Want to Pass SY0-401 Exam In Next HOURS? Get it now →
May 17, 2017

Questions Ask for sy0 401 practice test

It is impossible to pass CompTIA sy0 401 practice test exam without any help in the short term. Come to Actualtests soon and find the most advanced, correct and guaranteed CompTIA sy0 401 study guide pdf practice questions. You will get a surprising result by our Improve CompTIA Security+ Certification practice guides.

Q21. Which of the following is an example of a false negative? 

A. The IDS does not identify a buffer overflow. 

B. Anti-virus identifies a benign application as malware. 

C. Anti-virus protection interferes with the normal operation of an application. 

D. A user account is locked out after the user mistypes the password too many times. 

Answer:

Explanation: 

With a false negative, you are not alerted to a situation when you should be alerted. 


Q22. During a disaster recovery planning session, a security administrator has been tasked with determining which threats and vulnerabilities pose a risk to the organization. Which of the following should the administrator rate as having the HIGHEST frequency of risk to the organization? 

A. Hostile takeovers 

B. Large scale natural disasters 

C. Malware and viruses 

D. Corporate espionage 

Answer:

Explanation: 


Q23. An application developer has tested some of the known exploits within a new application. Which of the following should the administrator utilize to test for unidentified faults or memory leaks? 

A. XSRF Attacks 

B. Fuzzing 

C. Input Validations 

D. SQL Injections 

Answer:

Explanation: 


Q24. A security technician needs to open ports on a firewall to allow for domain name resolution. 

Which of the following ports should be opened? (Select TWO). 

A. TCP 21 

B. TCP 23 

C. TCP 53 

D. UDP 23 

E. UDP 53 

Answer: C,E 

Explanation: 

DNS uses TCP and UDP port 53. TCP port 53 is used for zone transfers, whereas UDP port 53 is used for queries. 


Q25. Which of the following describes purposefully injecting extra input during testing, possibly causing an application to crash? 

A. Input validation 

B. Exception handling 

C. Application hardening 

D. Fuzzing 

Answer:

Explanation: 

Fuzzing is a software testing technique that involves providing invalid, unexpected, or random data to as inputs to a computer program. The program is then monitored for exceptions such as crashes, or failed validation, or memory leaks. 


Q26. An auditor is given access to a conference room to conduct an analysis. When they connect their laptop’s Ethernet cable into the wall jack, they are not able to get a connection to the Internet but have a link light. Which of the following is MOST likely causing this issue? 

A. Ethernet cable is damaged 

B. The host firewall is set to disallow outbound connections 

C. Network Access Control 

D. The switch port is administratively shutdown 

Answer:

Explanation: 

Network Access Control (NAC) means controlling access to an environment through strict adherence to and implementation of security policies. The goals of NAC are to prevent/reduce zero-day attacks, enforce security policy throughout the network, and use identities to perform access control. 


Q27. An attacker attempted to compromise a web form by inserting the following input into the username field: admin)(|(password=*)) 

Which of the following types of attacks was attempted? 

A. SQL injection 

B. Cross-site scripting 

C. Command injection 

D. LDAP injection 

Answer:

Explanation: 

LDAP Injection is an attack used to exploit web based applications that construct LDAP statements based on user input. When an application fails to properly sanitize user input, it’s possible to modify LDAP statements using a local proxy. This could result in the execution of arbitrary commands such as granting permissions to unauthorized queries, and content modification inside the LDAP tree. The same advanced exploitation techniques available in SQL Injection can be similarly applied in LDAP Injection. In a page with a user search form, the following code is responsible to catch input value and generate a LDAP query that will be used in LDAP database. <input type="text" size=20 name="userName">Insert the username</input> The LDAP query is narrowed down for performance and the underlying code for this function might be the following: String ldapSearchQuery = "(cn=" + $userName + ")"; System.out.println(ldapSearchQuery); 

If the variable $userName is not validated, it could be possible accomplish LDAP injection, as follows: If a user puts “*” on box search, the system may return all the usernames on the LDAP base If a user puts “jonys) (| (password = * ) )”, it will generate the code bellow revealing jonys’ password ( cn = jonys ) ( | (password = * ) ) 


Q28. Which of the following is BEST used to capture and analyze network traffic between hosts on the same network segment? 

A. Protocol analyzer 

B. Router 

C. Firewall 

D. HIPS 

Answer:

Explanation: 


Q29. A business has set up a Customer Service kiosk within a shopping mall. The location will be staffed by an employee using a laptop during the mall business hours, but there are still concerns regarding the physical safety of the equipment while it is not in use. Which of the following controls would BEST address this security concern? 

A. Host-based firewall 

B. Cable locks 

C. Locking cabinets 

D. Surveillance video 

Answer:

Explanation: 


Q30. A security technician has been asked to recommend an authentication mechanism that will allow users to authenticate using a password that will only be valid for a predefined time interval. Which of the following should the security technician recommend? 

A. CHAP 

B. TOTP 

C. HOTP 

D. PAP 

Answer:

Explanation: Time-based one-time password (TOTP) tokens are devices or applications that generate passwords at fixed time intervals. Therefore, the password will only be valid for a predefined time interval. 



see more http://www.ubraindumps.com/SY0-401-dumps/