Examples of security+ + sy0-401

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/SY0-401-dumps.html

It is more faster and easier to pass the CompTIA SY0-401 exam by using Real CompTIA CompTIA Security+ Certification questuins and answers. Immediate access to the Refresh SY0-401 Exam and find the same core area SY0-401 questions with professionally verified answers, then PASS your exam with a high score now.

2021 Sep comptia security+ pdf sy0-401:

Q601. An online store wants to protect user credentials and credit card information so that customers can store their credit card information and use their card for multiple separate transactions. 

Which of the following database designs provides the BEST security for the online store? 

A. Use encryption for the credential fields and hash the credit card field 

B. Encrypt the username and hash the password 

C. Hash the credential fields and use encryption for the credit card field 

D. Hash both the credential fields and the credit card field 

Answer: C 

Explanation: 

Hashing refers to the hash algorithms used in cryptography. It is used to store data, such as hash tables. One main characteristic of hashing is that the algorithm must have few or no collisions – in hashing two different inputs does not give the same output. Thus the credential fields should be hashed because anyone customer will have a unique credit card number/identity and since they will use their credit cards for many different transactions, the credit card field should be encrypted only, not hashed. 

Q602. Which of the following malware types typically allows an attacker to monitor a user’s computer, is characterized by a drive-by download, and requires no user interaction? 

A. Virus 

B. Logic bomb 

C. Spyware 

D. Adware 

Answer: C 

Explanation: Explanation Spyware is software that is used to gather information about a person or organization without their knowledge and sends that information to another entity. 

Q603. A security administrator needs to update the OS on all the switches in the company. Which of the following MUST be done before any actual switch configuration is performed? 

A. The request needs to be sent to the incident management team. 

B. The request needs to be approved through the incident management process. 

C. The request needs to be approved through the change management process. 

D. The request needs to be sent to the change management team. 

Answer: C 

Explanation: 

Change Management is a risk mitigation approach and refers to the structured approach that is followed to secure a company’s assets. Thus the actual switch configuration should first be subject to the change management approval. 

Q604. A company has 5 users. Users 1, 2 and 3 need access to payroll and users 3, 4 and 5 need access to sales. Which of the following should be implemented to give the appropriate access while enforcing least privilege? 

A. Assign individual permissions to users 1 and 2 for payroll. Assign individual permissions to users 4 and 5 for sales. Make user 3 an administrator. 

B. Make all users administrators and then restrict users 1 and 2 from sales. Then restrict users 4 and 5 from payroll. 

C. Create two additional generic accounts, one for payroll and one for sales that users utilize. 

D. Create a sales group with users 3, 4 and 5. Create a payroll group with users 1, 2 and 3. 

Answer: D 

Explanation: 

Q605. Joe, a technician, is tasked with finding a way to test operating system patches for a wide variety of servers before deployment to the production environment while utilizing a limited amount of hardware resources. Which of the following would provide the BEST environment for performing this testing? 

A. OS hardening 

B. Application control 

C. Virtualization 

D. Sandboxing 

Answer: C 

Explanation: 

Refresh exam sy0-401 pdf:

Q606. Which of the following security concepts can prevent a user from logging on from home during the weekends? 

A. Time of day restrictions 

B. Multifactor authentication 

C. Implicit deny 

D. Common access card 

Answer: A 

Explanation: 

Time of day restrictions limit when users can access specific systems based on the time of day or week. It can limit access to sensitive environments to normal business hours when oversight and monitoring can be performed to prevent fraud, abuse, or intrusion. 

Q607. Sara, a security manager, has decided to force expiration of all company passwords by the close of business day. Which of the following BEST supports this reasoning? 

A. A recent security breach in which passwords were cracked. 

B. Implementation of configuration management processes. 

C. Enforcement of password complexity requirements. 

D. Implementation of account lockout procedures. 

Answer: A 

Explanation: 

A password only needs to be changed if it doesn’t meet the compliance requirements of the company’s password policy, or is evidently insecure. It will also need to be changed if it has been reused, or due to possible compromise as a result of a system intrusion. 

Q608. It is important to staff who use email messaging to provide PII to others on a regular basis to have confidence that their messages are not intercepted or altered during transmission. They are concerned about which of the following types of security control? 

A. Integrity 

B. Safety 

C. Availability 

D. Confidentiality 

Answer: A 

Explanation: 

Integrity means that the messages/ data is not altered. PII is personally identifiable information that can be used to uniquely identify an individual. PII can be used to ensure the integrity of data/messages. 

Q609. Which of the following was launched against a company based on the following IDS log? 

122.41.15.252 - - [21/May/2012:00:17:20 +1200] "GET 

/index.php?username=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA A 

AAA HTTP/1.1" 200 2731 "http://www.company.com/cgibin/ 

forum/commentary.pl/noframes/read/209" "Mozilla/4.0 (compatible; 

MSIE 6.0; Windows NT 5.1; Hotbar 4.4.7.0)" 

A. SQL injection 

B. Buffer overflow attack 

C. XSS attack 

D. Online password crack 

Answer: B 

Explanation: 

The username should be just a username; instead we can see it’s a long line of text with an HTTP command in it. This is an example of a buffer overflow attack. A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. Although it may occur accidentally through programming error, buffer overflow is an increasingly common type of security attack on data integrity. In buffer overflow attacks, the extra data may contain codes designed to trigger specific actions, in effect sending new instructions to the attacked computer that could, for example, damage the user's files, change data, or disclose confidential information. Buffer overflow attacks are said to have arisen because the C programming language supplied the framework, and poor programming practices supplied the vulnerability. 

Q610. A software development company has hired a programmer to develop a plug-in module to an existing proprietary application. After completing the module, the developer needs to test the entire application to ensure that the module did not introduce new vulnerabilities. Which of the following is the developer performing when testing the application? 

A. Black box testing 

B. White box testing 

C. Gray box testing 

D. Design review 

Answer: C 

Explanation: 

In this question, we know the tester has some knowledge of the application because the tester developed a plug-in module for it. However, the tester does not have detailed information about the entire application. Therefore, this is a grey-box test. Gray box testing, also called gray box analysis, is a strategy for software debugging in which the tester has limited knowledge of the internal details of the program. A gray box is a device, program or system whose workings are partially understood. Gray box testing can be contrasted with black box testing, a scenario in which the tester has no knowledge or access to the internal workings of a program, or white box testing, a scenario in which the internal particulars are fully known. Gray box testing is commonly used in penetration tests. Gray box testing is considered to be non-intrusive and unbiased because it does not require that the tester have access to the source code. With respect to internal processes, gray box testing treats a program as a black box that must be analyzed from the outside. During a gray box test, the person may know how the system components interact but not have detailed knowledge about internal program functions and operation. A clear distinction exists between the developer and the tester, thereby minimizing the risk of personnel conflicts. 

Topic 4, Application, Data and Host Security