2018 Jan CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!

CompTIA Security Certification

Question No: 121 – (Topic 1)

Which of the following ports would be blocked if Pete, a security administrator, wants to deny access to websites?

  1. 21

  2. 25

  3. 80

D. 3389

Answer: C Explanation:

Port 80 is used by HTTP, which is the foundation of data communication for the World Wide Web.

Question No: 122 – (Topic 1)

Matt, a systems security engineer, is determining which credential-type authentication to use within a planned 802.1x deployment. He is looking for a method that does not require a client certificate, has a server side certificate, and uses TLS tunnels for encryption. Which credential type authentication method BEST fits these requirements?

  1. EAP-TLS




Answer: D Explanation:

PEAP-MS-CHAP v2 is easier to deploy than EAP-TLS or PEAP-TLS because user authentication is accomplished via password-base credentials (user name and password) rather than digital certificates or smart cards. Only servers running Network Policy Server (NPS) or PEAP-MS-CHAP v2 are required to have a certificate.

Question No: 123 – (Topic 1)

The security administrator has been tasked to update all the access points to provide a more secure connection. All access points currently use WPA TKIP for encryption. Which of the following would be configured to provide more secure connections?

  1. WEP

  2. WPA2 CCMP

  3. Disable SSID broadcast and increase power levels

  4. MAC filtering

Answer: B Explanation:

CCMP makes use of 128-bit AES encryption with a 48-bit initialization vector. This initialization vector makes cracking a bit more difficult.

Question No: 124 – (Topic 1)

A security administrator must implement a wireless security system, which will require users to enter a 30 character ASCII password on their accounts. Additionally the system

must support 3DS wireless encryption.

Which of the following should be implemented?

  1. WPA2-CCMP with 802.1X

  2. WPA2-PSK

  3. WPA2-CCMP

  4. WPA2-Enterprise

Answer: D Explanation:

D: WPA-Enterprise is also referred to as WPA-802.1X mode, and sometimes just WPA (as opposed to WPA-PSK), this is designed for enterprise networks and requires a RADIUS authentication server. This requires a more complicated setup, but provides additional security (e.g. protection against dictionary attacks on short passwords). Various kinds of the Extensible Authentication Protocol (EAP) are used for authentication. RADIUS can be managed centrally, and the servers that allow access to a network can verify with a RADIUS server whether an incoming caller is authorized. Thus the RADIUS server can perform all authentications. This will require users to use their passwords on their user accounts.

Question No: 125 – (Topic 1)

A system administrator attempts to ping a hostname and the response is 2001:4860:0:2001::68.

Which of the following replies has the administrator received?

  1. The loopback address

  2. The local MAC address

  3. IPv4 address

  4. IPv6 address

Answer: D Explanation:

IPv6 addresses are 128-bits in length. An IPv6 address is represented as eight groups of four hexadecimal digits, each group representing 16 bits (two octets). The groups are separated by colons (:). The hexadecimal digits are case-insensitive, but IETF recommendations suggest the use of lower case letters. The full representation of eight 4-

digit groups may be simplified by several techniques, eliminating parts of the representation.

Question No: 126 – (Topic 1)

An organization recently switched from a cloud-based email solution to an in-house email server. The firewall needs to be modified to allow for sending and receiving email. Which of the following ports should be open on the firewall to allow for email traffic? (Select THREE).

  1. TCP 22

  2. TCP 23

  3. TCP 25

  4. TCP 53

  5. TCP 110

  6. TCP 143

  7. TCP 445

Answer: C,E,F Explanation:

Port 25 is used by Simple Mail Transfer Protocol (SMTP) for routing e-mail between mail servers.

Port 110 is used for Post Office Protocol v3 (POP3), which is an application-layer Internet standard protocol used by local e-mail clients to retrieve e-mail from a remote server over a TCP/IP connection.

Port 143 is used by Internet Message Access Protocol (IMAP) for the management of email messages.

Question No: 127 – (Topic 1)

A security administrator suspects that an increase in the amount of TFTP traffic on the network is due to unauthorized file transfers, and wants to configure a firewall to block all TFTP traffic.

Which of the following would accomplish this task?

  1. Deny TCP port 68

  2. Deny TCP port 69

  3. Deny UDP port 68

  4. Deny UDP port 69

Answer: D Explanation:

Trivial File Transfer Protocol (TFTP) is a simple file-exchange protocol that doesn’t require authentication. It operates on UDP port 69.

Question No: 128 – (Topic 1)

Which the following flags are used to establish a TCP connection? (Select TWO).

  1. PSH

  2. ACK

  3. SYN

  4. URG

  5. FIN

Answer: B,C Explanation:

To establish a TCP connection, the three-way (or 3-step) handshake occurs:

SYN: The active open is performed by the client sending a SYN to the server. The client sets the segment#39;s sequence number to a random value A.

SYN-ACK: In response, the server replies with a SYN-ACK. The acknowledgment number is set to one more than the received sequence number i.e. A 1, and the sequence number that the server chooses for the packet is another random number, B.

ACK: Finally, the client sends an ACK back to the server. The sequence number is set to the received acknowledgement value i.e. A 1, and the acknowledgement number is set to one more than the received sequence number i.e. B 1.

Question No: 129 – (Topic 1)

Which of the following should be implemented to stop an attacker from mapping out addresses and/or devices on a network?

  1. Single sign on

  2. IPv6

  3. Secure zone transfers

  4. VoIP

Answer: C Explanation:

C: A primary DNS server has the quot;master copyquot; of a zone, and secondary DNS servers keep copies of the zone for redundancy. When changes are made to zone data on the primary DNS server, these changes must be distributed to the secondary DNS servers for the zone. This is done through zone transfers. If you allow zone transfers to any server, all the resource records in the zone are viewable by any host that can contact your DNS server. Thus you will need to secure the zone transfers to stop an attacker from mapping out your addresses and devices on your network.

Question No: 130 – (Topic 1)

A security analyst noticed a colleague typing the following command:

`Telnet some-host 443′

Which of the following was the colleague performing?

  1. A hacking attempt to the some-host web server with the purpose of achieving a distributed denial of service attack.

  2. A quick test to see if there is a service running on some-host TCP/443, which is being routed correctly and not blocked by a firewall.

  3. Trying to establish an insecure remote management session. The colleague should be using SSH or terminal services instead.

  4. A mistaken port being entered because telnet servers typically do not listen on port 443.

Answer: B Explanation:

B: The Telnet program parameters are: telnet lt;hostnamegt; lt;portgt;

lt;hostnamegt; is the name or IP address of the remote server to connect to.

lt;portgt; is the port number of the service to use for the connection.

TCP port 443 provides the HTTPS (used for secure web connections) service; it is the default SSL port. By running the Telnet some-host 443 command, the security analyst is checking that routing is done properly and not blocked by a firewall.

100% Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Pass Guaranteed!
Download 2018 EnsurePass SY0-401 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2018 EnsurePass IT Certification PDF and VCE

Comments are closed.