[Free] 2018(June) Dumps4cert CompTIA SY0-401 Dumps with VCE and PDF Download 851-860

Dumps4cert.com : Latest Dumps with PDF and VCE Files
2018 May CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!

CompTIA Security Certification

Question No: 851 – (Topic 4)

Which of the following techniques can be used to prevent the disclosure of system information resulting from arbitrary inputs when implemented properly?

  1. Fuzzing

  2. Patch management

  3. Error handling

  4. Strong passwords

Answer: C Explanation:

Exception handling is an aspect of secure coding. When errors occur, the system should revert back to a secure state. This must be coded into the system by the programmer, and should capture errors and exceptions so that they could be handled by the application.

Question No: 852 – (Topic 4)

Identifying a list of all approved software on a system is a step in which of the following practices?

  1. Passively testing security controls

  2. Application hardening

  3. Host software baselining

  4. Client-side targeting

Answer: C Explanation:

Application baseline defines the level or standard of security that will be implemented and maintained for the application. It may include requirements of hardware components, operating system versions, patch levels, installed applications and their configurations, and available ports and services. Systems can be compared to the baseline to ensure that the required level of security is being maintained.

Question No: 853 – (Topic 4)

An IT security technician needs to establish host based security for company workstations. Which of the following will BEST meet this requirement?

  1. Implement IIS hardening by restricting service accounts.

  2. Implement database hardening by applying vendor guidelines.

  3. Implement perimeter firewall rules to restrict access.

  4. Implement OS hardening by applying GPOs.

Answer: D

Explanation: Hardening is the process of securing a system by reducing its surface of vulnerability. Reducing the surface of vulnerability typically includes removing or disabling unnecessary functions and features, removing or disabling unnecessary user accounts, disabling unnecessary protocols and ports, and disabling unnecessary services. This can be implemented using the native security features of an operating system, such as Group Policy Objects (GPOs).

Question No: 854 – (Topic 4)

A bank has recently deployed mobile tablets to all loan officers for use at customer sites. Which of the following would BEST prevent the disclosure of customer data in the event that a tablet is lost or stolen?

  1. Application control

  2. Remote wiping

  3. GPS

  4. Screen-locks

Answer: B Explanation:

Remote wipe is the process of deleting data on a device in the event that the device is stolen. This is performed over remote connections such as the mobile phone service or the internet connection and helps ensure that sensitive data is not accessed by unauthorized people.

Question No: 855 – (Topic 4)

The BEST methods for a web developer to prevent the website application code from being vulnerable to cross-site request forgery (XSRF) are to: (Select TWO).

  1. Permit redirection to Internet-facing web URLs.

  2. Ensure all HTML tags are enclosed in angle brackets, e.g., “lt;” and “gt;”.

  3. Validate and filter input on the server side and client side.

  4. Use a web proxy to pass website requests between the user and the application.

  5. Restrict and sanitize use of special characters in input and URLs.

Answer: C,E Explanation:

XSRF or cross-site request forgery applies to web applications and is an attack that exploits the web application’s trust of a user who known or is supposed to have been authenticated. This is often accomplished without the user’s knowledge.

XSRF can be prevented by adding a randomization string (called a nonce) to each URL request and session establishment and checking the client HTTP request header referrer for spoofing.

Question No: 856 – (Topic 4)

A database administrator would like to start encrypting database exports stored on the SAN, but the storage administrator warns that this may drastically increase the amount of disk space used by the exports. Which of the following explains the reason for the increase in disk space usage?

  1. Deduplication is not compatible with encryption

  2. The exports are being stored on smaller SAS drives

  3. Encrypted files are much larger than unencrypted files

  4. The SAN already uses encryption at rest

Answer: C Explanation:

Encryption adds overhead to the data which results in and increase in file size. This overhead is attached to each file and could include the encryption/decryption key, data recovery files and data decryption field in file header. As a result, requires increased storage space.

Question No: 857 – (Topic 4)

A large corporation has data centers geographically distributed across multiple continents. The company needs to securely transfer large amounts of data between the data center. The data transfer can be accomplished physically or electronically, but must prevent eavesdropping while the data is on transit. Which of the following represents the BEST cryptographic solution?

  1. Driving a van full of Micro SD cards from data center to data center to transfer data

  2. Exchanging VPN keys between each data center via an SSL connection and transferring the data in the VPN

  3. Using a courier to deliver symmetric VPN keys to each data center and transferring data in the VPN

  4. Using PKI to encrypt each file and transferring them via an Internet based FTP or cloud server

Answer: B Explanation:

A virtual private network (VPN) is an encrypted communication tunnel that connects two systems over an untrusted network, such as the Internet. They provide security for both authentication and data transmission through a process called encapsulation.

Secure Sockets Layer (SSL) can be used to exchange the VPN keys securely. SSL is used to establish secure TCP communication between two machines by encrypting the

communication.

Question No: 858 – (Topic 4)

A security administrator wants to ensure that the message the administrator sends out to their Chief Financial Officer (CFO) does not get changed in route. Which of the following is the administrator MOST concerned with?

  1. Data confidentiality

  2. High availability

  3. Data integrity

  4. Business continuity

Answer: C Explanation:

Integrity is the process of ensuring that the information has not been altered during transmission. This can be accomplished by means of hashing.

Question No: 859 – (Topic 4)

Which of the following is a best practice for error and exception handling?

  1. Log detailed exception but display generic error message

  2. Display detailed exception but log generic error message

  3. Log and display detailed error and exception messages

  4. Do not log or display error or exception messages

Answer: A Explanation:

A detailed explanation of the error is not helpful for most end users but might provide information that is useful to a hacker. It is therefore better to display a simple but helpful message to the end user and log the detailed information to an access-restricted log file for the administrator and programmer who would need as much information as possible about the problem in order to rectify it.

Question No: 860 – (Topic 4)

Joe, a technician, is tasked with finding a way to test operating system patches for a wide variety of servers before deployment to the production environment while utilizing a limited amount of hardware resources. Which of the following would provide the BEST environment for performing this testing?

  1. OS hardening

  2. Application control

  3. Virtualization

  4. Sandboxing

Answer: C Explanation:

Virtualization is used to host one or more operating systems in the memory of a single host computer and allows multiple operating systems to run simultaneously on the same hardware, reducing costs. Virtualization offers the flexibility of quickly and easily making backups of entire virtual systems, and quickly recovering the virtual system when errors occur. Furthermore, malicious code compromises of virtual systems rarely affect the host system, which allows for safer testing and experimentation.

Topic 5, Access Control and Identity Management

100% Dumps4cert Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Dumps4cert Pass Guaranteed!
Download 2018 Dumps4cert SY0-401 Full Exam PDF and VCE

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No


Leave a Reply

Your email address will not be published. Required fields are marked *

  • Categories

  • Tags

  • Hot Exams

  • Hot Exams

  • Hot Catageories

  • microsoft dumps

    62-193 Dumps
    70-243 Dumps
    70-246 Dumps
    70-247 Dumps
    70-331 Dumps
    70-332 Dumps
    70-333 Dumps
    70-334 Dumps
    70-339 Dumps
    70-341 Dumps
    70-342 Dumps
    70-345 Dumps
    70-346 Dumps
    70-347 Dumps
    70-348 Dumps
    70-354 Dumps
    70-355 Dumps
    70-357 Dumps
    70-383 Dumps
    70-384 Dumps
    70-385 Dumps
    70-398 Dumps
    70-410 Dumps
    70-411 Dumps
    70-412 Dumps
    70-413 Dumps
    70-414 Dumps
    70-417 Dumps
    70-461 Dumps
    70-462 Dumps
    70-463 Dumps
    70-464 Dumps
    70-465 Dumps
    70-466 Dumps
    70-467 Dumps
    70-469 Dumps
    70-470 Dumps
    70-473 Dumps
    70-475 Dumps
    70-480 Dumps
    70-481 Dumps
    70-482 Dumps
    70-483 Dumps
    70-484 Dumps
    70-485 Dumps
    70-486 Dumps
    70-487 Dumps
    70-488 Dumps
    70-489 Dumps
    70-490 Dumps
    70-491 Dumps
    70-492 Dumps
    70-494 Dumps
    70-496 Dumps
    70-497 Dumps
    70-498 Dumps
    70-499 Dumps
    70-517 Dumps
    70-532 Dumps
    70-533 Dumps
    70-534 Dumps
    70-535 Dumps
    70-537 Dumps
    70-640 Dumps
    70-642 Dumps
    70-646 Dumps
    70-673 Dumps
    70-680 Dumps
    70-681 Dumps
    70-682 Dumps
    70-684 Dumps
    70-685 Dumps
    70-686 Dumps
    70-687 Dumps
    70-688 Dumps
    70-689 Dumps
    70-692 Dumps
    70-694 Dumps
    70-695 Dumps
    70-696 Dumps
    70-697 Dumps
    70-698 Dumps
    70-703 Dumps
    70-705 Dumps
    70-713 Dumps
    70-734 Dumps
    70-735 Dumps
    70-740 Dumps
    70-741 Dumps
    70-742 Dumps
    70-743 Dumps
    70-744 Dumps
    70-745 Dumps
    70-761 Dumps
    70-762 Dumps
    70-764 Dumps
    70-765 Dumps
    70-767 Dumps
    70-768 Dumps
    70-773 Dumps
    70-774 Dumps
    70-775 Dumps
    70-776 Dumps
    70-778 Dumps
    70-779 Dumps
    70-980 Dumps
    70-981 Dumps
    70-982 Dumps
    74-343 Dumps
    74-344 Dumps
    74-409 Dumps
    74-678 Dumps
    74-697 Dumps
    77-418 Dumps
    77-419 Dumps
    77-420 Dumps
    77-421 Dumps
    77-422 Dumps
    77-423 Dumps
    77-424 Dumps
    77-425 Dumps
    77-426 Dumps
    77-427 Dumps
    77-428 Dumps
    77-600 Dumps
    77-601 Dumps
    77-602 Dumps
    77-603 Dumps
    77-604 Dumps
    77-605 Dumps
    77-725 Dumps
    77-726 Dumps
    77-727 Dumps
    77-728 Dumps
    77-729 Dumps
    77-730 Dumps
    77-731 Dumps
    77-853 Dumps
    77-881 Dumps
    77-882 Dumps
    77-883 Dumps
    77-884 Dumps
    77-885 Dumps
    77-886 Dumps
    77-887 Dumps
    77-888 Dumps
    77-891 Dumps
    98-349 Dumps
    98-361 Dumps
    98-362 Dumps
    98-363 Dumps
    98-364 Dumps
    98-365 Dumps
    98-366 Dumps
    98-367 Dumps
    98-368 Dumps
    98-369 Dumps
    98-372 Dumps
    98-373 Dumps
    98-374 Dumps
    98-375 Dumps
    98-379 Dumps
    98-380 Dumps
    98-381 Dumps
    98-382 Dumps
    98-383 Dumps
    98-388 Dumps
    AZ-100 Dumps
    AZ-101 Dumps
    AZ-102 Dumps
    INF-203x Dumps
    INF-204x Dumps
    INF-205x Dumps
    INF-206x Dumps
    MB2-700 Dumps
    MB2-701 Dumps
    MB2-702 Dumps
    MB2-703 Dumps
    MB2-704 Dumps
    MB2-706 Dumps
    MB2-707 Dumps
    MB2-708 Dumps
    MB2-709 Dumps
    MB2-710 Dumps
    MB2-711 Dumps
    MB2-712 Dumps
    MB2-713 Dumps
    MB2-714 Dumps
    MB2-715 Dumps
    MB2-716 Dumps
    MB2-717 Dumps
    MB2-718 Dumps
    MB2-719 Dumps
    MB2-877 Dumps
    MB5-705 Dumps
    MB6-700 Dumps
    MB6-701 Dumps
    MB6-702 Dumps
    MB6-703 Dumps
    MB6-704 Dumps
    MB6-705 Dumps
    MB6-884 Dumps
    MB6-885 Dumps
    MB6-886 Dumps
    MB6-889 Dumps
    MB6-890 Dumps
    MB6-892 Dumps
    MB6-893 Dumps
    MB6-894 Dumps
    MB6-895 Dumps
    MB6-896 Dumps
    MB6-897 Dumps
    MB6-898 Dumps