Ensurepass

 

QUESTION 141

A software developer wants to prevent stored passwords from being easily decrypted. When the password is stored by the application, additional text is added to each password before the password is hashed. This technique is known as:

 

A.

Symmetric cryptography.

B.

Private key cryptography.

C.

Salting.

D.

Rainbow tables.

 

Correct Answer: C

QUESTION 142

In which of the following steps of incident response does a team analyze the incident and determine steps to prevent a future occurrence?

 

A.

Mitigation

B.

Identification

C.

Preparation

D.

Lessons learned

 

Correct Answer: D

 

 

QUESTION 143

A security technician has been asked to recommend an authentication mechanism that will allow users to authenticate using a password that will only be valid for a predefined time interval. Which of the following should the security technician recommend?

 

A.

CHAP

B.

TOTP

C.

HOTP

D.

PAP

 

Correct Answer: B

 

 

QUESTION 144

A security administrator must implement a wireless encryption system to secure mobile devices’ communication. Some users have mobile devices which only support 56-bit encryption. Which of the following wireless encryption methods should be implemented?

 

A.

RC4

B.

AES

C.

MD5

D.

TKIP

 

Correct Answer: A

 

 

QUESTION 145

After a security incident involving a physical asset, which of the following should be done at the beginning?

 

A.

Record every person who was in possession of assets, continuing post-incident.

B.

Create working images of data in the following order: hard drive then RAM.

C.

Back up storage devices so work can be performed on the devices immediately.

D.

Write a report detailing the incident and mitigation suggestions.

 

Correct Answer: A

 

 

 

 

 

QUESTION 146

Which of the following is the GREATEST security risk of two or more companies working together under a Memorandum of Understanding?

 

A.

Budgetary considerations may not have been written into the MOU, leaving an entity to absorb more cost than intended at signing.

B.

MOUs have strict policies in place for services performed between the entities and the penalties for compromising a partner are high.

C.

MOUs are generally loose agreements and therefore may not have strict guidelines in place to protect sensitive data between the two entities.

D.

MOUs between two companies working together cannot be held to the same legal standards as SLAs.

 

Correct Answer: C

 

 

QUESTION 147

Joe, a user, reports to the system administrator that he is receiving an error stating his certificate has been revoked. Which of the following is the name of the database repository for these certificates?

 

A.

CSR

B.

OSCP

C.

CA

D.

CRL

 

Correct Answer: D

 

 

QUESTION 148

A software company has completed a security assessment. The assessment states that the company should implement fencing and lighting around the property. Additionally, the assessment states that production releases of their software should be digitally signed. Given the recommendations, the company was deficient in which of the following core security areas? (Select TWO).

 

A.

Fault tolerance

B.

Encryption

C.

Availability

D.

Integrity

E.

Safety

F.

Confidentiality

 

Correct Answer: DE

 

 

QUESTION 149

A user was reissued a smart card after the previous smart card had expired. The user is able to log into the domain but is now unable to send digitally signed or encrypted email. Which of the following would the user need to perform?

 

A.

Remove all previous smart card certificates from the local certificate store.

B.

Publish the new certificates to the global address list.

C.

Make the certificates available to the operating system.

D.

Recover the previous smart card certificates.

 

Correct Answer: B

 

 

QUESTION 150

Users are encouraged to click on a link in an email to obtain exclusive access to the newest version of a popular Smartphone. This is an example of.

 

A.

Scarcity

B.

Familiarity

C.

Intimidation

D.

Trust

 

Correct Answer: A

Free VCE & PDF File for CompTIA SY0-401 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.