web analytics

100% Pass IT Exam By Training Lead2pass New VCE And PDF Dumps

100% Pass Lead2pass Practice Test Free Version

Lead2pass 2017 October New CompTIA SY0-401 Exam Dumps!

100% Free Download! 100% Pass Guaranteed!

How to 100% pass SY0-401 exam? Lead2pass provides the guaranteed SY0-401 exam dumps to boost up your confidence in SY0-401 exam. Successful candidates have provided their reviews about our SY0-401 dumps. Now Lead2pass supplying the new version of SY0-401 VCE and PDF dumps. We ensure our SY0-401 exam questions are the most complete and authoritative compared with others’, which will ensure your SY0-401 exam pass.

Following questions and answers are all new published by CompTIA Official Exam Center: https://www.lead2pass.com/sy0-401.html

Which of the following hardware based encryption devices is used as a part of multi-factor authentication to access a secured computing system?

A.    Database encryption
B.    USB encryption
C.    Whole disk encryption
D.    TPM

Answer: D
Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores cryptographic keys, passwords, or certificates.

The systems administrator wishes to implement a hardware-based encryption method that could also be used to sign code. They can achieve this by:

A.    Utilizing the already present TPM.
B.    Configuring secure application sandboxes.
C.    Enforcing whole disk encryption.
D.    Moving data and applications into the cloud.

Answer: A
Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores cryptographic keys, passwords, or certificates.

Which of the following BEST explains the use of an HSM within the company servers?

A.    Thumb drives present a significant threat which is mitigated by HSM.
B.    Software encryption can perform multiple functions required by HSM.
C.    Data loss by removable media can be prevented with DLP.
D.    Hardware encryption is faster than software encryption.

Answer: D
Hardware Security Module (HSM) is a cryptoprocessor that can be used to enhance security.
It provides a fast solution for the for large asymmetrical encryption calculations and is much faster than software-based cryptographic solutions.

Access mechanisms to data on encrypted USB hard drives must be implemented correctly otherwise:

A.    user accounts may be inadvertently locked out.
B.    data on the USB drive could be corrupted.
C.    data on the hard drive will be vulnerable to log analysis.
D.    the security controls on the USB drive can be bypassed.

Answer: D
A common access mechanism to data on encrypted USB hard drives is a password. If a weak password is used, someone could guess the password and bypass the security controls on the USB drive to access the data.

A security administrator has implemented a policy to prevent data loss. Which of the following is the BEST method of enforcement?

A.    Internet networks can be accessed via personally-owned computers.
B.    Data can only be stored on local workstations.
C.    Wi-Fi networks should use WEP encryption by default.
D.    Only USB devices supporting encryption are to be used.

Answer: D
The concern for preventing data loss is the concern for maintaining data confidentiality. This can be accomplished through encryption, access controls, and steganography. USB encryption is usually provided by the vendor of the USB device. It is not included on all USB devices.

Which of the following data security techniques will allow Matt, an IT security technician, to encrypt a system with speed as its primary consideration?

A.    Hard drive encryption
B.    Infrastructure as a service
C.    Software based encryption
D.    Data loss prevention

Answer: A
Disk and device encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should the device be stolen. It should be implemented using a hardware-based solution for greater speed.

A large corporation has data centers geographically distributed across multiple continents. The company needs to securely transfer large amounts of data between the data center. The data transfer can be accomplished physically or electronically, but must prevent eavesdropping while the data is on transit. Which of the following represents the BEST cryptographic solution?

A.    Driving a van full of Micro SD cards from data center to data center to transfer data
B.    Exchanging VPN keys between each data center via an SSL connection and transferring the data in the VPN
C.    Using a courier to deliver symmetric VPN keys to each data center and transferring data in the VPN
D.    Using PKI to encrypt each file and transferring them via an Internet based FTP or cloud server

Answer: B
A virtual private network (VPN) is an encrypted communication tunnel that connects two systems over an untrusted network, such as the Internet. They provide security for both authentication and data transmission through a process called encapsulation. Secure Sockets Layer (SSL) can be used to exchange the VPN keys securely. SSL is used to establish secure TCP communication between two machines by encrypting the communication.

A security administrator wants to ensure that the message the administrator sends out to their Chief Financial Officer (CFO) does not get changed in route. Which of the following is the administrator MOST concerned with?

A.    Data confidentiality
B.    High availability
C.    Data integrity
D.    Business continuity

Answer: C
Integrity is the process of ensuring that the information has not been altered during transmission.
This can be accomplished by means of hashing.

An administrator wants to ensure that the reclaimed space of a hard drive has been sanitized while the computer is in use. Which of the following can be implemented?

A.    Cluster tip wiping
B.    Individual file encryption
C.    Full disk encryption
D.    Storage retention

Answer: A
A computer hard disk is divided into small segments called clusters. A file usually spans several clusters but rarely fills the last cluster, which is called cluster tip. This cluster tip area may contain file data because the size of the file you are working with may grow or shrink and needs to be securely deleted.

The act of magnetically erasing all of the data on a disk is known as:

A.    Wiping
B.    Dissolution
C.    Scrubbing
D.    Degaussing

Answer: D
Degaussing is a form a data wiping that entails the use of magnets to alter the magnetic structure of the storage medium.

Company XYZ recently salvaged company laptops and removed all hard drives, but the Chief Information Officer (CIO) is concerned about disclosure of confidential information. Which of the following is the MOST secure method to dispose of these hard drives?

A.    Degaussing
B.    Physical Destruction
C.    Lock up hard drives in a secure safe
D.    Wipe

Answer: B
The physical description of hard drives is the only secure means of disposing hard drives.
This can include incineration, an acid bath, and crushing.

During a recent investigation, an auditor discovered that an engineer’s compromised workstation was being used to connect to SCADA systems while the engineer was not logged in. The engineer is responsible for administering the SCADA systems and cannot be blocked from connecting to them. The SCADA systems cannot be modified without vendor approval which requires months of testing.
Which of the following is MOST likely to protect the SCADA systems from misuse?

A.    Update anti-virus definitions on SCADA systems
B.    Audit accounts on the SCADA systems
C.    Install a firewall on the SCADA network
D.    Deploy NIPS at the edge of the SCADA network

Answer: D
A supervisory control and data acquisition (SCADA) system is an industrial control system (ICS) that is used to control infrastructure processes, facility-based processes, or industrial processes. A network-based IPS (NIPS) is an intrusion detection and prevention system that scans network traffic in real time against a database of attack signatures. It is useful for detecting and responding to network-based attacks originating from outside the organization.

Which of the following are examples of network segmentation? (Select TWO).

A.    IDS
B.    IaaS
C.    DMZ
D.    Subnet
E.    IPS

Answer: CD
C: A demilitarized zone (DMZ) is a part of the network that is separated of segmented from the rest of the network by means of firewalls and acts as a buffer between the untrusted public Internet and the trusted local area network (LAN).
D. IP subnets can be used to separate or segment networks while allowing communication between the network segments via routers.

Which of the following can be implemented in hardware or software to protect a web server from cross-site scripting attacks?

A.    Intrusion Detection System
B.    Flood Guard Protection
C.    Web Application Firewall
D.    URL Content Filter

Answer: C
Cross-site scripting (XSS) is a form of malicious code-injection attack on a web server in which an attacker injects code into the content sent to website visitors. XSS can be mitigated by implementing patch management on the web server, using firewalls, and auditing for suspicious activity.

When considering a vendor-specific vulnerability in critical industrial control systems which of the following techniques supports availability?

A.    Deploying identical application firewalls at the border
B.    Incorporating diversity into redundant design
C.    Enforcing application white lists on the support workstations
D.    Ensuring the systems’ anti-virus definitions are up-to-date

Answer: B
If you know there is a vulnerability that is specific to one vendor, you can improve availability by implementing multiple systems that include at least one system from a different vendor and so is not affected by the vulnerability.

Jane, a security administrator, needs to implement a secure wireless authentication method that uses a remote RADIUS server for authentication.
Which of the following is an authentication method Jane should use?

A.    WPA2-PSK
C.    CCMP
D.    LEAP

Answer: D
A RADIUS server is a server with a database of user accounts and passwords used as a central authentication database for users requiring network access. The Lightweight Extensible Authentication Protocol (LEAP) is a proprietary wireless LAN authentication method developed by Cisco Systems. Important features of LEAP are dynamic WEP keys and mutual authentication (between a wireless client and a RADIUS server). LEAP allows for clients to reauthenticate frequently; upon each successful authentication, the clients acquire a new WEP key (with the hope that the WEP keys don’t live long enough to be cracked). LEAP may be configured to use TKIP instead of dynamic WEP.

Ann, a security administrator, wishes to replace their RADIUS authentication with a more secure protocol, which can utilize EAP. Which of the following would BEST fit her objective?

A.    CHAP
B.    SAML
C.    Kerberos
D.    Diameter

Answer: D
Diameter is an authentication, authorization, and accounting protocol that replaces the RADIUS protocol. Diameter Applications extend the base protocol by including new commands and/or attributes, such as those for use of the Extensible Authentication Protocol (EAP).

Which of the following is an authentication service that uses UDP as a transport medium?

B.    LDAP
C.    Kerberos

Answer: D
RADIUS runs in the application layer and makes use of UDP as transport.

Pete, a security auditor, has detected clear text passwords between the RADIUS server and the authenticator. Which of the following is configured in the RADIUS server and what technologies should the authentication protocol be changed to?

C.    MSCHAPv2, NTLMv2
D.    NTLM, NTLMv2

Answer: A
PAP transmits the username and password to the authentication server in plain text. MSCHAPv2 is utilized as an authentication option for RADIUS servers that are used for Wi-Fi security using the WPA-Enterprise protocol.

RADIUS provides which of the following?

A.    Authentication, Authorization, Availability
B.    Authentication, Authorization, Auditing
C.    Authentication, Accounting, Auditing
D.    Authentication, Authorization, Accounting

Answer: D
The Remote Authentication Dial In User Service (RADIUS) networking protocol offers centralized Authentication, Authorization, and Accounting (AAA) management for users who make use of a network service. It is for this reason that A, B, and C: are incorrect.

Which of the following types of security services are used to support authentication for remote users and devices?

A.    Biometrics
B.    HSM

Answer: C
RADIUS authentication phase takes place when a network client connects to a network access server (NAS) and provides authentication credentials. The NAS will then make use of the authentication credentials to issue a RADIUS authentication request to the RADIUS server, which will then exchange RADIUS authentication messages with the NAS.

Which of the following relies on the use of shared secrets to protect communication?

B.    Kerberos
C.    PKI
D.    LDAP

Answer: A
Obfuscated passwords are transmitted by the RADIUS protocol via a shared secret and the MD5 hashing algorithm.

Ann has taken over as the new head of the IT department. One of her first assignments was to implement AAA in preparation for the company’s new telecommuting policy. When she takes inventory of the organizations existing network infrastructure, she makes note that it is a mix of several different vendors. Ann knows she needs a method of secure centralized access to the company’s network resources. Which of the following is the BEST service for Ann to implement?

B.    LDAP
C.    SAML

Answer: A
The Remote Authentication Dial In User Service (RADIUS) networking protocol offers centralized Authentication, Authorization, and Accounting (AAA) management for users who make use of a network service.

Which of the following is mainly used for remote access into the network?

C.    Kerberos

Answer: D
Most gateways that control access to the network have a RADIUS client component that communicates with the RADIUS server. Therefore, it can be inferred that RADIUS is primarily used for remote access.

A system administrator is using a packet sniffer to troubleshoot remote authentication.
The administrator detects a device trying to communicate to TCP port 49.
Which of the following authentication methods is MOST likely being attempted?

C.    Kerberos
D.    LDAP

Answer: B
TACACS makes use of TCP port 49 by default.

More free Lead2pass SY0-401 exam new questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDLXZsWm9MWmh0a0E

All the SY0-401 braindumps are updated. Get a complete hold of SY0-401 PDF dumps and SY0-401 practice test with free VCE player through Lead2pass and boost up your skills.

2017 CompTIA SY0-401  (All 1868 Q&As) exam dumps (PDF&VCE) from Lead2pass:

https://www.lead2pass.com/sy0-401.html [100% Exam Pass Guaranteed]

October 27th, 2017

Posted In: CompTIA, SY0-401 Dumps, SY0-401 Exam Questions, SY0-401 New Questions, SY0-401 PDF, SY0-401 VCE

Tags: , , , , , , ,