Latest Certified Success Dumps Download

CISCO, MICROSOFT, COMPTIA, HP, IBM, ORACLE, VMWARE
SY0-401 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Passguide CompTIA SY0-401 Dumps with VCE and PDF 1031-1040

September 20, 2017

EnsurePass
2017 Sep CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/SY0-401.html

CompTIA Security Certification

Question No: 1031 – (Topic 6)

Which of the following is true about the CRL?

  1. It should be kept public

  2. It signs other keys

  3. It must be kept secret

  4. It must be encrypted

Answer: A Explanation:

The CRL must be public so that it can be known which keys and certificates have been revoked.

In the operation of some cryptosystems, usually public key infrastructures (PKIs), a certificate revocation list (CRL) is a list of certificates (or more specifically, a list of serial numbers for certificates) that have been revoked, and therefore, entities presenting those (revoked) certificates should no longer be trusted.

Question No: 1032 – (Topic 6)

Which of the following types of cryptography should be used when minimal overhead is necessary for a mobile device?

  1. Block cipher

  2. Elliptical curve cryptography

  3. Diffie-Hellman algorithm

  4. Stream cipher

Answer: B Explanation:

Regarding the performance of ECC applications on various mobile devices, ECC is the most suitable PKC (Public-key cryptography) scheme for use in a constrained environment. Note: Elliptic curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. One of the main benefits in comparison with non-ECC cryptography (with plain Galois fields as a basis) is the same level of security provided by keys of smaller size. Using smaller key size would be faster.

Question No: 1033 – (Topic 6)

Which of the following cryptographic algorithms is MOST often used with IPSec?

  1. Blowfish

  2. Twofish

  3. RC4

  4. HMAC

Answer: D Explanation:

The HMAC-MD5-96 (also known as HMAC-MD5) encryption technique is used by IPSec to make sure that a message has not been altered.

Question No: 1034 – (Topic 6)

When using PGP, which of the following should the end user protect from compromise? (Select TWO).

  1. Private key

  2. CRL details

  3. Public key

  4. Key password

  5. Key escrow

  6. Recovery agent

Answer: A,D Explanation:

A: In PGP only the private key belonging to the receiver can decrypt the session key. PGP combines symmetric-key encryption and public-key encryption. The message is encrypted using a symmetric encryption algorithm, which requires a symmetric key. Each symmetric key is used only once and is also called a session key.

D: PGP uses a passphrase to encrypt your private key on your machine. Your private key is encrypted on your disk using a hash of your passphrase as the secret key. You use the passphrase to decrypt and use your private key.

Question No: 1035 – (Topic 6)

Matt, a security analyst, needs to select an asymmetric encryption method that allows for the same level of encryption strength with a lower key length than is typically necessary. Which of the following encryption methods offers this capability?

  1. Twofish

  2. Diffie-Hellman

  3. ECC

  4. RSA

Answer: C Explanation:

Elliptic curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. One of the main benefits in comparison with non-ECC cryptography (with plain Galois fields as a basis) is the same level of security provided by keys of smaller size.

Question No: 1036 – (Topic 6)

Public key certificates and keys that are compromised or were issued fraudulently are listed on which of the following?

  1. PKI

  2. ACL

  3. CA

  4. CRL

Answer: D Explanation:

A CRL is a locally stored record containing revoked certificates and revoked keys.

Question No: 1037 – (Topic 6)

Which of the following protocols uses an asymmetric key to open a session and then establishes a symmetric key for the remainder of the session?

  1. SFTP

  2. HTTPS

  3. TFTP

  4. TLS

Answer: D Explanation:

SSL establishes a session using asymmetric encryption and maintains the session using symmetric encryption.

Question No: 1038 – (Topic 6)

Which of the following transportation encryption protocols should be used to ensure maximum security between a web browser and a web server?

  1. SSLv2

  2. SSHv1

  3. RSA

  4. TLS

Answer: D Explanation:

HTTP Secure HTTP Secure (HTTPS) is the protocol used for “secure” web pages that

users should see when they must enter personal information such as credit card numbers, passwords, and other identifiers. It combines HTTP with SSL/TLS to provide encrypted communication.

Transport Layer Security (TLS) is a security protocol that expands upon SSL. Many industry analysts predict that TLS will replace SSL, and it is also referred to as SSL 3.1.

Question No: 1039 – (Topic 6)

Protecting the confidentiality of a message is accomplished by encrypting the message with which of the following?

  1. Sender#39;s private key

  2. Recipient#39;s public key

  3. Sender#39;s public key

  4. Recipient#39;s private key

Answer: B Explanation:

To achieve both authentication and confidentiality, the sender should include the recipient#39;s name in the message, sign it using his private key, and then encrypt both the message and the signature using the recipient#39;s public key.

Question No: 1040 – (Topic 6)

When reviewing a digital certificate for accuracy, which of the following would Matt, a security administrator, focus on to determine who affirms the identity of the certificate owner?

  1. Trust models

  2. CRL

  3. CA

  4. Recovery agent

Answer: C Explanation:

A certificate authority (CA) is an organization that is responsible for issuing, revoking, and

distributing certificates. The CA affirms the identity of the certificate owner.

100% Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass SY0-401 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE