Ensurepass

 

 

QUESTION 351

All of the following are valid cryptographic hash functions EXCEPT:

 

A.

RIPEMD.

B.

RC4.

C.

SHA-512.

D.

MD4.

 

Correct Answer: B

 

 

QUESTION 352

In regards to secure coding practices, why is input validation important?

 

A.

It mitigates buffer overflow attacks.

B.

It makes the code more readable.

C.

It provides an application configuration baseline.

D.

It meets gray box testing standards.

 

Correct Answer: A

 

 

QUESTION 353

Which of the following would be used when a higher level of security is desired for encryption key storage?

 

A.

TACACS+

B.

L2TP

C.

LDAP

D.

TPM

 

Correct Answer: D

 

 

QUESTION 354

A security administrator needs to determine which system a particular user is trying to login to at various times of the day. Which of the following log types would the administrator check?

 

A.

Firewall

B.

Application

C.

IDS

D.

Security

 

Correct Answer: D

 

 

QUESTION 355

Which of the following MUST be updated immediately when an employee is terminated to prevent unauthorized access?

 

A.

Registration

B.

CA

C.

CRL

D.

Recovery agent

 

Correct Answer: C

 

 

QUESTION 356

Employee badges are encoded with a private encryption key and specific personal information. The encoding is then used to provide access to the network. Which of the following describes this access control type?

 

< td style="border-top-style: none; background: white; border-bottom-style: none; padding-bottom: 0cm; padding-top: 0cm; border-right-style: none; padding-left: 0cm; border-left-style: none; padding-right: 0cm" valign="top" width="708">

Token

A.

Smartcard

B.

C.

Discretionary access control

D.

Mandatory access control

 

Correct Answer: A

 

QUESTION 357

Which of the following devices would MOST likely have a DMZ interface?

 

A.

Firewall

B.

Switch

C.

Load balancer

D.

Proxy

 

Correct Answer: A

 

 

QUESTION 358

Which of the following application security testing techniques is implemented when an automated system generates random input data?

 

A.

Fuzzing

B.

XSRF

C.

Hardening

D.

Input validation

 

Correct Answer: A

 

 

QUESTION 359

Which of the following can be used by a security administrator to successfully recover a user’s forgotten password on a password protected file?

 

A.

Cognitive password

B.

Password sniffing

C.

Brute force

D.

Social engineering

 

Correct Answer: C

 

 

QUESTION 360

A security administrator wants to check user password complexity. Which of the following is the

 

BEST tool to use?

 

A.

Password history

B.

Password logging

C.

Password cracker

D.

Password hashing

 

Correct Answer: C

 

Free VCE & PDF File for CompTIA SY0-401 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.