Want to Pass SY0-401 Exam In Next HOURS? Get it now →
August 2, 2017

Amazing sy0 401 dump secrets

Want to know Ucertify sy0 401 dump Exam practice test features? Want to lear more about CompTIA CompTIA Security+ Certification certification experience? Study Precise CompTIA comptia security+ study guide sy0 401 answers to Update sy0 401 vce questions at Ucertify. Gat a success with an absolute guarantee to pass CompTIA sy0 401 study guide pdf (CompTIA Security+ Certification) test on your first attempt.

Q661. A malicious user is sniffing a busy encrypted wireless network waiting for an authorized client to connect to it. Only after an authorized client has connected and the hacker was able to capture the client handshake with the AP can the hacker begin a brute force attack to discover the encryption key. Which of the following attacks is taking place? 

A. IV attack 

B. WEP cracking 

C. WPA cracking 

D. Rogue AP 



There are three steps to penetrating a WPA-protected network. Sniffing Parsing Attacking 

Q662. Which of the following tools would allow Ann, the security administrator, to be able to BEST quantify all traffic on her network? 

A. Honeypot 

B. Port scanner 

C. Protocol analyzer 

D. Vulnerability scanner 



A Protocol Analyzer is a hardware device or more commonly a software program used to capture 

network data communications sent between devices on a network. By capturing and analyzing the 

packets sent between the systems on the network, Ann would be able to quantify the amount of 

traffic on the network. 

Well known software protocol analyzers include Message Analyzer (formerly Network Monitor) 

from Microsoft and Wireshark (formerly Ethereal). 

Q663. After visiting a website, a user receives an email thanking them for a purchase which they did not request. Upon investigation the security administrator sees the following source code in a pop-up window: 


<body onload="document.getElementByID(‘badForm’).submit()"> 

<form id="badForm" action="shoppingsite.company.com/purchase.php" method="post" > 

<input name="Perform Purchase" value="Perform Purchase"/> 




Which of the following has MOST likely occurred? 

A. SQL injection 

B. Cookie stealing 





XSRF or cross-site request forgery applies to web applications and is an attack that exploits the web application’s trust of a user who known or is supposed to have been authenticated. This is often accomplished without the user’s knowledge. 

Q664. Several employees have been printing files that include personally identifiable information of customers. Auditors have raised concerns about the destruction of these hard copies after they are created, and management has decided the best way to address this concern is by preventing these files from being printed. 

Which of the following would be the BEST control to implement? 

A. File encryption 

B. Printer hardening 

C. Clean desk policies 

D. Data loss prevention 



Data loss prevention (DLP) systems monitor the contents of systems (workstations, servers, and networks) to make sure that key content is not deleted or removed. They also monitor who is using the data (looking for unauthorized access) and transmitting the data. This would address the concerns of the auditors. 

Q665. A security administrator must implement a system to allow clients to securely negotiate encryption keys with the company’s server over a public unencrypted communication channel. 

Which of the following implements the required secure key negotiation? (Select TWO). 


B. Symmetric encryption 

C. Steganography 


E. Diffie-Hellman 

Answer: D,E 


Elliptic curve Diffie–Hellman (ECDH) is an anonymous key agreement protocol that allows two parties, each having an elliptic curve public-private key pair, to establish a shared secret over an insecure channel. This shared secret may be directly used as a key, or better yet, to derive another key which can then be used to encrypt subsequent communications using a symmetric key cipher. It is a variant of the Diffie–Hellman protocol using elliptic curve cryptography. Note: Adding an ephemeral key to Diffie-Hellman turns it into DHE (which, despite the order of the acronym, stands for Ephemeral Diffie-Hellman). Adding an ephemeral key to Elliptic Curve Diffie-Hellman turns it into ECDHE (again, overlook the order of the acronym letters, it is called Ephemeral Elliptic Curve Diffie-Hellman). It is the ephemeral component of each of these that provides the perfect forward secrecy. 

Q666. A new application needs to be deployed on a virtual server. The virtual server hosts a SQL server that is used by several employees. Which of the following is the BEST approach for implementation of the new application on the virtual server? 

A. Take a snapshot of the virtual server after installing the new application and store the snapshot in a secure location. 

B. Generate a baseline report detailing all installed applications on the virtualized server after installing the new application. 

C. Take a snapshot of the virtual server before installing the new application and store the snapshot in a secure location. 

D. Create an exact copy of the virtual server and store the copy on an external hard drive after installing the new application. 



Q667. Protecting the confidentiality of a message is accomplished by encrypting the message with which of the following? 

A. Sender's private key 

B. Recipient's public key 

C. Sender's public key 

D. Recipient's private key 



Q668. An attacker crafts a message that appears to be from a trusted source, but in reality it redirects the recipient to a malicious site where information is harvested. The message is narrowly tailored so it is effective on only a small number of victims. This describes which of the following? 

A. Spear phishing 

B. Phishing 

C. Smurf attack 

D. Vishing 



Q669. After a user performed a war driving attack, the network administrator noticed several similar markings where WiFi was available throughout the enterprise. Which of the following is the term used to describe these markings? 

A. IV attack 

B. War dialing 

C. Rogue access points 

D. War chalking 



War chalking is the act of making chalk marks on outdoor surfaces (walls, sidewalks, buildings, sign posts, trees) to indicate the existence of an open wireless network connection, usually offering an Internet connection so that others can benefit from the free wireless access. The open connections typically come from the access points of wireless networks located within buildings to serve enterprises. The chalk symbols indicate the type of access point that is available at that specific spot. 

Q670. A router has a single Ethernet connection to a switch. In the router configuration, the Ethernet interface has three sub-interfaces, each configured with ACLs applied to them and 802.1q trunks. 

Which of the following is MOST likely the reason for the sub-interfaces? 

A. The network uses the subnet of 

B. The switch has several VLANs configured on it. 

C. The sub-interfaces are configured for VoIP traffic. 

D. The sub-interfaces each implement quality of service. 



A subinterface is a division of one physical interface into multiple logical interfaces. Routers commonly employ subinterfaces for a variety of purposes, most common of these are for routing traffic between VLANs. Also, IEEE 802.1Q is the networking standard that supports virtual LANs (VLANs) on an Ethernet network. 

see more free SY0-401 exam dumps