Latest Certified Success Dumps Download

SY0-401 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Passguide CompTIA SY0-401 Dumps with VCE and PDF 981-990

September 20, 2017

2017 Sep CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!

CompTIA Security Certification

Question No: 981 – (Topic 5)

Which of the following services are used to support authentication services for several local devices from a central location without the use of tokens?


  2. Smartcards

  3. Biometrics

  4. Kerberos

Answer: A Explanation:

ACACS allows a client to accept a username and password and send a query to a TACACS authentication server. It would determine whether to accept or deny the authentication request and send a response back. The TIP would then allow access or not based upon the response, not tokens.

Question No: 982 – (Topic 5)

The IT department has setup a share point site to be used on the intranet. Security has established the groups and permissions on the site. No one may modify the permissions and all requests for access are centrally managed by the security team. This is an example of which of the following control types?

  1. Rule based access control

  2. Mandatory access control

  3. User assigned privilege

  4. Discretionary access control

Answer: D Explanation:

Discretionary access control (DAC) allows access to be granted or restricted by an object’s owner based on user identity and on the discretion of the object owner.

Question No: 983 – (Topic 5)

A security technician is working with the network firewall team to implement access controls at the company’s demarc as part of the initiation of configuration management processes. One of the network technicians asks the security technician to explain the access control type found in a firewall. With which of the following should the security technician respond?

  1. Rule based access control

  2. Role based access control

  3. Discretionary access control

  4. Mandatory access control

Answer: A Explanation:

Rule-based access control is used for network devices, such as firewalls and routers, which filter traffic based on filtering rules.

Question No: 984 – (Topic 5)

Which of the following is an XML based open standard used in the exchange of authentication and authorization information between different parties?

  1. LDAP

  2. SAML


  4. Kerberos

Answer: B Explanation:

Security Assertion Markup Language (SAML) is an open-standard data format centred on XML. It is used for supporting the exchange of authentication and authorization details between systems, services, and devices.

Question No: 985 – (Topic 5)

Ann has taken over as the new head of the IT department. One of her first assignments was to implement AAA in preparation for the company’s new telecommuting policy. When she takes inventory of the organizations existing network infrastructure, she makes note that it is a mix of several different vendors. Ann knows she needs a method of secure centralized access to the company’s network resources. Which of the following is the BEST service for Ann to implement?


  2. LDAP

  3. SAML


Answer: A Explanation:

The Remote Authentication Dial In User Service (RADIUS) networking protocol offers centralized Authentication, Authorization, and Accounting (AAA) management for users who make use of a network service.

Question No: 986 – (Topic 5)

The security department has implemented a new laptop encryption product in the

environment. The product requires one user name and password at the time of boot up and also another password after the operating system has finished loading. This setup is using which of the following authentication types?

  1. Two-factor authentication

  2. Single sign-on

  3. Multifactor authentication

  4. Single factor authentication

Answer: D Explanation:

Single-factor authentication is when only one authentication factor is used. In this case, Something you know is being used as an authentication factor. Username, password, and PIN form part of Something you know.

Question No: 987 – (Topic 5)

Users require access to a certain server depending on their job function. Which of the following would be the MOST appropriate strategy for securing the server?

  1. Common access card

  2. Role based access control

  3. Discretionary access control

  4. Mandatory access control

Answer: B Explanation:

Role-based Access Control is basically based on a user’s job description. When a user is assigned a specific role in an environment, that user’s access to objects is granted based on the required tasks of that role.

Question No: 988 – (Topic 5)

An organization is implementing a password management application which requires that all local administrator passwords be stored and automatically managed. Auditors will be responsible for monitoring activities in the application by reviewing the logs. Which of the following security controls is the BEST option to prevent auditors from accessing or

modifying passwords in the application?

  1. Time of day restrictions

  2. Create user accounts for the auditors and assign read-only access

  3. Mandatory access control

  4. Role-based access with read-only

Answer: D Explanation:

Auditors (employees performing the auditor role) will have access application by reviewing the logs. We can therefore assign access based on employee role. This is an example of Role-based access control (RBAC).

To prevent the auditors from modifying passwords in the application, we need to ensure that they do not have write access. Therefore, you should assign only read access.

Role-Based Access Control (RBAC) models approach the problem of access control based on established roles in an organization. RBAC models implement access by job function or by responsibility. Each employee has one or more roles that allow access to specific information. If a person moves from one role to another, the access for the previous role will no longer be available.

Instead of thinking “Denise needs to be able to edit files,” RBAC uses the logic “Editors need to be able to edit files” and “Denise is a member of the Editors group.” This model is always good for use in an environment in which there is high employee turnover.

Question No: 989 – (Topic 5)

Which of the following types of security services are used to support authentication for remote users and devices?

  1. Biometrics

  2. HSM



Answer: C Explanation:

RADIUS authentication phase takes place when a network client connects to a network access server (NAS) and provides authentication credentials. The NAS will then make use of the authentication credentials to issue a RADIUS authentication request to the RADIUS

server, which will then exchange RADIUS authentication messages with the NAS.

Question No: 990 – (Topic 5)

Which of the following is a measure of biometrics performance which rates the ability of a system to correctly authenticate an authorized user?

  1. Failure to capture

  2. Type II

  3. Mean time to register

  4. Template capacity

Answer: B Explanation:

Type II, or false acceptance rate (FAR), is the measure of the likelihood that the biometric security system will incorrectly accept an access attempt by an unauthorized user.

100% Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass SY0-401 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE