[Free] 2018(June) Dumps4cert CompTIA SY0-401 Dumps with VCE and PDF Download 881-890

Dumps4cert.com : Latest Dumps with PDF and VCE Files
2018 May CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!

CompTIA Security Certification

Question No: 881 – (Topic 5)

A system administrator has noticed that users change their password many times to cycle back to the original password when their passwords expire. Which of the following would BEST prevent this behavior?

  1. Assign users passwords based upon job role.

  2. Enforce a minimum password age policy.

  3. Prevent users from choosing their own passwords.

  4. Increase the password expiration time frame.

Answer: B Explanation:

A minimum password age policy defines the period that a password must be used for before it can be changed.

Question No: 882 – (Topic 5)

During the information gathering stage of a deploying role-based access control model, which of the following information is MOST likely required?

  1. Conditional rules under which certain systems may be accessed

  2. Matrix of job titles with required access privileges

  3. Clearance levels of all company personnel

  4. Normal hours of business operation

Answer: B Explanation:

Role-based access control is a model where access to resources is determines by job role rather than by user account.

Within an organization, roles are created for various job functions. The permissions to perform certain operations are assigned to specific roles. Members or staff (or other system users) are assigned particular roles, and through those role assignments acquire the computer permissions to perform particular computer-system functions. Since users are not assigned permissions directly, but only acquire them through their role (or roles), management of individual user rights becomes a matter of simply assigning appropriate roles to the user#39;s account; this simplifies common operations, such as adding a user, or changing a user#39;s department.

To configure role-based access control, you need a list (or matrix) of job titles (roles) and the access privileges that should be assigned to each role.

Question No: 883 – (Topic 5)

Which of the following types of authentication packages user credentials in a ticket?

  1. Kerberos

  2. LDAP

  3. TACACS

  4. RADIUS

Answer: A Explanation:

The basic process of Kerberos authentication is as follows: The subject provides logon credentials.

The Kerberos client system encrypts the password and transmits the protected credentials to the KDC.

The KDC verifies the credentials and then creates a ticket-granting ticket (TGT-a hashed form of the subject’s password with the addition of a time stamp that indicates a valid lifetime). The TGT is encrypted and sent to the client.

The client receives the TGT. At this point, the subject is an authenticated principle in the Kerberos realm.

The subject requests access to resources on a network server. This causes the client to request a service ticket (ST) from the KDC.

The KDC verifies that the client has a valid TGT and then issues an ST to the client. The ST includes a time stamp that indicates its valid lifetime.

The client receives the ST.

The client sends the ST to the network server that hosts the desired resource.

The network server verifies the ST. If it’s verified, it initiates a communication session with the client. From this point forward, Kerberos is no longer involved.

Question No: 884 – (Topic 5)

A group policy requires users in an organization to use strong passwords that must be changed every 15 days. Joe and Ann were hired 16 days ago. When Joe logs into the network, he is prompted to change his password; when Ann logs into the network, she is not prompted to change her password. Which of the following BEST explains why Ann is not required to change her password?

  1. Ann’s user account has administrator privileges.

  2. Joe’s user account was not added to the group policy.

  3. Ann’s user account was not added to the group policy.

  4. Joe’s user account was inadvertently disabled and must be re-created.

Answer: C Explanation:

Group policy is used to manage Windows systems in a Windows network domain environment by means of a Group Policy Object (GPO). GPO’s include a number of settings related to credentials, which includes password expiration. Because Anne was not prompted to change her password, it could only mean that her user account was not added to the group policy.

Question No: 885 – (Topic 5)

The system administrator is tasked with changing the administrator password across all 2000 computers in the organization. Which of the following should the system administrator implement to accomplish this task?

  1. A security group

  2. A group policy

  3. Key escrow

  4. Certificate revocation

Answer: B Explanation:

Group policy is used to manage Windows systems in a Windows network domain environment by means of a Group Policy Object (GPO). GPO’s include a number of settings related to credentials, such as password complexity requirements, password history, password length, account lockout settings.

Question No: 886 – (Topic 5)

Which of the following is an example of multifactor authentication?

  1. Credit card and PIN

  2. Username and password

  3. Password and PIN

  4. Fingerprint and retina scan

Answer: A Explanation:

A credit card is a memory card that functions a type of two-factor authentication. The card is something you have, and its PIN is something you know. Multifactor authentication requires a user to provide two or more different types of authentication factors to prove their identity.

Question No: 887 – (Topic 5)

A security administrator is reviewing the below output from a password auditing tool:

P@ss.

@pW1. S3cU4

Which of the following additional policies should be implemented based on the tool’s output?

  1. Password age

  2. Password history

  3. Password length

  4. Password complexity

Answer: C Explanation:

The output shows that all the passwords are either 4 or 5 characters long. This is way too short, 8 characters are shown to be the minimum for password length.

Question No: 888 – (Topic 5)

A company wants to ensure that all credentials for various systems are saved within a central database so that users only have to login once for access to all systems. Which of the following would accomplish this?

  1. Multi-factor authentication

  2. Smart card access

  3. Same Sign-On

  4. Single Sign-On

Answer: D Explanation:

Single sign-on means that once a user (or other subject) is authenticated into a realm, re- authentication is not required for access to resources on any realm entity. Single sign-on is able to internally translate and store credentials for the various mechanisms, from the credential used for original authentication.

Question No: 889 – (Topic 5)

In Kerberos, the Ticket Granting Ticket (TGT) is used for which of the following?

  1. Identification

  2. Authorization

  3. Authentication

  4. Multifactor authentication

Answer: C Explanation:

An authentication ticket, also known as a ticket-granting ticket (TGT), is a small amount of encrypted data that is issued by a server in the Kerberos authentication model to begin the authentication process. When the client receives an authentication ticket, the client sends the ticket back to the server along with additional information verifying the client#39;s identity. The server then issues a service ticket and a session key (which includes a form of password), completing the authorization process for that session.

In the Kerberos model, all tickets are time-stamped and have limited lifetimes. This

minimizes the danger that hackers will be able to steal or crack the encrypted data and use it to compromise the system. Ideally, no authentication ticket remains valid for longer than the time an expert hacker would need to crack the encryption. Authentication tickets are session-specific, further improving the security of the system by ensuring that no authentication ticket remains valid after a given session is complete.

Question No: 890 – (Topic 5)

A system administrator needs to ensure that certain departments have more restrictive controls to their shared folders than other departments. Which of the following security controls would be implemented to restrict those departments?

  1. User assigned privileges

  2. Password disablement

  3. Multiple account creation

  4. Group based privileges

Answer: D Explanation:

Group-based privileges assign privileges or access to a resource to all members of a group. Group-based access control grants every member of the group the same level of access to a specific object.

100% Dumps4cert Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Dumps4cert Pass Guaranteed!
Download 2018 Dumps4cert SY0-401 Full Exam PDF and VCE

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No


Leave a Reply

Your email address will not be published. Required fields are marked *

  • Categories

  • Tags

  • Hot Exams

  • Hot Exams

  • Hot Catageories

  • microsoft dumps

    62-193 Dumps
    70-243 Dumps
    70-246 Dumps
    70-247 Dumps
    70-331 Dumps
    70-332 Dumps
    70-333 Dumps
    70-334 Dumps
    70-339 Dumps
    70-341 Dumps
    70-342 Dumps
    70-345 Dumps
    70-346 Dumps
    70-347 Dumps
    70-348 Dumps
    70-354 Dumps
    70-355 Dumps
    70-357 Dumps
    70-383 Dumps
    70-384 Dumps
    70-385 Dumps
    70-398 Dumps
    70-410 Dumps
    70-411 Dumps
    70-412 Dumps
    70-413 Dumps
    70-414 Dumps
    70-417 Dumps
    70-461 Dumps
    70-462 Dumps
    70-463 Dumps
    70-464 Dumps
    70-465 Dumps
    70-466 Dumps
    70-467 Dumps
    70-469 Dumps
    70-470 Dumps
    70-473 Dumps
    70-475 Dumps
    70-480 Dumps
    70-481 Dumps
    70-482 Dumps
    70-483 Dumps
    70-484 Dumps
    70-485 Dumps
    70-486 Dumps
    70-487 Dumps
    70-488 Dumps
    70-489 Dumps
    70-490 Dumps
    70-491 Dumps
    70-492 Dumps
    70-494 Dumps
    70-496 Dumps
    70-497 Dumps
    70-498 Dumps
    70-499 Dumps
    70-517 Dumps
    70-532 Dumps
    70-533 Dumps
    70-534 Dumps
    70-535 Dumps
    70-537 Dumps
    70-640 Dumps
    70-642 Dumps
    70-646 Dumps
    70-673 Dumps
    70-680 Dumps
    70-681 Dumps
    70-682 Dumps
    70-684 Dumps
    70-685 Dumps
    70-686 Dumps
    70-687 Dumps
    70-688 Dumps
    70-689 Dumps
    70-692 Dumps
    70-694 Dumps
    70-695 Dumps
    70-696 Dumps
    70-697 Dumps
    70-698 Dumps
    70-703 Dumps
    70-705 Dumps
    70-713 Dumps
    70-734 Dumps
    70-735 Dumps
    70-740 Dumps
    70-741 Dumps
    70-742 Dumps
    70-743 Dumps
    70-744 Dumps
    70-745 Dumps
    70-761 Dumps
    70-762 Dumps
    70-764 Dumps
    70-765 Dumps
    70-767 Dumps
    70-768 Dumps
    70-773 Dumps
    70-774 Dumps
    70-775 Dumps
    70-776 Dumps
    70-778 Dumps
    70-779 Dumps
    70-980 Dumps
    70-981 Dumps
    70-982 Dumps
    74-343 Dumps
    74-344 Dumps
    74-409 Dumps
    74-678 Dumps
    74-697 Dumps
    77-418 Dumps
    77-419 Dumps
    77-420 Dumps
    77-421 Dumps
    77-422 Dumps
    77-423 Dumps
    77-424 Dumps
    77-425 Dumps
    77-426 Dumps
    77-427 Dumps
    77-428 Dumps
    77-600 Dumps
    77-601 Dumps
    77-602 Dumps
    77-603 Dumps
    77-604 Dumps
    77-605 Dumps
    77-725 Dumps
    77-726 Dumps
    77-727 Dumps
    77-728 Dumps
    77-729 Dumps
    77-730 Dumps
    77-731 Dumps
    77-853 Dumps
    77-881 Dumps
    77-882 Dumps
    77-883 Dumps
    77-884 Dumps
    77-885 Dumps
    77-886 Dumps
    77-887 Dumps
    77-888 Dumps
    77-891 Dumps
    98-349 Dumps
    98-361 Dumps
    98-362 Dumps
    98-363 Dumps
    98-364 Dumps
    98-365 Dumps
    98-366 Dumps
    98-367 Dumps
    98-368 Dumps
    98-369 Dumps
    98-372 Dumps
    98-373 Dumps
    98-374 Dumps
    98-375 Dumps
    98-379 Dumps
    98-380 Dumps
    98-381 Dumps
    98-382 Dumps
    98-383 Dumps
    98-388 Dumps
    AZ-100 Dumps
    AZ-101 Dumps
    AZ-102 Dumps
    INF-203x Dumps
    INF-204x Dumps
    INF-205x Dumps
    INF-206x Dumps
    MB2-700 Dumps
    MB2-701 Dumps
    MB2-702 Dumps
    MB2-703 Dumps
    MB2-704 Dumps
    MB2-706 Dumps
    MB2-707 Dumps
    MB2-708 Dumps
    MB2-709 Dumps
    MB2-710 Dumps
    MB2-711 Dumps
    MB2-712 Dumps
    MB2-713 Dumps
    MB2-714 Dumps
    MB2-715 Dumps
    MB2-716 Dumps
    MB2-717 Dumps
    MB2-718 Dumps
    MB2-719 Dumps
    MB2-877 Dumps
    MB5-705 Dumps
    MB6-700 Dumps
    MB6-701 Dumps
    MB6-702 Dumps
    MB6-703 Dumps
    MB6-704 Dumps
    MB6-705 Dumps
    MB6-884 Dumps
    MB6-885 Dumps
    MB6-886 Dumps
    MB6-889 Dumps
    MB6-890 Dumps
    MB6-892 Dumps
    MB6-893 Dumps
    MB6-894 Dumps
    MB6-895 Dumps
    MB6-896 Dumps
    MB6-897 Dumps
    MB6-898 Dumps