Valid SY0-401 Dumps shared by Examslabs for Helping Passing SY0-401 Exam! Examslabs now offer the newest SY0-401 exam dumps, the Examslabs SY0-401 exam questions have been updated and answers have been corrected get the newest Examslabs SY0-401 dumps with Test Engine here:
https://www.examslabs.com/CompTIA/Security/best-SY0-401-exam-dumps.html (1790 Q&As Dumps, 30%OFF Special Discount: bmzblwH7 )
NEW QUESTION NO: 5
Which of the following will be the MOST effective solution in limiting access based on this requirement?
A. Access control list
B. Firewall policy
C. Air Gap
D. MAC filter
Answer: A
NEW QUESTION NO: 6
Which of the following functions provides an output which cannot be reversed and converts data into a string of characters?
A. Hashing
B. Stream ciphers
C. Steganography
D. Block ciphers
Answer: A
Explanation/Reference:
Explanation:
Hashing refers to the hash algorithms used in cryptography. It is used to store data, such as hash tables one of its characteristics is that it must be one-way - it is not reversible.
NEW QUESTION NO: 7
Which of the following MUST be updated immediately when an employee is terminated to prevent unauthorized access?
A. Registration
B. CA
C. CRL
D. Recovery agent
Answer: C
Explanation/Reference:
Explanation:
Certificates or keys for the terminated employee should be put in the CRL.
A certificate revocation list (CRL) is created and distributed to all CAs to revoke a certificate or key.
By checking the CRL you can check if a particular certificate has been revoked.
NEW QUESTION NO: 8
Joe a company's new security specialist is assigned a role to conduct monthly vulnerability scans across the network. He notices that the scanner is returning a large amount of false positives or failed audits.
Which of the following should Joe recommend to remediate these issues?
A. Ensure the vulnerability scanner is located in a segmented VLAN that has access to the company's servers
B. Ensure the vulnerability scanner is configured to authenticate with a privileged account
C. Ensure the vulnerability scanner is attempting to exploit the weaknesses it discovers
D. Ensure the vulnerability scanner is conducting antivirus scanning
Answer: A
Explanation/Reference:
Explanation:
The vulnerability scanner is returning false positives because it is trying to scan servers that it doesn't have access to; for example, servers on the Internet.
We need to ensure that the local network servers only are scanned. We can do this by locating the vulnerability scanner in a segmented VLAN that has access to the company's servers.
A false positive is an error in some evaluation process in which a condition tested for is mistakenly found to have been detected.
In spam filters, for example, a false positive is a legitimate message mistakenly marked as UBE -- unsolicited bulk email, as junk email is more formally known. Messages that are determined to be spam -- whether correctly or incorrectly -- may be rejected by a server or client-side spam filter and returned to the sender as bounce e-mail.
One problem with many spam filtering tools is that if they are configured stringently enough to be effective, there is a fairly high chance of getting false positives. The risk of accidentally blocking an important message has been enough to deter many companies from implementing any anti-spam measures at all.
False positives are also common in security systems. A host intrusion prevention system (HIPS), for example, looks for anomalies, such as deviations in bandwidth, protocols and ports. When activity varies outside of an acceptable range, for example, a remote application attempting to open a normally closed port -- an intrusion may be in progress. However, an anomaly, such as a sudden spike in bandwidth use, does not guarantee an actual attack, so this approach amounts to an educated guess and the chance for false positives can be high.
False positives contrast with false negatives, which are results indicating mistakenly that some condition tested for is absent.
NEW QUESTION NO: 9
A bank Chief Information Security Officer (CISO) is responsible for a mobile banking platform that operates natively on iOS and Android. Which of the following security controls helps protect the associated publicly accessible API endpoints?
A. Network segmentation
B. Jailbreak detection
C. Mobile device management
D. Application firewalls
Answer: D
NEW QUESTION NO: 10
An investigator recently discovered that an attacker placed a remotely accessible CCTV camera in a public area overlooking several Automatic Teller Machines (ATMs). It is also believed that user accounts belonging to ATM operators may have been compromised. Which of the following attacks has MOST likely taken place?
A. Shoulder surfing
B. Dumpster diving
C. Whaling attack
D. Vishing attack
Answer: A
Explanation/Reference:
Explanation:
The CCTV camera has recorded people entering their PINs in the ATMs. This is known as shoulder surfing.
Shoulder surfing is using direct observation techniques, such as looking over someone's shoulder, to get information. Shoulder surfing is an effective way to get information in crowded places because it's relatively easy to stand next to someone and watch as they fill out a form, enter a PIN number at an ATM machine, or use a calling card at a public pay phone. Shoulder surfing can also be done long distance with the aid of binoculars or other vision-enhancing devices. To prevent shoulder surfing, experts recommend that you shield paperwork or your keypad from view by using your body or cupping your hand.
NEW QUESTION NO: 11
A security administrator wants to deploy security controls to mitigate the threat of company employees' personal information being captured online. Which of the following would BEST serve this purpose?
A. Anti-spyware
B. Antivirus
C. Host-based firewall
D. Web content filter
Answer: A
Explanation/Reference:
Explanation:
Spyware monitors a user's activity and uses network protocols to reports it to a third party without the user's knowledge. This is usually accomplished using a tracking cookie.
NEW QUESTION NO: 12
Which of the following may be used with a BNC connector?
A. 10GBaseT
B. 10Base2
C. 1000BaseSX
D. 100BaseFX
Answer: B
NEW QUESTION NO: 13
A customer has provided an email address and password to a website as part of the login process. Which of the following BEST describes the email address?
A. Identification
B. Authorization
C. Access control
D. Authentication
Answer: A
Explanation/Reference:
Explanation:
Identification is defined as the claiming of an identity and only has to take place once per authentication or access process. A login process typically consists of an identification such as a username or email address and an authentication which proves you are who you say you are.
NEW QUESTION NO: 14
Which of the following BEST represents the goal of a vulnerability assessment?
A. To test how a system reacts to known threats
B. To reduce the likelihood of exploitation
C. To determine the system's security posture
D. To analyze risk mitigation strategies
Answer: C
Explanation/Reference:
Explanation:
A vulnerability scan is the process of scanning the network and/or I.T. infrastructure for threats and vulnerabilities. The threats and vulnerabilities are then evaluated in a risk assessment and the necessary actions taken to resolve and vulnerabilities. A vulnerability scan scans for known weaknesses such as missing patches or security updates.
A vulnerability scan is the automated process of proactively identifying security vulnerabilities of computing systems in a network in order to determine if and where a system can be exploited and/or threatened.
While public servers are important for communication and data transfer over the Internet, they open the door to potential security breaches by threat agents, such as malicious hackers.
Vulnerability scanning employs software that seeks out security flaws based on a database of known flaws, testing systems for the occurrence of these flaws and generating a report of the findings that an individual or an enterprise can use to tighten the network's security.
NEW QUESTION NO: 15
Joe, a company's network engineer, is concerned that protocols operating at the application layer of the OSI model are vulnerable to exploitation on the network. Which of the following protocols should he secure?
A. NetBIOS
B. ICMP
C. SNMP
D. SSL
Answer: C