Free VCE and PDF Exam Dumps from PassLeader
Vendor: CompTIA Exam Code: SY0-401 Exam Name: CompTIA Security+ Certification Exam Question 901 – The End Visit PassLeader and Download Full Version SY0-401 Exam Dumps QUESTION 901 Which of the following access controls enforces permissions based on data labeling at specific levels? A. B. C. D.
Mandatory access control Separation of duties access control Discretionary access control Role based access control
Answer: A Explanation: In a MAC environment everything is assigned a classification marker. Subjects are assigned a clearance level and objects are assigned a sensitivity label. QUESTION 902 Joe Has read and write access to his own home directory. Joe and Ann are collaborating on a project, and Joe would like to give Ann write access to one particular file in this home directory. Which of the following types of access control would this reflect? A. B. C. D.
Role-based access control Rule-based access control Mandatory access control Discretionary access control
Answer: D Explanation: Discretionary access control (DAC) allows access to be granted or restricted by an object's owner based on user identity and on the discretion of the object owner. QUESTION 903 The IT department has setup a share point site to be used on the intranet. Security has established the groups and permissions on the site. No one may modify the permissions and all requests for access are centrally managed by the security team. SY0-401 Exam Dumps
SY0-401 Exam Questions SY0-401 VCE Dumps SY0-401 PDF Dumps http://www.passleader.com/sy0-401.html
Free VCE and PDF Exam Dumps from PassLeader This is an example of which of the following control types? A. B. C. D.
Rule based access control Mandatory access control User assigned privilege Discretionary access control
Answer: D Explanation: Discretionary access control (DAC) allows access to be granted or restricted by an object's owner based on user identity and on the discretion of the object owner. QUESTION 904 During the analysis of a PCAP file, a security analyst noticed several communications with a remote server on port 53. Which of the following protocol types is observed in this traffic? A. B. C. D.
FTP DNS Email NetBIOS
Answer: B Explanation: DNS (Domain Name System) uses port 53. QUESTION 905 A security technician needs to open ports on a firewall to allow for domain name resolution. Which of the following ports should be opened? (Select TWO). A. B. C. D. E.
TCP 21 TCP 23 TCP 53 UDP 23 UDP 53
Answer: CE Explanation: DNS uses TCP and UDP port 53. TCP port 53 is used for zone transfers, whereas UDP port 53 is used for queries. QUESTION 906 A technician has just installed a new firewall onto the network. Users are reporting that they cannot reach any website. Upon further investigation, the technician determines that websites can be reached by entering their IP addresses. Which of the following ports may have been closed to cause this issue? A. B. C. D.
HTTP DHCP DNS NetBIOS
Answer: C SY0-401 Exam Dumps
SY0-401 Exam Questions SY0-401 VCE Dumps SY0-401 PDF Dumps http://www.passleader.com/sy0-401.html
Free VCE and PDF Exam Dumps from PassLeader Explanation: DNS links IP addresses and human-friendly fully qualified domain names (FQDNs), which are made up of the Top-level domain (TLD), the registered domain name, and the Subdomain or hostname. Therefore, if the DNS ports are blocked websites will not be reachable. QUESTION 907 Which of the following ports would be blocked if Pete, a security administrator, wants to deny access to websites? A. B. C. D.
21 25 80 3389
Answer: C Explanation: Port 80 is used by HTTP, which is the foundation of data communication for the World Wide Web. QUESTION 908 A technician is unable to manage a remote server. Which of the following ports should be opened on the firewall for remote server management? (Select TWO). A. B. C. D. E. F.
22 135 137 143 443 3389
Answer: AF Explanation: A secure remote administration solution and Remote Desktop protocol is required. Secure Shell (SSH) is a secure remote administration solution and makes use of TCP port 22. Remote Desktop Protocol (RDP) uses TCP port 3389. QUESTION 909 Ann, a technician, is attempting to establish a remote terminal session to an end user's computer using Kerberos authentication, but she cannot connect to the destination machine. Which of the following default ports should Ann ensure is open? A. B. C. D.
22 139 443 3389
Answer: D Explanation: Remote Desktop Protocol (RDP) uses TCP port 3389. QUESTION 910 Which of the following protocols operates at the HIGHEST level of the OSI model? SY0-401 Exam Dumps
SY0-401 Exam Questions SY0-401 VCE Dumps SY0-401 PDF Dumps http://www.passleader.com/sy0-401.html
Free VCE and PDF Exam Dumps from PassLeader A. B. C. D.
ICMP IPSec SCP TCP
Answer: C Explanation: SCP (Secure Copy) uses SSH (Secure Shell). SSH runs in the application layer (layer 7) of the OSI model. QUESTION 911 Which of the following allows Pete, a security technician, to provide the MOST secure wireless implementation? A. B. C. D.
Implement WPA Disable SSID Adjust antenna placement Implement WEP
Answer: A Explanation: Of the options supplied, WiFi Protected Access (WPA) is the most secure and is the replacement for WEP. QUESTION 912 A malicious user is sniffing a busy encrypted wireless network waiting for an authorized client to connect to it. Only after an authorized client has connected and the hacker was able to capture the client handshake with the AP can the hacker begin a brute force attack to discover the encryption key. Which of the following attacks is taking place? A. B. C. D.
IV attack WEP cracking WPA cracking Rogue AP
Answer: C Explanation: There are three steps to penetrating a WPA-protected network. Sniffing Parsing Attacking QUESTION 913 Which of the following is a step in deploying a WPA2-Enterprise wireless network? A. B. C. D.
Install a token on the authentication server Install a DHCP server on the authentication server Install an encryption key on the authentication server Install a digital certificate on the authentication server
Answer: D Explanation: SY0-401 Exam Dumps
SY0-401 Exam Questions SY0-401 VCE Dumps SY0-401 PDF Dumps http://www.passleader.com/sy0-401.html
Free VCE and PDF Exam Dumps from PassLeader When setting up a wireless network, you'll find two very different modes of Wi-Fi Protected Access (WPA) security, which apply to both the WPA and WPA2 versions. The easiest to setup is the Personal mode, technically called the Pre-Shared Key (PSK) mode. It doesn't require anything beyond the wireless router or access points (APs) and uses a single passphrase or password for all users/devices. The other is the Enterprise mode --which should be used by businesses and organizations—and is also known as the RADIUS, 802.1X, 802.11i, or EAP mode. It provides better security and key management, and supports other enterprise-type functionality, such as VLANs and NAP. However, it requires an external authentication server, called a Remote Authentication Dial In User Service (RADIUS) server to handle the 802.1X authentication of users. To help you better understand the process of setting up WPA/WPA2-Enterprise and 802.1X, here's the basic overall steps: Choose, install, and configure a RADIUS server, or use a hosted service. Create a certificate authority (CA), so you can issue and install a digital certificate onto the RADIUS server, which may be done as a part of the RADIUS server installation and configuration. Alternatively, you could purchase a digital certificate from a public CA, such as GoDaddy or Verisign, so you don't have to install the server certificate on all the clients. If using EAP-TLS, you'd also create digital certificates for each end-user. On the server, populate the RADIUS client database with the IP address and shared secret for each AP. On the server, populate user data with usernames and passwords for each end-user. On each AP, configure the security for WPA/WPA2-Enterprise and input the RADIUS server IP address and the shared secret you created for that particular AP. On each Wi-Fi computer and device, configure the security for WPA/WPA2-Enterprise and set the 802.1X authentication settings. QUESTION 914 A security administrator must implement a wireless security system, which will require users to enter a 30 character ASCII password on their accounts. Additionally the system must support 3DS wireless encryption. Which of the following should be implemented? A. B. C. D.
WPA2-CCMP with 802.1X WPA2-PSK WPA2-CCMP WPA2-Enterprise
Answer: D Explanation: D: WPA-Enterprise is also referred to as WPA-802.1X mode, and sometimes just WPA (as opposed to WPA-PSK), this is designed for enterprise networks and requires a RADIUS authentication server. This requires a more complicated setup, but provides additional security (e.g. protection against dictionary attacks on short passwords). Various kinds of the Extensible Authentication Protocol (EAP) are used for authentication. RADIUS can be managed centrally, and the servers that allow access to a network can verify with a RADIUS server whether an incoming caller is authorized. Thus the RADIUS server can perform all authentications. This will require users to use their passwords on their user accounts. QUESTION 915 Configuring key/value pairs on a RADIUS server is associated with deploying which of the following? A. B. C. D.
WPA2-Enterprise wireless network DNS secondary zones Digital certificates Intrusion detection system
SY0-401 Exam Dumps
SY0-401 Exam Questions SY0-401 VCE Dumps SY0-401 PDF Dumps http://www.passleader.com/sy0-401.html
Free VCE and PDF Exam Dumps from PassLeader Answer: A Explanation: WPA2-Enterprise is designed for enterprise networks and requires a RADIUS authentication server. QUESTION 916 A security administrator must implement a network authentication solution which will ensure encryption of user credentials when users enter their username and password to authenticate to the network. Which of the following should the administrator implement? A. B. C. D.
WPA2 over EAP-TTLS WPA-PSK WPA2 with WPS WEP over EAP-PEAP
Answer: D Explanation: D: Wired Equivalent Privacy (WEP) is designed to provide security equivalent to that of a wired network. WEP has vulnerabilities and isn't considered highly secure. Extensible Authentication Protocol (EAP) provides a framework for authentication that is often used with wireless networks. Among the five EAP types adopted by the WPA/ WPA2 standard are EAP-TLS, EAP-PSK, EAPMD5, as well as LEAP and PEAP. PEAP is similar in design to EAP-TTLS, requiring only a server-side PKI certificate to create a secure TLS tunnel to protect user authentication, and uses server-side public key certificates to authenticate the server. It then creates an encrypted TLS tunnel between the client and the authentication server. In most configurations, the keys for this encryption are transported using the server's public key. The ensuing exchange of authentication information inside the tunnel to authenticate the client is then encrypted and user credentials are safe from eavesdropping. QUESTION 917 The security team would like to gather intelligence about the types of attacks being launched against the organization. Which of the following would provide them with the MOST information? A. B. C. D.
Implement a honeynet Perform a penetration test Examine firewall logs Deploy an IDS
Answer: A Explanation: A honeynet is a network set up with intentional vulnerabilities; its purpose is to invite attack, so that an attacker's activities and methods can be studied and that information used to increase network security. A honeynet contains one or more honey pots, which are computer systems on the Internet expressly set up to attract and "trap" people who attempt to penetrate other people's computer systems. Although the primary purpose of a honeynet is to gather information about attackers' methods and motives, the decoy network can benefit its operator in other ways, for example by diverting attackers from a real network and its resources. The Honeynet Project, a non-profit research organization dedicated to computer security and information sharing, actively promotes the deployment of honeynets. In addition to the honey pots, a honeynet usually has real applications and services so that it seems like a normal network and a worthwhile target. However, because the honeynet doesn't actually serve any authorized users, any attempt to contact the network from without is likely an illicit attempt SY0-401 Exam Dumps
SY0-401 Exam Questions SY0-401 VCE Dumps SY0-401 PDF Dumps http://www.passleader.com/sy0-401.html
Free VCE and PDF Exam Dumps from PassLeader to breach its security, and any outbound activity is likely evidence that a system has been compromised. For this reason, the suspect information is much more apparent than it would be in an actual network, where it would have to be found amidst all the legitimate network data. Applications within a honeynet are often given names such as "Finances" or "Human Services" to make them sound appealing to the attacker. A virtual honeynet is one that, while appearing to be an entire network, resides on a single server. QUESTION 918 Jane, a security analyst, is reviewing logs from hosts across the Internet which her company uses to gather data on new malware. Which of the following is being implemented by Jane's company? A. B. C. D.
Vulnerability scanner Honeynet Protocol analyzer Port scanner
Answer: B Explanation: The Internet hosts used to gather data on new malware are known as honeypots. A collection of honeypots is known as a honeynet. A honeynet is a network set up with intentional vulnerabilities; its purpose is to invite attack, so that an attacker's activities and methods can be studied and that information used to increase network security. A honeynet contains one or more honey pots, which are computer systems on the Internet expressly set up to attract and "trap" people who attempt to penetrate other people's computer systems. Although the primary purpose of a honeynet is to gather information about attackers' methods and motives, the decoy network can benefit its operator in other ways, for example by diverting attackers from a real network and its resources. The Honeynet Project, a non-profit research organization dedicated to computer security and information sharing, actively promotes the deployment of honeynets. In addition to the honey pots, a honeynet usually has real applications and services so that it seems like a normal network and a worthwhile target. However, because the honeynet doesn't actually serve any authorized users, any attempt to contact the network from without is likely an illicit attempt to breach its security, and any outbound activity is likely evidence that a system has been compromised. For this reason, the suspect information is much more apparent than it would be in an actual network, where it would have to be found amidst all the legitimate network data. Applications within a honeynet are often given names such as "Finances" or "Human Services" to make them sound appealing to the attacker. A virtual honeynet is one that, while appearing to be an entire network, resides on a single server. QUESTION 919 A security administrator wants to get a real time look at what attackers are doing in the wild, hoping to lower the risk of zero-day attacks. Which of the following should be used to accomplish this goal? A. B. C. D.
Penetration testing Honeynets Vulnerability scanning Baseline reporting
Answer: B Explanation: A honeynet is a network set up with intentional vulnerabilities; its purpose is to invite attack, so that an attacker's activities and methods can be studied and that information used to increase network security. A honeynet contains one or more honey pots, which are computer systems on the Internet SY0-401 Exam Dumps
SY0-401 Exam Questions SY0-401 VCE Dumps SY0-401 PDF Dumps http://www.passleader.com/sy0-401.html
Free VCE and PDF Exam Dumps from PassLeader expressly set up to attract and "trap" people who attempt to penetrate other people's computer systems. Although the primary purpose of a honeynet is to gather information about attackers' methods and motives, the decoy network can benefit its operator in other ways, for example by diverting attackers from a real network and its resources. The Honeynet Project, a non-profit research organization dedicated to computer security and information sharing, actively promotes the deployment of honeynets. In addition to the honey pots, a honeynet usually has real applications and services so that it seems like a normal network and a worthwhile target. However, because the honeynet doesn't actually serve any authorized users, any attempt to contact the network from without is likely an illicit attempt to breach its security, and any outbound activity is likely evidence that a system has been compromised. For this reason, the suspect information is much more apparent than it would be in an actual network, where it would have to be found amidst all the legitimate network data. Applications within a honeynet are often given names such as "Finances" or "Human Services" to make them sound appealing to the attacker. A virtual honeynet is one that, while appearing to be an entire network, resides on a single server. QUESTION 920 During a security assessment, an administrator wishes to see which services are running on a remote server. Which of the following should the administrator use? A. B. C. D.
Port scanner Network sniffer Protocol analyzer Process list
Answer: ‌‌
Visit PassLeader and Download Full Version SY0-401 Exam Dumps
SY0-401 Exam Dumps
SY0-401 Exam Questions SY0-401 VCE Dumps SY0-401 PDF Dumps http://www.passleader.com/sy0-401.html