Latest Certified Success Dumps Download

CISCO, MICROSOFT, COMPTIA, HP, IBM, ORACLE, VMWARE
SY0-401 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Passguide CompTIA SY0-401 Dumps with VCE and PDF 561-570

September 20, 2017

EnsurePass
2017 Sep CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/SY0-401.html

CompTIA Security Certification

Question No: 561 – (Topic 3)

At the outside break area, an employee, Ann, asked another employee to let her into the

building because her badge is missing. Which of the following does this describe?

  1. Shoulder surfing

  2. Tailgating

  3. Whaling

  4. Impersonation

Answer: B Explanation:

Although Ann is an employee and therefore authorized to enter the building, she does not have her badge and therefore strictly she should not be allowed to enter the building.

Just as a driver can tailgate another driver’s car by following too closely, in the security sense, tailgating means to compromise physical security by following somebody through a door meant to keep out intruders. Tailgating is actually a form of social engineering, whereby someone who is not authorized to enter a particular area does so by following closely behind someone who is authorized.

Question No: 562 – (Topic 3)

On a train, an individual is watching a proprietary video on Joe#39;s laptop without his knowledge. Which of the following does this describe?

  1. Tailgating

  2. Shoulder surfing

  3. Interference

  4. Illegal downloading

Answer: B Explanation:

Looking at information on a computer screen without the computer user’s knowledge is known as shoulder surfing.

Shoulder surfing is using direct observation techniques, such as looking over someone#39;s shoulder, to get information. Shoulder surfing is an effective way to get information in crowded places because it#39;s relatively easy to stand next to someone and watch as they fill out a form, enter a PIN number at an ATM machine, or use a calling card at a public pay phone. Shoulder surfing can also be done long distance with the aid of binoculars or other vision-enhancing devices. To prevent shoulder surfing, experts recommend that you shield paperwork or your keypad from view by using your body or cupping your hand.

Question No: 563 – (Topic 3)

Which of the following security architecture elements also has sniffer functionality? (Select TWO).

  1. HSM

  2. IPS

  3. SSL accelerator

  4. WAP

  5. IDS

Answer: B,E Explanation:

Sniffer functionality means the ability to capture and analyze the content of data packets as they are transmitted across the network.

IDS and IPS systems perform their functions by capturing and analyzing the content of data packets.

An intrusion detection system (IDS) is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a management station. IDS come in a variety of “flavors” and approach the goal of detecting suspicious traffic in different ways. There are network based (NIDS) and host based (HIDS) intrusion detection systems. Some systems may attempt to stop an intrusion attempt but this is neither required nor expected of a monitoring system. Intrusion detection and prevention systems (IDPS) are primarily focused on identifying possible incidents, logging information about them, and reporting attempts. In addition, organizations use IDPSes for other purposes, such as identifying problems with security policies, documenting existing threats and deterring individuals from violating security policies.

IDPSes have become a necessary addition to the security infrastructure of nearly every organization.

IDPSes typically record information related to observed events, notify security administrators of important observed events and produce reports. Many IDPSes can also respond to a detected threat by attempting to prevent it from succeeding. They use several response techniques, which involve the IDPS stopping the attack itself, changing the security environment (e.g. reconfiguring a firewall) or changing the attack#39;s content.

Question No: 564 – (Topic 3)

Which of the following wireless security measures can an attacker defeat by spoofing certain properties of their network interface card?

  1. WEP

  2. MAC filtering

  3. Disabled SSID broadcast

  4. TKIP

Answer: B Explanation:

MAC filtering is typically used in wireless networks. In computer networking, MAC Filtering (or GUI filtering, or layer 2 address filtering) refers to a security access control method whereby the 48-bit address assigned to each network card is used to determine access to the network.

MAC addresses are uniquely assigned to each card, so using MAC filtering on a network permits and denies network access to specific devices through the use of blacklists and whitelists. While the restriction of network access through the use of lists is straightforward, an individual person is not identified by a MAC address, rather a device only, so an authorized person will need to have a whitelist entry for each device that he or she would use to access the network.

While giving a wireless network some additional protection, MAC filtering can be circumvented by scanning a valid MAC (via airodumping) and then spoofing one#39;s own MAC into a validated one.

Question No: 565 – (Topic 3)

Users at a company report that a popular news website keeps taking them to a web page with derogatory content. This is an example of which of the following?

  1. Evil twin

  2. DNS poisoning

  3. Vishing

  4. Session hijacking

Answer: B Explanation:

DNS spoofing (or DNS cache poisoning) is a computer hacking attack, whereby data is

introduced into a Domain Name System (DNS) resolver#39;s cache, causing the name server to return an incorrect IP address, diverting traffic to the attacker#39;s computer (or any other computer).

A domain name system server translates a human-readable domain name (such as example.com) into a numerical IP address that is used to route communications between nodes. Normally if the server doesn#39;t know a requested translation it will ask another server, and the process continues recursively. To increase performance, a server will typically remember (cache) these translations for a certain amount of time, so that, if it receives another request for the same translation, it can reply without having to ask the other server again.

When a DNS server has received a false translation and caches it for performance optimization, it is considered poisoned, and it supplies the false data to clients. If a DNS server is poisoned, it may return an incorrect IP address, diverting traffic to another computer (in this case, the server hosting the web page with derogatory content).

Question No: 566 – (Topic 3)

Which of the following BEST describes a SQL Injection attack?

  1. The attacker attempts to have the receiving server pass information to a back-end database from which it can compromise the stored information.

  2. The attacker attempts to have the receiving server run a payload using programming commonly found on web servers.

  3. The attacker overwhelms a system or application, causing it to crash and bring the server down to cause an outage.

  4. The attacker overwhelms a system or application, causing it to crash, and then redirects the memory address to read from a location holding the payload.

Answer: A Explanation:

SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker). SQL injection must exploit a security vulnerability in an application#39;s software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.

Question No: 567 – (Topic 3)

After analyzing and correlating activity from multiple sensors, the security administrator has determined that a group of very well organized individuals from an enemy country is responsible for various attempts to breach the company network, through the use of very sophisticated and targeted attacks. Which of the following is this an example of?

  1. Privilege escalation

  2. Advanced persistent threat

  3. Malicious insider threat

  4. Spear phishing

Answer: B Explanation:

Definitions of precisely what an APT is can vary widely, but can best be summarized by their named requirements:

Advanced – Criminal operators behind the threat utilize the full spectrum of computer intrusion technologies and techniques. While individual components of the attack may not be classed as particularly “advanced” (e.g. malware components generated from commonly available DIY construction kits, or the use of easily procured exploit materials), their operators can typically access and develop more advanced tools as required. They combine multiple attack methodologies and tools in order to reach and compromise their target.

Persistent – Criminal operators give priority to a specific task, rather than opportunistically seeking immediate financial gain. This distinction implies that the attackers are guided by external entities. The attack is conducted through continuous monitoring and interaction in order to achieve the defined objectives. It does not mean a barrage of constant attacks and malware updates. In fact, a “low-and-slow” approach is usually more successful.

Threat – means that there is a level of coordinated human involvement in the attack, rather than a mindless and automated piece of code. The criminal operators have a specific objective and are skilled, motivated, organized and well funded.

Question No: 568 – (Topic 3)

Which of the following will help prevent smurf attacks?

  1. Allowing necessary UDP packets in and out of the network

  2. Disabling directed broadcast on border routers

  3. Disabling unused services on the gateway firewall

  4. Flash the BIOS with the latest firmware

Answer: B Explanation:

A smurf attack involves sending PING requests to a broadcast address. Therefore, we can prevent smurf attacks by blocking broadcast packets on our external routers.

A smurf attack is a type of network security breach in which a network connected to the Internet is swamped with replies to ICMP echo (PING) requests. A smurf attacker sends PING requests to an Internet broadcast address. These are special addresses that broadcast all received messages to the hosts connected to the subnet. Each broadcast address can support up to 255 hosts, so a single PING request can be multiplied 255 times. The return address of the request itself is spoofed to be the address of the attacker#39;s victim. All the hosts receiving the PING request reply to this victim#39;s address instead of the real sender#39;s address. A single attacker sending hundreds or thousands of these PING messages per second can fill the victim#39;s T-1 (or even T-3) line with ping replies, bring the entire Internet service to its knees.

Smurfing falls under the general category of Denial of Service attacks – security attacks that don#39;t try to steal information, but instead attempt to disable a computer or network.

Question No: 569 – (Topic 3)

The system administrator has been notified that many users are having difficulty connecting to the company’s wireless network. They take a new laptop and physically go to the access point and connect with no problems. Which of the following would be the MOST likely cause?

  1. The certificate used to authenticate users has been compromised and revoked.

  2. Multiple war drivers in the parking lot have exhausted all available IPs from the pool to deny access.

  3. An attacker has gained access to the access point and has changed the encryption keys.

  4. An unauthorized access point has been configured to operate on the same channel.

Answer: D Explanation:

Wireless Access Points can be configured to use a channel. If you have multiple access

points within range of each other, you should configure the access points to use different channels. Different channels use different frequencies. If you have two access points using the same channel, their Wi-Fi signals will interfere with each other.

The question states that that many users are having difficulty connecting to the company’s wireless network. This is probably due to the signal being weakened by interference from another access point using the same channel. When the administrator takes a new laptop and physically goes to the access point and connects with no problems, he is able to connect because he is near the access point and therefore has a strong signal.

Question No: 570 – (Topic 3)

An investigator recently discovered that an attacker placed a remotely accessible CCTV camera in a public area overlooking several Automatic Teller Machines (ATMs). It is also believed that user accounts belonging to ATM operators may have been compromised. Which of the following attacks has MOST likely taken place?

  1. Shoulder surfing

  2. Dumpster diving

  3. Whaling attack

  4. Vishing attack

Answer: A Explanation:

The CCTV camera has recorded people entering their PINs in the ATMs. This is known as shoulder surfing.

Shoulder surfing is using direct observation techniques, such as looking over someone#39;s shoulder, to get information. Shoulder surfing is an effective way to get information in crowded places because it#39;s relatively easy to stand next to someone and watch as they fill out a form, enter a PIN number at an ATM machine, or use a calling card at a public pay phone. Shoulder surfing can also be done long distance with the aid of binoculars or other vision-enhancing devices. To prevent shoulder surfing, experts recommend that you shield paperwork or your keypad from view by using your body or cupping your hand.

100% Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass SY0-401 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE