Latest Certified Success Dumps Download

CISCO, MICROSOFT, COMPTIA, HP, IBM, ORACLE, VMWARE
SY0-401 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Passguide CompTIA SY0-401 Dumps with VCE and PDF 791-800

September 20, 2017

EnsurePass
2017 Sep CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/SY0-401.html

CompTIA Security Certification

Question No: 791 – (Topic 4)

Which of the following describes purposefully injecting extra input during testing, possibly causing an application to crash?

  1. Input validation

  2. Exception handling

  3. Application hardening

  4. Fuzzing

Answer: D

Explanation:

Fuzzing is a software testing technique that involves providing invalid, unexpected, or random data to as inputs to a computer program. The program is then monitored for exceptions such as crashes, or failed validation, or memory leaks.

Question No: 792 – (Topic 4)

Which of the following security concepts identifies input variables which are then used to perform boundary testing?

  1. Application baseline

  2. Application hardening

  3. Secure coding

  4. Fuzzing

Answer: D Explanation:

Fuzzing is a software testing technique that involves providing invalid, unexpected, or random data to as inputs to a computer program. The program is then monitored for exceptions such as crashes, or failed validation, or memory leaks.

Question No: 793 – (Topic 4)

Which of the following is a hardware based encryption device?

  1. EFS

  2. TrueCrypt

  3. TPM

  4. SLE

Answer: C Explanation:

Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores cryptographic keys, passwords, or certificates.

Question No: 794 – (Topic 4)

A program displays:

ERROR: this program has caught an exception and will now terminate.

Which of the following is MOST likely accomplished by the program’s behavior?

  1. Operating system’s integrity is maintained

  2. Program’s availability is maintained

  3. Operating system’s scalability is maintained

  4. User’s confidentiality is maintained

Answer: A Explanation:

The purpose of error handling is to maintain the security and integrity of the system. Integrity is compromised when unauthorized modification occurs.

Question No: 795 – (Topic 4)

Which of the following should Matt, a security administrator, include when encrypting smartphones? (Select TWO).

  1. Steganography images

  2. Internal memory

  3. Master boot records

  4. Removable memory cards

  5. Public keys

Answer: B,D Explanation:

All useable data on the device should be encrypted. This data can be located on the hard drive, or removable drives, such as USB devices and memory cards, and on internal memory.

Question No: 796 – (Topic 4)

The systems administrator wishes to implement a hardware-based encryption method that could also be used to sign code. They can achieve this by:

  1. Utilizing the already present TPM.

  2. Configuring secure application sandboxes.

  3. Enforcing whole disk encryption.

  4. Moving data and applications into the cloud.

Answer: A Explanation:

Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores cryptographic keys, passwords, or certificates.

Question No: 797 – (Topic 4)

Which of the following devices will help prevent a laptop from being removed from a certain location?

  1. Device encryption

  2. Cable locks

  3. GPS tracking

  4. Remote data wipes

Answer: B Explanation:

Cable locks are theft deterrent devices that can be used to tether a device to a fixed point keep smaller devices from being easy to steal.

Question No: 798 – (Topic 4)

The information security technician wants to ensure security controls are deployed and functioning as intended to be able to maintain an appropriate security posture. Which of the following security techniques is MOST appropriate to do this?

  1. Log audits

  2. System hardening

  3. Use IPS/IDS

  4. Continuous security monitoring

Answer: D Explanation:

A security baseline is the security setting of a system that is known to be secure. This is the initial security setting of a system. Once the baseline has been applied, it must be maintained or improved. Maintaining the security baseline requires continuous monitoring.

Question No: 799 – (Topic 4)

Which of the following BEST explains the use of an HSM within the company servers?

  1. Thumb drives present a significant threat which is mitigated by HSM.

  2. Software encryption can perform multiple functions required by HSM.

  3. Data loss by removable media can be prevented with DLP.

  4. Hardware encryption is faster than software encryption.

Answer: D Explanation:

Hardware Security Module (HSM) is a cryptoprocessor that can be used to enhance security. It provides a fast solution for the for large asymmetrical encryption calculations and is much faster than software-based cryptographic solutions.

Question No: 800 – (Topic 4)

Which of the following is an advantage of implementing individual file encryption on a hard drive which already deploys full disk encryption?

  1. Reduces processing overhead required to access the encrypted files

  2. Double encryption causes the individually encrypted files to partially lose their properties

  3. Individually encrypted files will remain encrypted when copied to external media

  4. File level access control only apply to individually encrypted files in a fully encrypted drive

Answer: C Explanation:

With full disk encryption a file is encrypted as long as it remains on the disk. This is because the data on the disk is decrypted when the user logs on, thus the data is in a decrypted form when it is copied to another disk. Individually encrypted files on the other hand remain encrypted.

100% Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass SY0-401 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE