Latest Certified Success Dumps Download

SY0-401 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Passguide CompTIA SY0-401 Dumps with VCE and PDF 771-780

September 20, 2017

2017 Sep CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!

CompTIA Security Certification

Question No: 771 – (Topic 4)

Which of the following has a storage root key?

  1. HSM

  2. EFS

  3. TPM

  4. TKIP

Answer: C Explanation:

Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores cryptographic keys, passwords, or certificates on non-volatile (NV) memory. Data stored on NV memory is retained unaltered when the device has no power. The storage root key is embedded in the TPM to protect TPM keys created by applications, so that these keys cannot be used without the TPM.

Question No: 772 – (Topic 4)

Allowing unauthorized removable devices to connect to computers increases the risk of which of the following?

  1. Data leakage prevention

  2. Data exfiltration

  3. Data classification

  4. Data deduplication

Answer: B

Explanation: Data exfiltration is the unauthorized copying, transfer or retrieval of data from a system.

Question No: 773 – (Topic 4)

Which of the following is a control that allows a mobile application to access and manipulate information which should only be available by another application on the same mobile device (e.g. a music application posting the name of the current song playing on the device on a social media site)?

  1. Co-hosted application

  2. Transitive trust

  3. Mutually exclusive access

  4. Dual authentication

Answer: B Explanation:

Transitive trust is a form of trust that flows from one entity to another so that if A trusts B and B trusts C, A automatically trusts C.

Question No: 774 – (Topic 4)

Which of the following controls can be implemented together to prevent data loss in the event of theft of a mobile device storing sensitive information? (Select TWO).

  1. Full device encryption

  2. Screen locks

  3. GPS

  4. Asset tracking

  5. Inventory control

Answer: A,B Explanation:

A: Device encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should the device be stolen.

B: Screen locks are a security feature that requires the user to enter a PIN or a password after a short period of inactivity before they can access the system again. This feature ensures that if your device is left unattended or is lost or stolen, it will be difficult for anyone else to access your data or applications.

Question No: 775 – (Topic 4)

A security administrator wants to implement a solution which will allow some applications to run under the user#39;s home directory and only have access to files stored within the same user#39;s folder, while other applications have access to shared folders. Which of the following BEST addresses these requirements if the environment is concurrently shared by multiple users?

  1. OS Virtualization

  2. Trusted OS

  3. Process sandboxing

  4. File permission

Answer: C Explanation:

Sandboxing involves running applications in restricted memory areas. It limits the possibility of an application crash, allowing a user to access another application or the data associated with it.

Question No: 776 – (Topic 4)

Which of the following will allow Pete, a security analyst, to trigger a security alert because of a tracking cookie?

  1. Network based firewall

  2. Anti-spam software

  3. Host based firewall

  4. Anti-spyware software

Answer: D Explanation:

Spyware monitors a user’s activity and uses network protocols to reports it to a third party without the user’s knowledge. This is usually accomplished using a tracking cookie.

Question No: 777 – (Topic 4)

Which of the following controls should critical application servers implement to protect themselves from other potentially compromised application services?

  1. NIPS

  2. Content filter

  3. NIDS

  4. Host-based firewalls

Answer: D Explanation:

A host-based firewall is designed to protect the host from network based attack by using filters to limit the network traffic that is allowed to enter or leave the host. The action of a filter is to allow, deny, or log the network packet. Allow enables the packet to continue toward its destination. Deny blocks the packet from going any further and effectively discarding it. Log records information about the packet into a log file. Filters can be based on protocol and ports. By blocking protocols and ports that are not required, other potentially compromised application services would be prevented from being exploited across the network.

Question No: 778 – (Topic 4)

Prior to leaving for an extended vacation, Joe uses his mobile phone to take a picture of his family in the house living room. Joe posts the picture on a popular social media site together with the message: quot;Heading to our two weeks vacation to Italy.quot; Upon returning home, Joe discovers that the house was burglarized. Which of the following is the MOST likely reason the house was burglarized if nobody knew Joe’s home address?

  1. Joe has enabled the device access control feature on his mobile phone.

  2. Joe’s home address can be easily found using the TRACEROUTE command.

  3. The picture uploaded to the social media site was geo-tagged by the mobile phone.

  4. The message posted on the social media site informs everyone the house will be empty.

Answer: C Explanation:

Geo-tagging is the process of embedding the GPS coordinates in image files and images taken using a smartphone or a digital camera. The geotagged information accompanying the image allows anyone to discover the precise location where the image was taken.

Question No: 779 – (Topic 4)

Which of the following is the BEST method for ensuring all files and folders are encrypted on all corporate laptops where the file structures are unknown?

  1. Folder encryption

  2. File encryption

  3. Whole disk encryption

  4. Steganography

Answer: C Explanation:

Full-disk encryption encrypts the data on the hard drive of the device or on a removable drive. This feature ensures that the data on the device or removable drive cannot be accessed in a useable form should it be stolen. Furthermore, full-disk encryption is not dependant on knowledge of the file structure.

Question No: 780 – (Topic 4)

Vendors typically ship software applications with security settings disabled by default to ensure a wide range of interoperability with other applications and devices. A security administrator should perform which of the following before deploying new software?

  1. Application white listing

  2. Network penetration testing

  3. Application hardening

  4. Input fuzzing testing

Answer: C Explanation:

Hardening is the process of securing a system by reducing its surface of vulnerability. Reducing the surface of vulnerability typically includes removing unnecessary functions and features, removing unnecessary usernames or logins and disabling unnecessary services.

100% Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass SY0-401 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE