Surprising sy0 401 vce

It is impossible to pass CompTIA sy0 401 pdf exam without any help in the short term. Come to Actualtests soon and find the most advanced, correct and guaranteed CompTIA comptia security+ study guide sy0 401 practice questions. You will get a surprising result by our Far out CompTIA Security+ Certification practice guides.

Q441. Which of the following is a BEST practice when dealing with user accounts that will only need to be active for a limited time period? 

A. When creating the account, set the account to not remember password history. 

B. When creating the account, set an expiration date on the account. 

C. When creating the account, set a password expiration date on the account. 

D. When creating the account, set the account to have time of day restrictions. 

Answer:

Explanation: 

Disablement is a secure feature to employ on user accounts for temporary workers, interns, or consultants. It automatically disables a user account or causes the account to expire at a specific time and on a specific day. 


Q442. Which of the following application security testing techniques is implemented when an automated system generates random input data? 

A. Fuzzing 

B. XSRF 

C. Hardening 

D. Input validation 

Answer:

Explanation: 

Fuzzing is a software testing technique that involves providing invalid, unexpected, or random data to as inputs to a computer program. The program is then monitored for exceptions such as crashes, or failed validation, or memory leaks. 


Q443. The concept of rendering data passing between two points over an IP based network impervious to all but the most sophisticated advanced persistent threats is BEST categorized as which of the following? 

A. Stream ciphers 

B. Transport encryption 

C. Key escrow 

D. Block ciphers 

Answer:

Explanation: 

Transport encryption is the process of encrypting data ready to be transmitted over an insecure network. A common example of this would be online banking or online purchases where sensitive information such as account numbers or credit card numbers is transmitted. 

Transport Layer Security (TLS) is a protocol that ensures privacy between communicating applications and their users on the Internet. When a server and client communicate, TLS ensures that no third party may eavesdrop or tamper with any message. TLS is the successor to the Secure Sockets Layer (SSL). 


Q444. After recovering from a data breach in which customer data was lost, the legal team meets with the Chief Security Officer (CSO) to discuss ways to better protect the privacy of customer data. 

Which of the following controls support this goal? 

A. Contingency planning 

B. Encryption and stronger access control 

C. Hashing and non-repudiation 

D. Redundancy and fault tolerance 

Answer:

Explanation: 

Encryption is used to protect data/contents/documents. Access control refers to controlling who accesses any data/contents/documents and to exercise authorized control to the accessing of that data. 


Q445. Ann, a newly hired human resource employee, sent out confidential emails with digital signatures, to an unintended group. Which of the following would prevent her from denying accountability? 

A. Email Encryption 

B. Steganography 

C. Non Repudiation 

D. Access Control 

Answer:

Explanation: 

Nonrepudiation prevents one party from denying actions they carried out. 


Q446. Which of the following attacks impact the availability of a system? (Select TWO). 

A. Smurf 

B. Phishing 

C. Spim 

D. DDoS 

E. Spoofing 

Answer: A,D 

Explanation: 


Q447. After entering the following information into a SOHO wireless router, a mobile device’s user reports being unable to connect to the network: 

PERMIT 0A: D1: FA. B1: 03: 37 

DENY 01: 33: 7F: AB: 10: AB 

Which of the following is preventing the device from connecting? 

A. WPA2-PSK requires a supplicant on the mobile device. 

B. Hardware address filtering is blocking the device. 

C. TCP/IP Port filtering has been implemented on the SOHO router. 

D. IP address filtering has disabled the device from connecting. 

Answer:

Explanation: 

MAC filtering allows you to include or exclude computers and devices based on their MAC address. 


Q448. A Chief Information Security Officer (CISO) is tasked with outsourcing the analysis of security logs. These will need to still be reviewed on a regular basis to ensure the security of the company has not been breached. Which of the following cloud service options would support this requirement? 

A. SaaS 

B. MaaS 

C. IaaS 

D. PaaS 

Answer:

Explanation: 

Monitoring-as-a-service (MaaS) is a cloud delivery model that falls under anything as a service (XaaS). MaaS allows for the deployment of monitoring functionalities for several other services and applications within the cloud. 


Q449. In the case of a major outage or business interruption, the security office has documented the expected loss of earnings, potential fines and potential consequence to customer service. Which of the following would include the MOST detail on these objectives? 

A. Business Impact Analysis 

B. IT Contingency Plan 

C. Disaster Recovery Plan 

D. Continuity of Operations 

Answer:

Explanation: 

Business impact analysis (BIA) is the process of evaluating all of the critical systems in an organization to define impact and recovery plans. BIA isn’t concerned with external threats or vulnerabilities; the analysis focuses on the impact a loss would have on the organization. A BIA comprises the following: identifying critical functions, prioritizing critical business functions, calculating a timeframe for critical systems loss, and estimating the tangible impact on the organization. 


Q450. Pete, a security analyst, has been informed that the development team has plans to develop an application which does not meet the company’s password policy. Which of the following should Pete do NEXT? 

A. Contact the Chief Information Officer and ask them to change the company password policy so that the application is made compliant. 

B. Tell the application development manager to code the application to adhere to the company’s password policy. 

C. Ask the application development manager to submit a risk acceptance memo so that the issue can be documented. 

D. Inform the Chief Information Officer of non-adherence to the security policy so that the developers can be reprimanded. 

Answer:

Explanation: 

Since the application is violating the security policy it should be coded differently to comply with the password policy.