[Free] 2018(June) Dumps4cert CompTIA SY0-401 Dumps with VCE and PDF Download 1021-1030

Dumps4cert.com : Latest Dumps with PDF and VCE Files
2018 May CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!

CompTIA Security Certification

Question No: 1021 – (Topic 6)

An administrator needs to submit a new CSR to a CA. Which of the following is a valid FIRST step?

  1. Generate a new private key based on AES.

  2. Generate a new public key based on RSA.

  3. Generate a new public key based on AES.

  4. Generate a new private key based on RSA.

Answer: D Explanation:

Before creating a CSR, the applicant first generates a key pair, keeping the private key secret. The private key is needed to produce, but it is not part of, the CSR.

The private key is an RSA key. The private encryption key that will be used to protect sensitive information.

Note: A CSR or Certificate Signing request is a block of encrypted text that is generated on the server that the certificate will be used on. It contains information that will be included in your certificate such as your organization name, common name (domain name), locality, and country. It also contains the public key that will be included in your certificate. A private key is usually created at the same time that you create the CSR.

Question No: 1022 – (Topic 6)

Which of the following components MUST be trusted by all parties in PKI?

  1. Key escrow

  2. CA

  3. Private key

  4. Recovery key

Answer: B Explanation:

A certificate authority (CA) is an organization that is responsible for issuing, revoking, and

distributing certificates. In a simple trust model all parties must trust the CA. In a more complicated trust model all parties must trust the Root CA.

Question No: 1023 – (Topic 6)

Users report that after downloading several applications, their systems’ performance has noticeably decreased. Which of the following would be used to validate programs prior to installing them?

  1. Whole disk encryption

  2. SSH

  3. Telnet

  4. MD5

Answer: D Explanation:

MD5 can be used to locate the data which has changed.

The Message Digest Algorithm (MD) creates a hash value and uses a one-way hash. The hash value is used to help maintain integrity. There are several versions of MD; the most common are MD5, MD4, and MD2.

Question No: 1024 – (Topic 6)

Which of the following is true about an email that was signed by User A and sent to User B?

  1. User A signed with User B’s private key and User B verified with their own public key.

  2. User A signed with their own private key and User B verified with User A’s public key.

  3. User A signed with User B’s public key and User B verified with their own private key.

  4. User A signed with their own public key and User B verified with User A’s private key.

Answer: B Explanation:

The sender uses his private key, in this case User A#39;s private key, to create a digital signature. The message is, in effect, signed with the private key. The sender then sends the message to the receiver. The receiver (User B) uses the public key attached to the

message to validate the digital signature. If the values match, the receiver knows the message is authentic.

The receiver uses a key provided by the sender-the public key-to decrypt the message.

Question No: 1025 – (Topic 6)

Which of the following is used to verify data integrity?

  1. SHA

  2. 3DES

  3. AES

  4. RSA

Answer: A Explanation:

SHA stands for quot;secure hash algorithmquot;. SHA-1 is the most widely used of the existing SHA hash functions, and is employed in several widely used applications and protocols including TLS and SSL, PGP, SSH, S/MIME, and IPsec. It is used to ensure data integrity.


A hash value (or simply hash), also called a message digest, is a number generated from a string of text. The hash is substantially smaller than the text itself, and is generated by a formula in such a way that it is extremely unlikely that some other text will produce the same hash value.

Hashes play a role in security systems where they#39;re used to ensure that transmitted messages have not been tampered with. The sender generates a hash of the message, encrypts it, and sends it with the message itself. The recipient then decrypts both the message and the hash, produces another hash from the received message, and compares the two hashes. If they#39;re the same, there is a very high probability that the message was transmitted intact. This is how hashing is used to ensure data integrity.

Question No: 1026 – (Topic 6)

A CRL is comprised of.

  1. Malicious IP addresses.

  2. Trusted CA’s.

  3. Untrusted private keys.

  4. Public keys.

Answer: D Explanation:

A certificate revocation list (CRL) is created and distributed to all CAs to revoke a certificate or key.

By checking the CRL you can check if a particular certificate has been revoked. The certificates for which a CRL should be maintained are often X.509/public key certificates, as this format is commonly used by PKI schemes.

Question No: 1027 – (Topic 6)

When employees that use certificates leave the company they should be added to which of the following?

  1. PKI

  2. CA

  3. CRL

  4. TKIP

Answer: C Explanation:

The certificates of the leaving employees must be made unusable. This is done by revoking them. The revoke certificates end up in the CRL.

Note: The CRL (Certificate revocation list) is exactly what its name implies: a list of subscribers paired with digital certificate status. The list enumerates revoked certificates along with the reason(s) for revocation. The dates of certificate issue, and the entities that issued them, are also included. In addition, each list contains a proposed date for the next release.

Question No: 1028 – (Topic 6)

A security administrator must implement a secure key exchange protocol that will allow

company clients to autonomously exchange symmetric encryption keys over an unencrypted channel. Which of the following MUST be implemented?

  1. SHA-256

  2. AES

  3. Diffie-Hellman

  4. 3DES

Answer: C Explanation:

Diffie-Hellman key exchange (D-H) is a means of securely generating symmetric encryption keys across an insecure medium.

Question No: 1029 – (Topic 6)

A new client application developer wants to ensure that the encrypted passwords that are stored in their database are secure from cracking attempts. To implement this, the developer implements a function on the client application that hashes passwords thousands of times prior to being sent to the database. Which of the following did the developer MOST likely implement?


  2. PBKDF2

  3. HMAC

  4. ECDHE

Answer: B Explanation:

Password-Based Key Derivation Function 2 (PBKDF2) makes use of a hashing operation, an encryption cipher function, or an HMAC operation) on the input password, which is combined with a salt and is repeated thousands of times.

Question No: 1030 – (Topic 6)

Which of the following should a security technician implement to identify untrusted certificates?

  1. CA

  2. PKI

  3. CRL

  4. Recovery agent

Answer: C Explanation:

Untrusted certificates and keys are revoked and put into the CRL.

Note: The CRL (Certificate revocation list) is exactly what its name implies: a list of subscribers paired with digital certificate status. The list enumerates revoked certificates along with the reason(s) for revocation. The dates of certificate issue, and the entities that issued them, are also included.

100% Dumps4cert Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Dumps4cert Pass Guaranteed!
Download 2018 Dumps4cert SY0-401 Full Exam PDF and VCE

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

Your email address will not be published. Required fields are marked *

  • Categories

  • Tags

  • Hot Exams

  • Hot Exams

  • Hot Catageories

  • microsoft dumps

    62-193 Dumps
    70-243 Dumps
    70-246 Dumps
    70-247 Dumps
    70-331 Dumps
    70-332 Dumps
    70-333 Dumps
    70-334 Dumps
    70-339 Dumps
    70-341 Dumps
    70-342 Dumps
    70-345 Dumps
    70-346 Dumps
    70-347 Dumps
    70-348 Dumps
    70-354 Dumps
    70-355 Dumps
    70-357 Dumps
    70-383 Dumps
    70-384 Dumps
    70-385 Dumps
    70-398 Dumps
    70-410 Dumps
    70-411 Dumps
    70-412 Dumps
    70-413 Dumps
    70-414 Dumps
    70-417 Dumps
    70-461 Dumps
    70-462 Dumps
    70-463 Dumps
    70-464 Dumps
    70-465 Dumps
    70-466 Dumps
    70-467 Dumps
    70-469 Dumps
    70-470 Dumps
    70-473 Dumps
    70-475 Dumps
    70-480 Dumps
    70-481 Dumps
    70-482 Dumps
    70-483 Dumps
    70-484 Dumps
    70-485 Dumps
    70-486 Dumps
    70-487 Dumps
    70-488 Dumps
    70-489 Dumps
    70-490 Dumps
    70-491 Dumps
    70-492 Dumps
    70-494 Dumps
    70-496 Dumps
    70-497 Dumps
    70-498 Dumps
    70-499 Dumps
    70-517 Dumps
    70-532 Dumps
    70-533 Dumps
    70-534 Dumps
    70-535 Dumps
    70-537 Dumps
    70-640 Dumps
    70-642 Dumps
    70-646 Dumps
    70-673 Dumps
    70-680 Dumps
    70-681 Dumps
    70-682 Dumps
    70-684 Dumps
    70-685 Dumps
    70-686 Dumps
    70-687 Dumps
    70-688 Dumps
    70-689 Dumps
    70-692 Dumps
    70-694 Dumps
    70-695 Dumps
    70-696 Dumps
    70-697 Dumps
    70-698 Dumps
    70-703 Dumps
    70-705 Dumps
    70-713 Dumps
    70-734 Dumps
    70-735 Dumps
    70-740 Dumps
    70-741 Dumps
    70-742 Dumps
    70-743 Dumps
    70-744 Dumps
    70-745 Dumps
    70-761 Dumps
    70-762 Dumps
    70-764 Dumps
    70-765 Dumps
    70-767 Dumps
    70-768 Dumps
    70-773 Dumps
    70-774 Dumps
    70-775 Dumps
    70-776 Dumps
    70-778 Dumps
    70-779 Dumps
    70-980 Dumps
    70-981 Dumps
    70-982 Dumps
    74-343 Dumps
    74-344 Dumps
    74-409 Dumps
    74-678 Dumps
    74-697 Dumps
    77-418 Dumps
    77-419 Dumps
    77-420 Dumps
    77-421 Dumps
    77-422 Dumps
    77-423 Dumps
    77-424 Dumps
    77-425 Dumps
    77-426 Dumps
    77-427 Dumps
    77-428 Dumps
    77-600 Dumps
    77-601 Dumps
    77-602 Dumps
    77-603 Dumps
    77-604 Dumps
    77-605 Dumps
    77-725 Dumps
    77-726 Dumps
    77-727 Dumps
    77-728 Dumps
    77-729 Dumps
    77-730 Dumps
    77-731 Dumps
    77-853 Dumps
    77-881 Dumps
    77-882 Dumps
    77-883 Dumps
    77-884 Dumps
    77-885 Dumps
    77-886 Dumps
    77-887 Dumps
    77-888 Dumps
    77-891 Dumps
    98-349 Dumps
    98-361 Dumps
    98-362 Dumps
    98-363 Dumps
    98-364 Dumps
    98-365 Dumps
    98-366 Dumps
    98-367 Dumps
    98-368 Dumps
    98-369 Dumps
    98-372 Dumps
    98-373 Dumps
    98-374 Dumps
    98-375 Dumps
    98-379 Dumps
    98-380 Dumps
    98-381 Dumps
    98-382 Dumps
    98-383 Dumps
    98-388 Dumps
    AZ-100 Dumps
    AZ-101 Dumps
    AZ-102 Dumps
    INF-203x Dumps
    INF-204x Dumps
    INF-205x Dumps
    INF-206x Dumps
    MB2-700 Dumps
    MB2-701 Dumps
    MB2-702 Dumps
    MB2-703 Dumps
    MB2-704 Dumps
    MB2-706 Dumps
    MB2-707 Dumps
    MB2-708 Dumps
    MB2-709 Dumps
    MB2-710 Dumps
    MB2-711 Dumps
    MB2-712 Dumps
    MB2-713 Dumps
    MB2-714 Dumps
    MB2-715 Dumps
    MB2-716 Dumps
    MB2-717 Dumps
    MB2-718 Dumps
    MB2-719 Dumps
    MB2-877 Dumps
    MB5-705 Dumps
    MB6-700 Dumps
    MB6-701 Dumps
    MB6-702 Dumps
    MB6-703 Dumps
    MB6-704 Dumps
    MB6-705 Dumps
    MB6-884 Dumps
    MB6-885 Dumps
    MB6-886 Dumps
    MB6-889 Dumps
    MB6-890 Dumps
    MB6-892 Dumps
    MB6-893 Dumps
    MB6-894 Dumps
    MB6-895 Dumps
    MB6-896 Dumps
    MB6-897 Dumps
    MB6-898 Dumps