia.com/TERM/V/vishing.html http://searchsecurity.techtarget.com/definition/social-engineering 

Q10. Which of the following attacks involves the use of previously captured network traffic? 

A. Replay 

B. Smurf 

C. Vishing 

D. DDoS 

Answer:

Explanation: