SY0-401 Latest Exam (May 2018)

[Free] 2018(May) EnsurePass Pass4sure CompTIA SY0-401 Dumps with VCE and PDF 801-810

May 2, 2018 : Ensure you pass the IT Exams
2018 May CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!

CompTIA Security Certification

Question No: 801 – (Topic 4)

Which of the following application security principles involves inputting random data into a program?

  1. Brute force attack

  2. Sniffing

  3. Fuzzing

  4. Buffer overflow

Answer: C Explanation:

Fuzzing is a software testing technique that involves providing invalid, unexpected, or random data to as inputs to a computer program. The program is then monitored for exceptions such as crashes, or failed validation, or memory leaks.

Question No: 802 – (Topic 4)

Input validation is an important security defense because it:

  1. rejects bad or malformed data.

  2. enables verbose error reporting.

  3. protects mis-configured web servers.

  4. prevents denial of service attacks.

Answer: A Explanation:

Input validation is a defensive technique intended to mitigate against possible user input attacks, such as buffer overflows and fuzzing. Input validation checks every user input

submitted to the application before processing that input. The check could be a length, a character type, a language type, or a domain.

Question No: 803 – (Topic 4)

An SSL/TLS private key is installed on a corporate web proxy in order to inspect HTTPS requests. Which of the following describes how this private key should be stored so that it is protected from theft?

  1. Implement full disk encryption

  2. Store on encrypted removable media

  3. Utilize a hardware security module

  4. Store on web proxy file system

Answer: C Explanation:

Hardware Security Module (HSM) hardware-based encryption solution that is usually used in conjunction with PKI to enhance security with certification authorities (CAs). It is available as an expansion card and can cryptographic keys, passwords, or certificates.

Question No: 804 – (Topic 4)

Which of the following devices would be the MOST efficient way to filter external websites for staff on an internal network?

  1. Protocol analyzer

  2. Switch

  3. Proxy

  4. Router

Answer: C Explanation:

A proxy is a device that acts on behalf of other devices. All internal user communications with the Internet could be controlled through a proxy server, which can be configured to automatically filter out or block certain sites and content. It can also cache often-accessed sites to improve performance.

Question No: 805 – (Topic 4)

A periodic update that corrects problems in one version of a product is called a

  1. Hotfix

  2. Overhaul

  3. Service pack

  4. Security update

Answer: C Explanation:

A service pack is a collection of updates and hotfixes that address a number of software issues, as well as new software features. It is released periodically by the vendor.

Question No: 806 – (Topic 4)

Access mechanisms to data on encrypted USB hard drives must be implemented correctly otherwise:

  1. user accounts may be inadvertently locked out.

  2. data on the USB drive could be corrupted.

  3. data on the hard drive will be vulnerable to log analysis.

  4. the security controls on the USB drive can be bypassed.

Answer: D Explanation:

A common access mechanism to data on encrypted USB hard drives is a password. If a weak password is used, someone could guess the password and bypass the security controls on the USB drive to access the data.

Question No: 807 – (Topic 4)

Which of the following is a vulnerability associated with disabling pop-up blockers?

  1. An alert message from the administrator may not be visible

  2. A form submitted by the user may not open

  3. The help window may not be displayed

  4. Another browser instance may execute malicious code

Answer: D

Explanation: Pop-up blockers prevent websites from opening new browser windows without the users consent. These are often used for advertisements but can also be used to distribute malicious code.

Question No: 808 – (Topic 4)

A recently installed application update caused a vital application to crash during the middle of the workday. The application remained down until a previous version could be reinstalled on the server, and this resulted in a significant loss of data and revenue.

Which of the following could BEST prevent this issue from occurring again?

  1. Application configuration baselines

  2. Application hardening

  3. Application access controls

  4. Application patch management

Answer: D Explanation:

Patch management is the process of maintaining the latest source code for applications and operating systems by applying the latest vendor updates. This helps protect a systems from newly discovered attacks and vulnerabilities. A part of patch management is testing the effects of vendor updates on a test system first to ensure that the updates do not have detrimental effects on the system, and, should the updates have no detrimental effects on the test systems, backing up the production systems before applying the updates on a production system.

Question No: 809 – (Topic 4)

In regards to secure coding practices, why is input validation important?

  1. It mitigates buffer overflow attacks.

  2. It makes the code more readable.

  3. It provides an application configuration baseline.

  4. It meets gray box testing standards.

Answer: A Explanation:

Buffer overflow is an exploit at programming error, bugs and flaws. It occurs when an application is fed more input data than it is programmed to handle. This may cause the application to terminate or to write data beyond the end of the allocated space in memory. The termination of the application may cause the system to send the data with temporary access to privileged levels in the system, while overwriting can cause important data to be lost. Proper error and exception handling and input validation will help prevent Buffer overflow exploits.

Question No: 810 – (Topic 4)

A security administrator has implemented a policy to prevent data loss. Which of the following is the BEST method of enforcement?

  1. Internet networks can be accessed via personally-owned computers.

  2. Data can only be stored on local workstations.

  3. Wi-Fi networks should use WEP encryption by default.

  4. Only USB devices supporting encryption are to be used.

Answer: D Explanation:

The concern for preventing data loss is the concern for maintaining data confidentiality. This can be accomplished through encryption, access controls, and steganography.

USB encryption is usually provided by the vendor of the USB device. It is not included on all USB devices.

100% Ensurepass Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Ensurepass Free Guaranteed!
SY0-401 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No