Certleader 2018 New SY0-401 Exam Dumps (PDF & VCE) Download: https://www.certleader.com/SY0-401-dumps.html

Proper study guides for Renewal CompTIA CompTIA Security+ Certification certified begins with CompTIA sy0 401 pdf preparation products which designed to deliver the 100% Guarantee security+ sy0 401 questions by making you pass the sy0 401 study guide pdf test at your first time. Try the free comptia security+ sy0 401 pdf demo right now.

P.S. 100% Guarantee SY0-401 testing material are available on Google Drive, GET MORE: https://drive.google.com/open?id=1N2JV2ly-9-PEd0mezD-TcYgNvU4Ui_AY

New CompTIA SY0-401 Exam Dumps Collection (Question 14 - Question 23)

Q1. Protecting the confidentiality of a message is accomplished by encrypting the message with which of the following?

A. Sender's private key

B. Recipient's public key

C. Sender's public key

D. Recipient's private key

Answer: B


To achieve both authentication and confidentiality, the sender should include the recipient's name in the message, sign it using his private key, and then encrypt both the message and the signature using the recipient's public key.

Q2. Users need to exchange a shared secret to begin communicating securely. Which of the following is another name for this symmetric key?

A. Session Key

B. Public Key

C. Private Key

D. Digital Signature

Answer: C


Symmetric algorithms require both ends of an encrypted message to have the same key and processing algorithms. Symmetric algorithms generate a secret key that must be protected. A symmetric key, sometimes referred to as a secret key or private key, is a key that isnu2019t disclosed to people who arenu2019t authorized to use the encryption system.

Q3. A technician wants to verify the authenticity of the system files of a potentially compromised system. Which of the following can the technician use to verify if a system file was compromised? (Select TWO).




D. MD5


Answer: C,D


Hashing is used to prove the integrity of data to prove that it hasnu2019t been modified. Hashing algorithms are used to derive a key mathematically from a message. The most common hashing standards for cryptographic applications are the SHA and MD algorithms.

Q4. After encrypting all laptop hard drives, an executive officeru2019s laptop has trouble booting to the operating system. Now that it is successfully encrypted the helpdesk cannot retrieve the data.

Which of the following can be used to decrypt the information for retrieval?

A. Recovery agent

B. Private key

C. Trust models

D. Public key

Answer: A


To access the data the hard drive need to be decrypted. To decrypt the hard drive you would need the proper private key. The key recovery agent can retrieve the required key. A key recovery agent is an entity that has the ability to recover a key, key components, or plaintext messages as needed.

Q5. When reviewing a digital certificate for accuracy, which of the following would Matt, a security administrator, focus on to determine who affirms the identity of the certificate owner?

A. Trust models



D. Recovery agent

Answer: C


A certificate authority (CA) is an organization that is responsible for issuing, revoking, and distributing certificates. The CA affirms the identity of the certificate owner.

Q6. A supervisor in the human resources department has been given additional job duties in the accounting department. Part of their new duties will be to check the daily balance sheet calculations on spreadsheets that are restricted to the accounting group. In which of the following ways should the account be handled?

A. The supervisor should be allowed to have access to the spreadsheet files, and their membership in the human resources group should be terminated.

B. The supervisor should be removed from the human resources group and added to the accounting group.

C. The supervisor should be added to the accounting group while maintaining their membership in the human resources group.

D. The supervisor should only maintain membership in the human resources group.

Answer: C


You can assign permissions to access resources either to a user or a group. The most efficient way is to assign permissions to a group (group based privileges). By assigning the human resources supervisoru2019s user account to the group means the supervisor will inherit the permissions of that group, and allow him to carry out the new duties. Because the new duties are being added to his normal duties, maintaining membership in the human resources group will allow the supervisor to continue performing his normal duties.

Q7. To ensure compatibility with their flagship product, the security engineer is tasked to recommend an encryption cipher that will be compatible with the majority of third party software and hardware vendors. Which of the following should be recommended?


B. MD5

C. Blowfish


Answer: D


AES (Advanced Encryption Standard) has been adopted by the U.S. government and is now used worldwide. It supersedes the Data Encryption Standard (DES) which was published in 1977. The algorithm described by AES is a symmetric-key algorithm, meaning the same key is used for both encrypting and decrypting the data. AES is used to encrypt data, not to verify data integrity.

Q8. Which of the following is a concern when encrypting wireless data with WEP?

A. WEP displays the plain text entire key when wireless packet captures are reassembled

B. WEP implements weak initialization vectors for key transmission

C. WEP uses a very weak encryption algorithm

D. WEP allows for only four pre-shared keys to be configured

Answer: B


The initialization vector (IV) that WEP uses for encryption is 24-bit, which is quite weak and means that IVs are reused with the same key. By examining the repeating result, it was easy for attackers to crack the WEP secret key. This is known as an IV attack.

Q9. Which of the following allows lower level domains to access resources in a separate Public Key Infrastructure?

A. Trust Model

B. Recovery Agent

C. Public Key

D. Private Key

Answer: A


In a bridge trust model allows lower level domains to access resources in a separate PKI through the root CA.

A trust Model is collection of rules that informs application on how to decide the legitimacy of a Digital Certificate.

In a bridge trust model, a peer-to-peer relationship exists among the root CAs. The root CAs can communicate with one another, allowing cross certification. This arrangement allows a certification process to be established between organizations or departments.

Each intermediate CA trusts only the CAs above and below it, but the CA structure can be expanded without creating additional layers of CAs.

Q10. Users report that they are unable to access network printing services. The security technician checks the router access list and sees that web, email, and secure shell are allowed. Which of the following is blocking network printing?

A. Port security

B. Flood guards

C. Loop protection

D. Implicit deny

Answer: D


Implicit deny says that if you arenu2019t explicitly granted access or privileges for a resource, youu2019re denied access by default. The scenario does not state that network printing is allowed in the router access list, therefore, it must be denied by default.

To know more about the SY0-401 dumps download, click here.

P.S. Easily pass SY0-401 Exam with Dumpscollection 100% Guarantee Dumps & pdf vce, Try Free: http://www.dumpscollection.net/dumps/SY0-401/ (1781 New Questions)