[Free] 2018(June) Dumps4cert CompTIA SY0-401 Dumps with VCE and PDF Download 911-920

Dumps4cert.com : Latest Dumps with PDF and VCE Files
2018 May CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!

CompTIA Security Certification

Question No: 911 – (Topic 5)

A security administrator wants to check user password complexity. Which of the following is the

BEST tool to use?

  1. Password history

  2. Password logging

  3. Password cracker

  4. Password hashing

Answer: C Explanation:

The most important countermeasure against password crackers is to use long, complex passwords, which are changed regularly. Password-cracking tools compare hashes from potential passwords with the hashes stored in the accounts database. Each potential password is hashed, and that hash value is compared with the accounts database. If a match is found, the password-cracker tool has discovered a password for a user account.

Question No: 912 – (Topic 5)

An organization has introduced token-based authentication to system administrators due to risk of password compromise. The tokens have a set of numbers that automatically change every 30 seconds. Which of the following type of authentication mechanism is this?

  1. TOTP

  2. Smart card

  3. CHAP

  4. HOTP

Answer: A Explanation:

Time-based one-time password (TOTP) tokens are devices or applications that generate passwords at fixed time intervals. In this case, it’s every 30 seconds.

Question No: 913 – (Topic 5)

A company plans to expand by hiring new engineers who work in highly specialized areas. Each engineer will have very different job requirements and use unique tools and applications in their job. Which of the following is MOST appropriate to use?

  1. Role-based privileges

  2. Credential management

  3. User assigned privileges

  4. User access

Answer: A Explanation:

In this question, we have engineers who require different tools and applications according to their specialized job function. We can therefore use the Role-Based Access Control model.

Role-Based Access Control (RBAC) models approach the problem of access control based on established roles in an organization. RBAC models implement access by job function or by responsibility. Each employee has one or more roles that allow access to specific information. If a person moves from one role to another, the access for the previous role

will no longer be available.

Instead of thinking “Denise needs to be able to edit files,” RBAC uses the logic “Editors need to be able to edit files” and “Denise is a member of the Editors group.” This model is always good for use in an environment in which there is high employee turnover.

Question No: 914 – (Topic 5)

Which of the following is a BEST practice when dealing with user accounts that will only need to be active for a limited time period?

  1. When creating the account, set the account to not remember password history.

  2. When creating the account, set an expiration date on the account.

  3. When creating the account, set a password expiration date on the account.

  4. When creating the account, set the account to have time of day restrictions.

Answer: B Explanation:

Disablement is a secure feature to employ on user accounts for temporary workers, interns, or consultants. It automatically disables a user account or causes the account to expire at a specific time and on a specific day.

Question No: 915 – (Topic 5)

Which of the following is an authentication and accounting service that uses TCP for connecting to routers and switches?

  1. DIAMETER

  2. RADIUS

  3. TACACS

  4. Kerberos

Answer: C Explanation:

TACACS is an authentication, authorization, and accounting (AAA) service that makes us of TCP only.

Question No: 916 – (Topic 5)

A password history value of three means which of the following?

  1. Three different passwords are used before one can be reused.

  2. A password cannot be reused once changed for three years.

  3. After three hours a password must be re-entered to continue.

  4. The server stores passwords in the database for three days.

Answer: A Explanation:

Password History defines the number of unique new passwords a user must use before an old password can be reused.

Question No: 917 – (Topic 5)

The security administrator notices a user logging into a corporate Unix server remotely as root. Which of the following actions should the administrator take?

  1. Create a firewall rule to block SSH

  2. Delete the root account

  3. Disable remote root logins

  4. Ensure the root account has a strong password

Answer: C Explanation:

Remote users log in to Unix or Linux servers by using SSH. Although SSH is secure, allowing remote access as root is a security risk.

One of the biggest security holes you could open on a Unix or Linux server is to allow directly logging in as root through SSH, because any cracker can attempt to brute force your root password and potentially get access to your system if they can figure out your password.

It’s much better to have a separate account that you regularly use and simply sudo to root when necessary.

You should disable root ssh access by editing /etc/ssh/sshd_config to contain: PermitRootLogin no

Question No: 918 – (Topic 5)

Which of the following should be done before resetting a user’s password due to expiration?

  1. Verify the user’s domain membership.

  2. Verify the user’s identity.

  3. Advise the user of new policies.

  4. Verify the proper group membership.

Answer: B Explanation:

When resetting a password, users have to establish their identity by answering a series of personal questions, using a hardware authentication token, or responding to a password notification e-mail. Users can then either specify a new, unlocked password, or ask that a randomly generated one be provided. This can be done from their workstation login prompt, or through a telephone call.

Question No: 919 – (Topic 5)

An auditing team has found that passwords do not meet best business practices. Which of the following will MOST increase the security of the passwords? (Select TWO).

  1. Password Complexity

  2. Password Expiration

  3. Password Age

  4. Password Length

  5. Password History

Answer: A,D Explanation:

Passwords should have the strength to avoid discovery through attack, but it should also be easy enough for the user to remember. The length and complexity of a password combined are vital factors in defining a password’s strength.

Question No: 920 – (Topic 5)

Which of the following protocols provides for mutual authentication of the client and server?

  1. Two-factor authentication

  2. Radius

  3. Secure LDAP

  4. Biometrics

Answer: C Explanation:

C: The LDAP directory service is based on a client-server model. The function of LDAP is to enable access to an existing directory. Because it is a client-server model it makes provision for mutual authentication between the two parties.

100% Dumps4cert Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Dumps4cert Pass Guaranteed!
Download 2018 Dumps4cert SY0-401 Full Exam PDF and VCE

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No


Leave a Reply

Your email address will not be published. Required fields are marked *

  • Categories

  • Tags

  • Hot Exams

  • Hot Exams

  • Hot Catageories

  • microsoft dumps

    62-193 Dumps
    70-243 Dumps
    70-246 Dumps
    70-247 Dumps
    70-331 Dumps
    70-332 Dumps
    70-333 Dumps
    70-334 Dumps
    70-339 Dumps
    70-341 Dumps
    70-342 Dumps
    70-345 Dumps
    70-346 Dumps
    70-347 Dumps
    70-348 Dumps
    70-354 Dumps
    70-355 Dumps
    70-357 Dumps
    70-383 Dumps
    70-384 Dumps
    70-385 Dumps
    70-398 Dumps
    70-410 Dumps
    70-411 Dumps
    70-412 Dumps
    70-413 Dumps
    70-414 Dumps
    70-417 Dumps
    70-461 Dumps
    70-462 Dumps
    70-463 Dumps
    70-464 Dumps
    70-465 Dumps
    70-466 Dumps
    70-467 Dumps
    70-469 Dumps
    70-470 Dumps
    70-473 Dumps
    70-475 Dumps
    70-480 Dumps
    70-481 Dumps
    70-482 Dumps
    70-483 Dumps
    70-484 Dumps
    70-485 Dumps
    70-486 Dumps
    70-487 Dumps
    70-488 Dumps
    70-489 Dumps
    70-490 Dumps
    70-491 Dumps
    70-492 Dumps
    70-494 Dumps
    70-496 Dumps
    70-497 Dumps
    70-498 Dumps
    70-499 Dumps
    70-517 Dumps
    70-532 Dumps
    70-533 Dumps
    70-534 Dumps
    70-535 Dumps
    70-537 Dumps
    70-640 Dumps
    70-642 Dumps
    70-646 Dumps
    70-673 Dumps
    70-680 Dumps
    70-681 Dumps
    70-682 Dumps
    70-684 Dumps
    70-685 Dumps
    70-686 Dumps
    70-687 Dumps
    70-688 Dumps
    70-689 Dumps
    70-692 Dumps
    70-694 Dumps
    70-695 Dumps
    70-696 Dumps
    70-697 Dumps
    70-698 Dumps
    70-703 Dumps
    70-705 Dumps
    70-713 Dumps
    70-734 Dumps
    70-735 Dumps
    70-740 Dumps
    70-741 Dumps
    70-742 Dumps
    70-743 Dumps
    70-744 Dumps
    70-745 Dumps
    70-761 Dumps
    70-762 Dumps
    70-764 Dumps
    70-765 Dumps
    70-767 Dumps
    70-768 Dumps
    70-773 Dumps
    70-774 Dumps
    70-775 Dumps
    70-776 Dumps
    70-778 Dumps
    70-779 Dumps
    70-980 Dumps
    70-981 Dumps
    70-982 Dumps
    74-343 Dumps
    74-344 Dumps
    74-409 Dumps
    74-678 Dumps
    74-697 Dumps
    77-418 Dumps
    77-419 Dumps
    77-420 Dumps
    77-421 Dumps
    77-422 Dumps
    77-423 Dumps
    77-424 Dumps
    77-425 Dumps
    77-426 Dumps
    77-427 Dumps
    77-428 Dumps
    77-600 Dumps
    77-601 Dumps
    77-602 Dumps
    77-603 Dumps
    77-604 Dumps
    77-605 Dumps
    77-725 Dumps
    77-726 Dumps
    77-727 Dumps
    77-728 Dumps
    77-729 Dumps
    77-730 Dumps
    77-731 Dumps
    77-853 Dumps
    77-881 Dumps
    77-882 Dumps
    77-883 Dumps
    77-884 Dumps
    77-885 Dumps
    77-886 Dumps
    77-887 Dumps
    77-888 Dumps
    77-891 Dumps
    98-349 Dumps
    98-361 Dumps
    98-362 Dumps
    98-363 Dumps
    98-364 Dumps
    98-365 Dumps
    98-366 Dumps
    98-367 Dumps
    98-368 Dumps
    98-369 Dumps
    98-372 Dumps
    98-373 Dumps
    98-374 Dumps
    98-375 Dumps
    98-379 Dumps
    98-380 Dumps
    98-381 Dumps
    98-382 Dumps
    98-383 Dumps
    98-388 Dumps
    AZ-100 Dumps
    AZ-101 Dumps
    AZ-102 Dumps
    INF-203x Dumps
    INF-204x Dumps
    INF-205x Dumps
    INF-206x Dumps
    MB2-700 Dumps
    MB2-701 Dumps
    MB2-702 Dumps
    MB2-703 Dumps
    MB2-704 Dumps
    MB2-706 Dumps
    MB2-707 Dumps
    MB2-708 Dumps
    MB2-709 Dumps
    MB2-710 Dumps
    MB2-711 Dumps
    MB2-712 Dumps
    MB2-713 Dumps
    MB2-714 Dumps
    MB2-715 Dumps
    MB2-716 Dumps
    MB2-717 Dumps
    MB2-718 Dumps
    MB2-719 Dumps
    MB2-877 Dumps
    MB5-705 Dumps
    MB6-700 Dumps
    MB6-701 Dumps
    MB6-702 Dumps
    MB6-703 Dumps
    MB6-704 Dumps
    MB6-705 Dumps
    MB6-884 Dumps
    MB6-885 Dumps
    MB6-886 Dumps
    MB6-889 Dumps
    MB6-890 Dumps
    MB6-892 Dumps
    MB6-893 Dumps
    MB6-894 Dumps
    MB6-895 Dumps
    MB6-896 Dumps
    MB6-897 Dumps
    MB6-898 Dumps