SY0-401 Exam Questions - Online Test
SY0-401 Premium VCE File
150 Lectures, 20 Hours
Q1. A security technician has been asked to recommend an authentication mechanism that will allow users to authenticate using a password that will only be valid for a predefined time interval. Which of the following should the security technician recommend?
A. CHAP
B. TOTP
C. HOTP
D. PAP
Answer: B
Explanation: Time-based one-time password (TOTP) tokens are devices or applications that generate passwords at fixed time intervals. Therefore, the password will only be valid for a predefined time interval.
Q2. Which of the following practices is used to mitigate a known security vulnerability?
A. Application fuzzing
B. Patch management
C. Password cracking
D. Auditing security logs
Answer: B
Explanation:
Patch management is the process of maintaining the latest source code for applications and operating systems by applying the latest vendor updates. This helps protect a systems from new attacks and vulnerabilities that have recently become known.
Q3. Which of the following protocols is used to validate whether trust is in place and accurate by returning responses of either "good", "unknown", or "revoked"?
A. CRL
B. PKI
C. OCSP
D. RA
Answer: C
Explanation:
The Online Certificate Status Protocol (OCSP) is an Internet protocol used for obtaining the revocation status of an X.509 digital certificate. An OCSP responder (a server typically run by the certificate issuer) may return a signed response signifying that the certificate specified in the request is 'good', 'revoked', or 'unknown'. If it cannot process the request, it may return an error code.
Q4. An administrator has advised against the use of Bluetooth phones due to bluesnarfing concerns.
Which of the following is an example of this threat?
A. An attacker using the phone remotely for spoofing other phone numbers
B. Unauthorized intrusions into the phone to access data
C. The Bluetooth enabled phone causing signal interference with the network
D. An attacker using exploits that allow the phone to be disabled
Answer: B
Explanation:
Bluesnarfing is the theft of information from a wireless device through a Bluetooth connection. Bluetooth is a high-speed but very short-range wireless technology for exchanging data between desktop and mobile computers, personal digital assistants (PDAs), and other devices. By exploiting a vulnerability in the way Bluetooth is implemented on a mobile phone, an attacker can access information -- such as the user's calendar, contact list and e-mail and text messages --without leaving any evidence of the attack. Other devices that use Bluetooth, such as laptop computers, may also be vulnerable, although to a lesser extent, by virtue of their more complex systems. Operating in invisible mode protects some devices, but others are vulnerable as long as Bluetooth is enabled.
Q5. Which of the following password attacks is MOST likely to crack the largest number of randomly generated passwords?
A. Hybrid
B. Birthday attack
C. Dictionary
D. Rainbow tables
Answer: D
Explanation:
Q6. A group policy requires users in an organization to use strong passwords that must be changed every 15 days. Joe and Ann were hired 16 days ago. When Joe logs into the network, he is prompted to change his password; when Ann logs into the network, she is not prompted to change her password. Which of the following BEST explains why Ann is not required to change her password?
A. Ann’s user account has administrator privileges.
B. Joe’s user account was not added to the group policy.
C. Ann’s user account was not added to the group policy.
D. Joe’s user account was inadvertently disabled and must be re-created.
Answer: C
Explanation:
Group policy is used to manage Windows systems in a Windows network domain environment by means of a Group Policy Object (GPO). GPO’s include a number of settings related to credentials, which includes password expiration. Because Anne was not prompted to change her password, it could only mean that her user account was not added to the group policy.
Q7. A security administrator would like to ensure that system administrators are not using the same password for both their privileged and non-privileged accounts. Which of the following security controls BEST accomplishes this goal?
A. Require different account passwords through a policy
B. Require shorter password expiration for non-privileged accounts
C. Require shorter password expiration for privileged accounts
D. Require a greater password length for privileged accounts
Answer: A
Explanation:
Q8. Which of the following MUST Matt, a security administrator, implement to verify both the integrity and authenticity of a message while requiring a shared secret?
A. RIPEMD
B. MD5
C. SHA
D. HMAC
Answer: D
Explanation:
HMAC (Hash-Based Message Authentication Code) uses a hashing algorithm along with a symmetric key. The hashing function provides data integrity, while the symmetric key provides authenticity.
Q9. Which of the following concepts describes the use of a one way transformation in order to validate the integrity of a program?
A. Hashing
B. Key escrow
C. Non-repudiation
D. Steganography
Answer: A
Explanation:
Hashing refers to the hash algorithms used in cryptography. It is used to store data, such as hash
tables and its main characteristics are:
It must be one-way – it is not reversible.
Variable-length input produces fixed-length output – whether you have two characters or 2 million,
the hash size is the same.
The algorithm must have few or no collisions – in hashing two different inputs does not give the
same output.
Q10. Which of the following should Matt, a security administrator, include when encrypting smartphones? (Select TWO).
A. Steganography images
B. Internal memory
C. Master boot records
D. Removable memory cards
E. Public keys
Answer: B,D
Explanation:
All useable data on the device should be encrypted. This data can be located on the hard drive, or removable drives, such as USB devices and memory cards, and on internal memory.
- [2021-New] CompTIA SY0-401 Dumps With Update Exam Questions (81-90)
- [2021-New] CompTIA 220-902 Dumps With Update Exam Questions (121-130)
- [2021-New] CompTIA CAS-002 Dumps With Update Exam Questions (1-10)
- [2021-New] CompTIA SY0-401 Dumps With Update Exam Questions (191-200)
- Regenerate PT0-002 Free Dumps For CompTIA PenTest+ Certification Exam Certification
- Top Tips Of Leading CAS-003 Brain Dumps
- [2021-New] CompTIA SY0-401 Dumps With Update Exam Questions (1-10)
- The Latest Guide To SY0-601 Preparation
- [2021-New] CompTIA 220-901 Dumps With Update Exam Questions (91-100)
- [2021-New] CompTIA SY0-401 Dumps With Update Exam Questions (201-210)