Certleader 2018 New SY0-401 Exam Dumps (PDF & VCE) Download: https://www.certleader.com/SY0-401-dumps.html

Cause all that matters here is passing the CompTIA sy0 401 pdf exam. Cause all that you need is a high score of comptia security+ sy0 401 pdf CompTIA Security+ Certification exam. The only one thing you need to do is downloading Exambible sy0 401 practice exam exam study guides now. We will not let you down with our money-back guarantee.

P.S. 100% Guarantee SY0-401 bundle are available on Google Drive, GET MORE: https://drive.google.com/open?id=1CtCHpKjwDjtpc6kyJ3kqeuSfo4sAV0NU

New CompTIA SY0-401 Exam Dumps Collection (Question 4 - Question 13)

New Questions 4

Recent data loss on financial servers due to security breaches forced the system administrator to harden their systems. Which of the following algorithms with transport encryption would be implemented to provide the MOST secure web connections to manage and access these servers?





Answer: B


Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols designed to provide communications security over a computer network. Transport Layer Security (TLS) is a security protocol that expands upon SSL. Many industry analysts predict that TLS will replace SSL in the future. TLS 1.0 was first defined in RFC 2246 in January 1999 as an upgrade of SSL Version 3.0. As of February 2015, the latest versions of all major web browsers support TLS 1.0, 1.1, and 1.2, have

them enabled by default.

New Questions 5

Data confidentiality must be enforces on a secure database. Which of the following controls meets this goal? (Select TWO)


B. Lock and key

C. Encryption

D. Non-repudiation

E. Hashing

Answer: C,E

New Questions 6

Which of the following devices is BEST suited for servers that need to store private keys?

A. Hardware security module

B. Hardened network firewall

C. Solid state disk drive

D. Hardened host firewall

Answer: A


A hardware security module (HSM) is a physical computing device that safeguards and

manages digital keys for strong authentication and provides cryptoprocessing.

By adding a HSM to the server and storing the private keys on HSM, the security of the keys would be improved.

New Questions 7

A switch is set up to allow only 2 simultaneous MAC addresses per switch port. An administrator is reviewing a log and determines that a switch ort has been deactivated in a conference room after it detected 3 or more MAC addresses on the same port. Which of the following reasons could have caused this port to be disabled?

A. A pc had a NIC replaced and reconnected to the switch

B. An ip telephone has been plugged in

C. A rouge access point was plugged in

D. An arp attack was launched from a pc on this port

Answer: D

New Questions 8

Which of the following BEST describes part of the PKI process?

A. User1 decrypts data with User2u2019s private key

B. User1 hashes data with User2u2019s public key

C. User1 hashes data with User2u2019s private key

D. User1 encrypts data with User2u2019s public key

Answer: D


In a PKI the sender encrypts the data using the receiver's public key. The receiver decrypts the data using his own private key.

PKI is a two-key, asymmetric system with four main components: certificate authority (CA), registration authority (RA), RSA (the encryption algorithm), and digital certificates. Messages are encrypted with a public key and decrypted with a private key.

A PKI example:

You want to send an encrypted message to Jordan, so you request his public key. Jordan responds by sending you that key.

You use the public key he sends you to encrypt the message. You send the message to him.

Jordan uses his private key to decrypt the message.

New Questions 9

A systems administrator is configuring a new file server and has been instructed to configure writeable to by the department manager, and read only for the individual employee. Which of the following is the name for the access control methodology used?

A. Duty separation

B. Mandatory

C. Least privilege

D. Role-based

Answer: D

New Questions 10

An application developer has coded a new application with a module to examine all user entries for the graphical user interface. The module verifies that user entries match the allowed types for each field and that OS and database commands are rejected before entries are sent for further processing within the application. These are example of:

A. Input validation

B. SQL injection

C. Application whitelisting

D. Error handling

Answer: A

New Questions 11

Which of the following cryptographic algorithms is MOST often used with IPSec?

A. Blowfish

B. Twofish

C. RC4


Answer: D


The HMAC-MD5-96 (also known as HMAC-MD5) encryption technique is used by IPSec to make sure that a message has not been altered.

New Questions 12

An administrator needs to renew a certificate for a web server. Which of the following should be submitted to a CA?


B. Recovery agent

C. Private key


Answer: A


In public key infrastructure (PKI) systems, a certificate signing request (also CSR or certification request) is a message sent from an applicant to a certificate authority in order to apply for a digital identity certificate.

When you renew a certificate you send a CSR to the CA to get the certificate resigned.

New Questions 13

An attacker went to a local bank and collected disposed paper for the purpose of collecting data that could be used to steal funds and information from the banku2019s customers. This is an example of:

A. Impersonation

B. Whaling

C. Dumpster diving

D. Hoaxes

Answer: C

To know more about the SY0-401 dumps download, click here.

P.S. Easily pass SY0-401 Exam with 2passeasy 100% Guarantee Dumps & pdf vce, Try Free: https://www.2passeasy.com/dumps/SY0-401/ (1781 New Questions)