★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/SY0-401-dumps.html


Q671. A vulnerability scan is reporting that patches are missing on a server. After a review, it is determined that the application requiring the patch does not exist on the operating system. 

Which of the following describes this cause? 

A. Application hardening 

B. False positive 

C. Baseline code review 

D. False negative 

Answer:

Explanation: 

False positives are essentially events that are mistakenly flagged and are not really events to be concerned about. 


Q672. Results from a vulnerability analysis indicate that all enabled virtual terminals on a router can be accessed using the same password. The company’s network device security policy mandates that at least one virtual terminal have a different password than the other virtual terminals. Which of the following sets of commands would meet this requirement? 

A. line vty 0 6 P@s5W0Rd password line vty 7 Qwer++!Y password 

B. line console 0 password password line vty 0 4 password P@s5W0Rd 

C. line vty 0 3 password Qwer++!Y line vty 4 password P@s5W0Rd 

D. line vty 0 3 password Qwer++!Y line console 0 password P@s5W0Rd 

Answer:

Explanation: 

The VTY lines are the Virtual Terminal lines of the router, used solely to control inbound Telnet connections. They are virtual, in the sense that they are a function of software - there is no hardware associated with them. Two numbers follow the keyword VTY because there is more than one VTY line for router access. The default number of lines is five on many Cisco routers. Here, I’m configuring one password for all terminal (VTY) lines. I can specify the actual terminal or VTY line numbers as a range. The syntax that you’ll see most often, vty 0 4, covers all five terminal access lines. 


Q673. During a routine audit a web server is flagged for allowing the use of weak ciphers. Which of the following should be disabled to mitigate this risk? (Select TWO). 

A. SSL 1.0 

B. RC4 

C. SSL 3.0 

D. AES 

E. DES 

F. TLS 1.0 

Answer: A,E 

Explanation: 

TLS 1.0 and SSL 1.0 both have known vulnerabilities and have been replaced by later versions. Any systems running these ciphers should have them disabled. Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols designed to provide communications security over a computer network. They use X.509 certificates and hence asymmetric cryptography to authenticate the counterparty with whom they are communicating, and to exchange a symmetric key. This session key is then used to encrypt data flowing between the parties. This allows for data/message confidentiality, and message authentication codes for message integrity and as a by-product, message authentication Netscape developed the original SSL protocol. Version 1.0 was never publicly released because of serious security flaws in the protocol; version 2.0, released in February 1995, "contained a number of security flaws which ultimately led to the design of SSL version 3.0”. TLS 1.0 was first defined in RFC 2246 in January 1999 as an upgrade of SSL Version 3.0. As stated in the RFC, "the differences between this protocol and SSL 3.0 are not dramatic, but they are significant enough to preclude interoperability between TLS 1.0 and SSL 3.0". TLS 1.0 does include a means by which a TLS implementation can downgrade the connection to SSL 3.0, thus weakening security. TLS 1.1 and then TLS 1.2 were created to replace TLS 1.0. 


Q674. Pete, the Chief Executive Officer (CEO) of a company, has increased his travel plans for the next two years to improve business relations. Which of the following would need to be in place in case something happens to Pete? 

A. Succession planning 

B. Disaster recovery 

C. Separation of duty 

D. Removing single loss expectancy 

Answer:

Explanation: 

Succession planning outlines those internal to the organization who have the ability to step into positions when they open. By identifying key roles that cannot be left unfilled and associating internal employees who can step into these roles, you can groom those employees to make sure that they are up to speed when it comes time for them to fill those positions. 


Q675. Which of the following technologies uses multiple devices to share work? 

A. Switching 

B. Load balancing 

C. RAID 

D. VPN concentrator 

Answer:

Explanation: 

Load balancing is a way of providing high availability by splitting the workload across multiple computers. 


Q676. TION NO: 174 

Jane, an administrator, needs to make sure the wireless network is not accessible from the parking area of their office. Which of the following would BEST help Jane when deploying a new access point? 

A. Placement of antenna 

B. Disabling the SSID 

C. Implementing WPA2 

D. Enabling the MAC filtering 

Answer:

Explanation: 

You should try to avoid placing access points near metal (which includes appliances) or near the ground. Placing them in the center of the area to be served and high enough to get around most obstacles is recommended. On the chance that the signal is actually traveling too far, some access points include power level controls, which allow you to reduce the amount of output provided. 


Q677. A security analyst has been tasked with securing a guest wireless network. They recommend the company use an authentication server but are told the funds are not available to set this up. 

Which of the following BEST allows the analyst to restrict user access to approved devices? 

A. Antenna placement 

B. Power level adjustment 

C. Disable SSID broadcasting 

D. MAC filtering 

Answer:

Explanation: 

A MAC filter is a list of authorized wireless client interface MAC addresses that is used by a WAP to block access to all unauthorized devices. 


Q678. Which of the following BEST describes the weakness in WEP encryption? 

A. The initialization vector of WEP uses a crack-able RC4 encryption algorithm. 

Once enough packets are captured an XOR operation can be performed and the asymmetric keys 

can be derived. 

B. The WEP key is stored in plain text and split in portions across 224 packets of random data. 

Once enough packets are sniffed the IV portion of the packets can be removed leaving the plain 

text key. 

C. The WEP key has a weak MD4 hashing algorithm used. 

A simple rainbow table can be used to generate key possibilities due to MD4 collisions. 

D. The WEP key is stored with a very small pool of random numbers to make the cipher text. 

As the random numbers are often reused it becomes easy to derive the remaining WEP key. 

Answer:

Explanation: 

WEP is based on RC4, but due to errors in design and implementation, WEP is weak in a number of areas, two of which are the use of a static common key and poor implementation of initiation vectors (IVs). When the WEP key is discovered, the attacker can join the network and then listen in on all other wireless client communications. 


Q679. Which of the following must be kept secret for a public key infrastructure to remain secure? 

A. Certificate Authority 

B. Certificate revocation list 

C. Public key ring 

D. Private key 

Answer:

Explanation: 

The private key, which is also called the secret key, must be kept secret. 


Q680. A security administrator has installed a new KDC for the corporate environment. Which of the following authentication protocols is the security administrator planning to implement across the organization? 

A. LDAP 

B. RADIUS 

C. Kerberos 

D. XTACACS 

Answer:

Explanation: 

The fundamental component of a Kerberos solution is the key distribution centre (KDC), which is responsible for verifying the identity of principles and granting and controlling access within a network environment through the use of secure cryptographic keys and tickets.