Today Big Q: sy0 401 practice test?
It is more faster and easier to pass the CompTIA sy0 401 vce exam by using Free CompTIA CompTIA Security+ Certification questuins and answers. Immediate access to the Rebirth sy0 401 pdf Exam and find the same core area comptia security+ sy0 401 questions with professionally verified answers, then PASS your exam with a high score now.
Q341. Matt, an administrator, is concerned about the wireless network being discovered by war driving.
Which of the following can be done to mitigate this?
A. Enforce a policy for all users to authentic through a biometric device.
B. Disable all SSID broadcasting.
C. Ensure all access points are running the latest firmware.
D. Move all access points into public access areas.
B: War driving is the act of using a detection tool to look for wireless networking signals. The setting making a wireless network closed (or at least hidden) is the disabling of service set identifier (SSID) broadcasting. Thus by disabling all SSID broadcasting you can mitigate the risk of war driving.
Q342. Acme Corp has selectively outsourced proprietary business processes to ABC Services. Due to some technical issues, ABC services wants to send some of Acme Corp’s debug data to a third party vendor for problem resolution. Which of the following MUST be considered prior to sending data to a third party?
A. The data should be encrypted prior to transport
B. This would not constitute unauthorized data sharing
C. This may violate data ownership and non-disclosure agreements
D. Acme Corp should send the data to ABC Services’ vendor instead
With sending your data to a third party is already a risk since the third party may have a different policy than yours. Data ownership and non-disclosure is already a risk that you will have to accept since the data will be sent for debugging /troubleshooting purposes which will result in definite disclosure of the data.
Q343. Establishing a method to erase or clear cluster tips is an example of securing which of the following?
A. Data in transit
B. Data at rest
C. Data in use
D. Data in motion
Q344. In intrusion detection system vernacular, which account is responsible for setting the security policy for an organization?
The administrator is the person responsible for setting the security policy for an organization and is responsible for making decisions about the deployment and configuration of the IDS.
Q345. A software development company has hired a programmer to develop a plug-in module to an existing proprietary application. After completing the module, the developer needs to test the entire application to ensure that the module did not introduce new vulnerabilities. Which of the following is the developer performing when testing the application?
A. Black box testing
B. White box testing
C. Gray box testing
D. Design review
In this question, we know the tester has some knowledge of the application because the tester developed a plug-in module for it. However, the tester does not have detailed information about the entire application. Therefore, this is a grey-box test. Gray box testing, also called gray box analysis, is a strategy for software debugging in which the tester has limited knowledge of the internal details of the program. A gray box is a device, program or system whose workings are partially understood. Gray box testing can be contrasted with black box testing, a scenario in which the tester has no knowledge or access to the internal workings of a program, or white box testing, a scenario in which the internal particulars are fully known. Gray box testing is commonly used in penetration tests. Gray box testing is considered to be non-intrusive and unbiased because it does not require that the tester have access to the source code. With respect to internal processes, gray box testing treats a program as a black box that must be analyzed from the outside. During a gray box test, the person may know how the system components interact but not have detailed knowledge about internal program functions and operation. A clear distinction exists between the developer and the tester, thereby minimizing the risk of personnel conflicts.
Topic 4, Application, Data and Host Security
Q346. The IT department has setup a share point site to be used on the intranet. Security has established the groups and permissions on the site. No one may modify the permissions and all requests for access are centrally managed by the security team. This is an example of which of the following control types?
A. Rule based access control
B. Mandatory access control
C. User assigned privilege
D. Discretionary access control
Discretionary access control (DAC) allows access to be granted or restricted by an object’s owner based on user identity and on the discretion of the object owner.
Q347. Which of the following encompasses application patch management?
A. Configuration management
B. Policy management
C. Cross-site request forgery
Patch management is the process of maintaining the latest source code for applications and operating systems by applying the latest vendor updates. This helps protect a systems from newly discovered attacks and vulnerabilities. A part of patch management is testing the effects of vendor updates on a test system first to ensure that the updates do not have detrimental effects on the system and its configuration, and, should the updates have no detrimental effects on the test systems, backing up the production systems before applying the updates on a production system.
Q348. A company hosts its public websites internally. The administrator would like to make some changes to the architecture.
The three goals are:
reduce the number of public IP addresses in use by the web servers
drive all the web traffic through a central point of control
mitigate automated attacks that are based on IP address scanning
Which of the following would meet all three goals?
B. Load balancer
C. URL filter
D. Reverse proxy
Q349. An administrator wants to establish a WiFi network using a high gain directional antenna with a narrow radiation pattern to connect two buildings separated by a very long distance. Which of the following antennas would be BEST for this situation?
A Yagi-Uda antenna, commonly known simply as a Yagi antenna, is a directional antenna consisting of multiple parallel dipole elements in a line, usually made of metal rods. It consists of a single driven element connected to the transmitter or receiver with a transmission line, and additional parasitic elements: a so-called reflector and one or more directors. The reflector element is slightly longer than the driven dipole, whereas the directors are a little shorter. This design achieves a very substantial increase in the antenna's directionality and gain compared to a simple dipole.
Q350. Sara, a security architect, has developed a framework in which several authentication servers work together to increase processing power for an application. Which of the following does this represent?
A. Warm site
B. Load balancing
Anytime you connect multiple computers to work/act together as a single server, it is known as
clustering. Clustered systems utilize parallel processing (improving performance and availability)
and add redundancy.
Server clustering is used to provide failover capabilities / redundancy in addition to scalability as