All About SY0-401 free exam Apr 2017
Q341. Purchasing receives a phone call from a vendor asking for a payment over the phone. The phone number displayed on the caller ID matches the vendor’s number. When the purchasing agent asks to call the vendor back, they are given a different phone number with a different area code.
Which of the following attack types is this?
C. Spear phishing
In this question, the impersonator is impersonating a vendor and asking for payment. They have managed to ‘spoof’ their calling number so that their caller ID matches the vendor’s number. Impersonation is where a person, computer, software application or service pretends to be someone or something it’s not. Impersonation is commonly non-maliciously used in client/server applications. However, it can also be used as a security threat.
Q342. Which of the following firewall types inspects Ethernet traffic at the MOST levels of the OSI model?
A. Packet Filter Firewall
B. Stateful Firewall
C. Proxy Firewall
D. Application Firewall
Stateful inspections occur at all levels of the network.
Q343. An administrator has to determine host operating systems on the network and has deployed a transparent proxy. Which of the following fingerprint types would this solution use?
Q344. After recovering from a data breach in which customer data was lost, the legal team meets with the Chief Security Officer (CSO) to discuss ways to better protect the privacy of customer data.
Which of the following controls support this goal?
A. Contingency planning
B. Encryption and stronger access control
C. Hashing and non-repudiation
D. Redundancy and fault tolerance
Encryption is used to protect data/contents/documents. Access control refers to controlling who accesses any data/contents/documents and to exercise authorized control to the accessing of that data.
Q345. Which of the following is built into the hardware of most laptops but is not setup for centralized management by default?
A. Whole disk encryption
B. TPM encryption
C. USB encryption
D. Individual file encryption
Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores cryptographic keys, passwords, or certificates.
Q346. A security administrator forgets their card to access the server room. The administrator asks a coworker if they could use their card for the day. Which of the following is the administrator using to gain access to the server room?
Impersonation is where a person, computer, software application or service pretends to be someone or something it’s not. Impersonation is commonly non-maliciously used in client/server applications. However, it can also be used as a security threat.
In this question, by using the coworker’s card, the security administrator is ‘impersonating’ the coworker. The server room locking system and any logging systems will ‘think’ that the coworker has entered the server room.
Q347. Which of the following ports would be blocked if Pete, a security administrator, wants to deny access to websites?
Port 80 is used by HTTP, which is the foundation of data communication for the World Wide Web.
Q348. Deploying a wildcard certificate is one strategy to:
A. Secure the certificate’s private key.
B. Increase the certificate’s encryption key length.
C. Extend the renewal date of the certificate.
D. Reduce the certificate management burden.
A wildcard certificate is a public key certificate which can be used with multiple subdomains of a domain. This saves money and reduces the management burden of managing multiple certificates, one for each subdomain.
A single Wildcard certificate for *.example.com, will secure all these domains: payment.example.com contact.example.com
Because the wildcard only covers one level of subdomains (the asterisk doesn't match full stops),
these domains would not be valid for the certificate:
Q349. A security administrator would like to ensure that system administrators are not using the same password for both their privileged and non-privileged accounts. Which of the following security controls BEST accomplishes this goal?
A. Require different account passwords through a policy
B. Require shorter password expiration for non-privileged accounts
C. Require shorter password expiration for privileged accounts
D. Require a greater password length for privileged accounts
Q350. Which of the following is described as an attack against an application using a malicious file?
A. Client side attack
C. Impersonation attack
D. Phishing attack
In this question, a malicious file is used to attack an application. If the application is running on a
client computer, this would be a client side attack. Attacking a service or application on a server
would be a server side attack.
Client-side attacks target vulnerabilities in client applications interacting with a malicious data. The
difference is the client is the one initiating the bad connection.
Client-side attacks are becoming more popular. This is because server side attacks are not as
easy as they once were according to apache.org.
Attackers are finding success going after weaknesses in desktop applications such as browsers,
media players, common office applications and e-mail clients.
To defend against client-side attacks keep-up the most current application patch levels, keep
antivirus software updated and keep authorized software to a minimum.