★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/SY0-401-dumps.html


It is impossible to pass CompTIA comptia security+ get certified get ahead sy0 401 study guide exam without any help in the short term. Come to Ucertify soon and find the most advanced, correct and guaranteed CompTIA comptia security+ sy0 401 pdf practice questions. You will get a surprising result by our Leading CompTIA Security+ Certification practice guides.

Q61. LDAP and Kerberos are commonly used for which of the following? 

A. To perform queries on a directory service 

B. To store usernames and passwords for Federated Identity 

C. To sign SSL wildcard certificates for subdomains 

D. To utilize single sign-on capabilities 

Answer:

Explanation: 

Single sign-on is usually achieved via the Lightweight Directory Access Protocol (LDAP), although Kerberos can also be used. 


Q62. Acme Corp has selectively outsourced proprietary business processes to ABC Services. Due to some technical issues, ABC services wants to send some of Acme Corp’s debug data to a third party vendor for problem resolution. Which of the following MUST be considered prior to sending data to a third party? 

A. The data should be encrypted prior to transport 

B. This would not constitute unauthorized data sharing 

C. This may violate data ownership and non-disclosure agreements 

D. Acme Corp should send the data to ABC Services’ vendor instead 

Answer:

Explanation: 

With sending your data to a third party is already a risk since the third party may have a different policy than yours. Data ownership and non-disclosure is already a risk that you will have to accept since the data will be sent for debugging /troubleshooting purposes which will result in definite disclosure of the data. 


Q63. Sara, a user, downloads a keygen to install pirated software. After running the keygen, system performance is extremely slow and numerous antivirus alerts are displayed. Which of the following BEST describes this type of malware? 

A. Logic bomb 

B. Worm 

C. Trojan 

D. Adware 

Answer:

Explanation: 

In computers, a Trojan is a program in which malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and do its chosen form of damage, such as ruining the file allocation table on your hard disk. In one celebrated case, a Trojan was a program that was supposed to find and destroy computer viruses. A Trojan horse may be widely redistributed as part of a computer virus. 


Q64. Joe, the information security manager, is tasked with calculating risk and selecting controls to protect a new system. He has identified people, environmental conditions, and events that could affect the new system. Which of the following does he need to estimate NEXT in order to complete his risk calculations? 

A. Vulnerabilities 

B. Risk 

C. Likelihood 

D. Threats 

Answer:

Explanation: 


Q65. Key elements of a business impact analysis should include which of the following tasks? 

A. Develop recovery strategies, prioritize recovery, create test plans, post-test evaluation, and update processes. 

B. Identify institutional and regulatory reporting requirements, develop response teams and communication trees, and develop press release templates. 

C. Employ regular preventive measures such as patch management, change management, antivirus and vulnerability scans, and reports to management. 

D. Identify critical assets systems and functions, identify dependencies, determine critical downtime limit, define scenarios by type and scope of impact, and quantify loss potential. 

Answer:

Explanation: 

The key components of a Business impact analysis (BIA) include: Identifying Critical Functions Prioritizing Critical Business Functions Calculating a Timeframe for Critical Systems Loss Estimating the Tangible and Intangible Impact on the Organization 


Q66. Which of the following is used to certify intermediate authorities in a large PKI deployment? 

A. Root CA 

B. Recovery agent 

C. Root user 

D. Key escrow 

Answer:

Explanation: 

The root CA certifies other certification authorities to publish and manage certificates within the organization. In a hierarchical trust model, also known as a tree, a root CA at the top provides all of the information. The intermediate CAs are next in the hierarchy, and they trust only information provided by the root CA. The root CA also trusts intermediate CAs that are in their level in the hierarchy and none that aren’t. This arrangement allows a high level of control at all levels of the hierarchical tree. . 


Q67. Which of the following transportation encryption protocols should be used to ensure maximum security between a web browser and a web server? 

A. SSLv2 

B. SSHv1 

C. RSA 

D. TLS 

Answer:

Explanation: 

HTTP Secure HTTP Secure (HTTPS) is the protocol used for “secure” web pages that users should see when they must enter personal information such as credit card numbers, passwords, and other identifiers. It combines HTTP with SSL/TLS to provide encrypted communication. Transport Layer Security (TLS) is a security protocol that expands upon SSL. Many industry analysts predict that TLS will replace SSL, and it is also referred to as SSL 3.1. 


Q68. Ann, an employee, is cleaning out her desk and disposes of paperwork containing confidential customer information in a recycle bin without shredding it first. This is MOST likely to increase the risk of loss from which of the following attacks? 

A. Shoulder surfing 

B. Dumpster diving 

C. Tailgating 

D. Spoofing 

Answer:

Explanation: 

Dumpster diving is looking for treasure in someone else's trash. (A dumpster is a large trash container.) In the world of information technology, dumpster diving is a technique used to retrieve information that could be used to carry out an attack on a computer network. Dumpster diving isn't limited to searching through the trash for obvious treasures like access codes or passwords written down on sticky notes. Seemingly innocent information like a phone list, calendar, or organizational chart can be used to assist an attacker using social engineering techniques to gain access to the network. To prevent dumpster divers from learning anything valuable from your trash, experts recommend that your company establish a disposal policy where all paper, including print-outs, is shredded in a cross-cut shredder before being recycled, all storage media is erased, and all staff is educated about the danger of untracked trash. 


Q69. A security administrator is aware that a portion of the company’s Internet-facing network tends to be non-secure due to poorly configured and patched systems. The business owner has accepted the risk of those systems being compromised, but the administrator wants to determine the degree to which those systems can be used to gain access to the company intranet. Which of the following should the administrator perform? 

A. Patch management assessment 

B. Business impact assessment 

C. Penetration test 

D. Vulnerability assessment 

Answer:

Explanation: 

Penetration testing is the most intrusive type of testing because you are actively trying to circumvent the system’s security controls to gain access to the system. It is also used to determine the degree to which the systems can be used to gain access to the company intranet (the degree of access to local network resources). Penetration testing (also called pen testing) is the practice of testing a computer system, network or Web application to find vulnerabilities that an attacker could exploit. Pen tests can be automated with software applications or they can be performed manually. Either way, the process includes gathering information about the target before the test (reconnaissance), identifying possible entry points, attempting to break in (either virtually or for real) and reporting back the findings. The main objective of penetration testing is to determine security weaknesses. A pen test can also be used to test an organization's security policy compliance, its employees' security awareness and the organization's ability to identify and respond to security incidents. Penetration tests are sometimes called white hat attacks because in a pen test, the good guys are attempting to break in. 

Pen test strategies include: 

Targeted testing Targeted testing is performed by the organization's IT team and the penetration testing team working together. It's sometimes referred to as a "lights-turned-on" approach because everyone can see the test being carried out. 

External testing This type of pen test targets a company's externally visible servers or devices including domain name servers (DNS), e-mail servers, Web servers or firewalls. The objective is to find out if an outside attacker can get in and how far they can get in once they've gained access. 

Internal testing This test mimics an inside attack behind the firewall by an authorized user with standard access privileges. This kind of test is useful for estimating how much damage a disgruntled employee could cause. 

Blind testing A blind test strategy simulates the actions and procedures of a real attacker by severely limiting the information given to the person or team that's performing the test beforehand. Typically, they may only be given the name of the company. Because this type of test can require a considerable amount of time for reconnaissance, it can be expensive. 

Double blind testing Double blind testing takes the blind test and carries it a step further. In this type of pen test, only one or two people within the organization might be aware a test is being conducted. Double-blind tests can be useful for testing an organization's security monitoring and incident identification as well as its response procedures. 


Q70. Sara, an employee, tethers her smartphone to her work PC to bypass the corporate web security gateway while connected to the LAN. While Sara is out at lunch her PC is compromised via the tethered connection and corporate data is stolen. Which of the following would BEST prevent this from occurring again? 

A. Disable the wireless access and implement strict router ACLs. 

B. Reduce restrictions on the corporate web security gateway. 

C. Security policy and threat awareness training. 

D. Perform user rights and permissions reviews. 

Answer:

Explanation: 

BYOD (In this case Sara’s smart phone) involves the possibility of a personal device that is infected with malware introducing that malware to the network and security awareness training will address the issue of the company’s security policy with regard to BYOD.