Latest Certified Success Dumps Download

SY0-401 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Passguide CompTIA SY0-401 Dumps with VCE and PDF 961-970

September 20, 2017

2017 Sep CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!

CompTIA Security Certification

Question No: 961 – (Topic 5)

Which of the following is the difference between identification and authentication of a user?

  1. Identification tells who the user is and authentication tells whether the user is allowed to logon to a system.

  2. Identification tells who the user is and authentication proves it.

  3. Identification proves who the user is and authentication is used to keep the users data secure.

  4. Identification proves who the user is and authentication tells the user what they are allowed to do.

Answer: B Explanation:

Identification is described as the claiming of an identity, and authentication is described as the act of verifying or proving the claimed identity.

Question No: 962 – (Topic 5)

An organizations#39; security policy requires that users change passwords every 30 days. After a security audit, it was determined that users were recycling previously used passwords. Which of the following password enforcement policies would have mitigated this issue?

  1. Password history

  2. Password complexity

  3. Password length

  4. Password expiration

Answer: A Explanation:

Password history determines the number of previous passwords that cannot be used when a user changes his password. For example, a password history value of 5 would disallow a user from changing his password to any of his previous 5 passwords. However, without a minimum password age setting, the user could change his password six times and cycle back to his original password.

Question No: 963 – (Topic 5)

Jane, a security administrator, has been tasked with explaining authentication services to the company’s management team. The company runs an active directory infrastructure. Which of the following solutions BEST relates to the host authentication protocol within the company’s environment?

  1. Kerberos

  2. Least privilege


  4. LDAP

Answer: A Explanation:

Kerberos was accepted by Microsoft as the chosen authentication protocol for Windows 2000 and Active Directory domains that followed.

Question No: 964 – (Topic 5)

Which of the following is the BEST reason for placing a password lock on a mobile device?

  1. Prevents an unauthorized user from accessing owner#39;s data

  2. Enables remote wipe capabilities

  3. Stops an unauthorized user from using the device again

  4. Prevents an unauthorized user from making phone calls

Answer: A Explanation:

A password lock on a mobile device is used to prevent an unauthorized user from accessing owner#39;s data. When a device is turned off either by being manually switched off or by automatically turning off after a timeout, the device will automatically lock. When you turn the device on, you are prompted to enter a password or numeric code to gain access to the device.

Question No: 965 – (Topic 5)

A user ID and password together provide which of the following?

  1. Authorization

  2. Auditing

  3. Authentication

  4. Identification

Answer: C Explanation:

Authentication generally requires one or more of the following:

Something you know: a password, code, PIN, combination, or secret phrase. Something you have: a smart card, token device, or key.

Something you are: a fingerprint, a retina scan, or voice recognition; often referred to as biometrics, discussed later in this chapter.

Somewhere you are: a physical or logical location.

Something you do: typing rhythm, a secret handshake, or a private knock.

Question No: 966 – (Topic 5)

Which of the following should be used to authenticate and log connections from wireless users connecting with EAP-TLS?

  1. Kerberos

  2. LDAP

  3. SAML


Answer: D Explanation:

EAP-TLS, defined in RFC 2716, is an IETF open standard, and is well-supported among wireless vendors. It offers a good deal of security, since TLS is considered the successor of the SSL standard. It uses PKI to secure communication to the RADIUS authentication server.

Remote Authentication Dial In User Service (RADIUS) is a networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA) management for users who connect and use a network service. Because of the broad support and the ubiquitous nature of the RADIUS protocol, it is often used by ISPs and enterprises to manage access to the Internet or internal networks, wireless networks, and integrated e- mail services.

Question No: 967 – (Topic 5)

A security administrator implements access controls based on the security classification of the data and need-to-know information. Which of the following BEST describes this level of access control?

  1. Implicit deny

  2. Role-based Access Control

  3. Mandatory Access Controls

  4. Least privilege

Answer: C Explanation:

Mandatory Access Control allows access to be granted or restricted based on the rules of classification. MAC also includes the use of need to know. Need to know is a security

restriction where some objects are restricted unless the subject has a need to know them.

Question No: 968 – (Topic 5)

Which of the following is an authentication service that uses UDP as a transport medium?


  2. LDAP

  3. Kerberos


Answer: D

Explanation: RADIUS runs in the application layer and makes use of UDP as transport.

Question No: 969 – (Topic 5)

A company hired Joe, an accountant. The IT administrator will need to create a new account for

Joe. The company uses groups for ease of management and administration of user accounts.

Joe will need network access to all directories, folders and files within the accounting department.

Which of the following configurations will meet the requirements?

  1. Create a user account and assign the user account to the accounting group.

  2. Create an account with role-based access control for accounting.

  3. Create a user account with password reset and notify Joe of the account creation.

  4. Create two accounts: a user account and an account with full network administration rights.

Answer: B Explanation:

Role-based Access Control is basically based on a user’s job description. When a user is assigned a specific role in an environment, that user’s access to objects is granted based

on the required tasks of that role. The IT administrator should, therefore, create an account with role-based access control for accounting for Joe.

Question No: 970 – (Topic 5)

An organization#39;s security policy states that users must authenticate using something you do. Which of the following would meet the objectives of the security policy?

  1. Fingerprint analysis

  2. Signature analysis

  3. Swipe a badge

  4. Password

Answer: B Explanation:

Authentication systems or methods are based on one or more of these five factors: Something you know, such as a password or PIN

Something you have, such as a smart card, token, or identification device

Something you are, such as your fingerprints or retinal pattern (often called biometrics) Something you do, such as an action you must take to complete authentication Somewhere you are (this is based on geolocation)

Writing your signature on a document is ‘something you do’. Someone can then analyze the signature to see if it matches one stored on record.

100% Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass SY0-401 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE