[Free] 2018(Aug) Dumps4cert CompTIA SY0-401 Dumps with VCE and PDF Download 701-710

Dumps4cert.com : Latest Dumps with PDF and VCE Files
2018 Aug CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!

CompTIA Security Certification

Question No: 701 – (Topic 3)

A security manager must remain aware of the security posture of each system. Which of the following supports this requirement?

  1. Training staff on security policies

  2. Establishing baseline reporting

  3. Installing anti-malware software

  4. Disabling unnecessary accounts/services

Answer: B Explanation:

The IT baseline protection approach is a methodology to identify and implement computer security measures in an organization. The aim is the achievement of an adequate and appropriate level of security for IT systems. This is known as a baseline.

A baseline report compares the current status of network systems in terms of security updates, performance or other metrics to a predefined set of standards (the baseline).

Question No: 702 – (Topic 3)

Ann, a security analyst, is preparing for an upcoming security audit. To ensure that she identifies unapplied security controls and patches without attacking or compromising the system, Ann would use which of the following?

  1. Vulnerability scanning

  2. SQL injection

  3. Penetration testing

  4. Antivirus update

Answer: A Explanation:

A vulnerability scan is the process of scanning the network and/or I.T. infrastructure for threats and vulnerabilities. The threats and vulnerabilities are then evaluated in a risk assessment and the necessary actions taken to resolve and vulnerabilities. A vulnerability scan scans for known weaknesses such as missing patches or security updates.

A vulnerability scan is the automated process of proactively identifying security vulnerabilities of computing systems in a network in order to determine if and where a system can be exploited and/or threatened. While public servers are important for communication and data transfer over the Internet, they open the door to potential security breaches by threat agents, such as malicious hackers.

Vulnerability scanning employs software that seeks out security flaws based on a database of known flaws, testing systems for the occurrence of these flaws and generating a report of the findings that an individual or an enterprise can use to tighten the network#39;s security.

Question No: 703 – (Topic 3)

A security administrator looking through IDS logs notices the following entry: (where email=joe@joe.com and passwd= ‘or 1==1’)

Which of the following attacks had the administrator discovered?

  1. SQL injection

  2. XML injection

  3. Cross-site script

  4. Header manipulation

Answer: A Explanation:

The code in the question is an example of a SQL Injection attack. The code ‘1==1’ will always provide a value of true. This can be included in statement designed to return all rows in a SQL table.

SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump

the database contents to the attacker). SQL injection must exploit a security vulnerability in an application#39;s software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.

Question No: 704 – (Topic 3)

Which of the following is a penetration testing method?

  1. Searching the WHOIS database for administrator contact information

  2. Running a port scanner against the target#39;s network

  3. War driving from a target#39;s parking lot to footprint the wireless network

  4. Calling the target#39;s helpdesk, requesting a password reset

Answer: D Explanation:

A penetration test is a proactive and authorized attempt to evaluate the security of an IT infrastructure by safely attempting to exploit system vulnerabilities, including OS, service and application flaws, improper configurations, and even risky end-user behavior. Such assessments are also useful in validating the efficacy of defensive mechanisms, as well as end-users’ adherence to security policies.

Penetration testing evaluates an organization’s ability to protect its networks, applications, endpoints and users from external or internal attempts to circumvent its security controls to gain unauthorized or privileged access to protected assets. Test results validate the risk posed by specific security vulnerabilities or flawed processes, enabling IT management and security professionals to prioritize remediation efforts. By embracing more frequent and comprehensive penetration testing, organizations can more effectively anticipate emerging security risks and prevent unauthorized access to critical systems and valuable information. Penetration tests are not always technically clever attempts to access a network. By calling the target#39;s helpdesk and requesting a password reset, if they reset the password without requiring proof that you are authorized to request a password change, you can easily gain access to the network.

Question No: 705 – (Topic 3)

A malicious individual is attempting to write too much data to an application’s memory. Which of the following describes this type of attack?

  1. Zero-day

  2. SQL injection

  3. Buffer overflow

  4. XSRF

Answer: C Explanation:

A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information – which has to go somewhere – can overflow into adjacent buffers, corrupting or overwriting the valid data held in them.

Although it may occur accidentally through programming error, buffer overflow is an increasingly common type of security attack on data integrity. In buffer overflow attacks, the extra data may contain codes designed to trigger specific actions, in effect sending new instructions to the attacked computer that could, for example, damage the user#39;s files, change data, or disclose confidential information. Buffer overflow attacks are said to have arisen because the C programming language supplied the framework, and poor programming practices supplied the vulnerability.

Question No: 706 – (Topic 3)

Joe, an employee is taking a taxi through a busy city and starts to receive unsolicited files sent to his Smartphone. Which of the following is this an example of?

  1. Vishing

  2. Bluejacking

  3. War Driving

  4. SPIM

  5. Bluesnarfing

Answer: B Explanation:

Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs or laptop computers, sending a vCard which typically contains a message in the name field (i.e., for bluedating or bluechat) to another Bluetooth-enabled device via the OBEX protocol.

Bluetooth has a very limited range, usually around 10 metres (32.8 ft) on mobile phones, but laptops can reach up to 100 metres (328 ft) with powerful (Class 1) transmitters.

Bluejacking is usually harmless, but because bluejacked people generally don#39;t know what has happened, they may think that their phone is malfunctioning. Usually, a bluejacker will only send a text message, but with modern phones it#39;s possible to send images or sounds as well. Bluejacking has been used in guerrilla marketing campaigns to promote advergames.

Question No: 707 – (Topic 3)

During an anonymous penetration test, Jane, a system administrator, was able to identify a shared print spool directory, and was able to download a document from the spool. Which statement BEST describes her privileges?

  1. All users have write access to the directory.

  2. Jane has read access to the file.

  3. All users have read access to the file.

  4. Jane has read access to the directory.

Answer: C Explanation:

The question states that Jane was able to download a document from the spool directory. To view and download the document, Jane must have at least Read access to the file. The fact that the document belonged to someone else suggests that all users have read access to the file.

Question No: 708 – (Topic 3)

Ann, the software security engineer, works for a major software vendor. Which of the following practices should be implemented to help prevent race conditions, buffer overflows, and other similar vulnerabilities prior to each production release?

  1. Product baseline report

  2. Input validation

  3. Patch regression testing

  4. Code review

Answer: D Explanation:

The problems listed in this question can be caused by problems with the application code. Reviewing the code will help to prevent the problems.

The purpose of code review is to look at all custom written code for holes that may exist. The review needs also to examine changes that the code-most likely in the form of a finished application-may make: configuration files, libraries, and the like. During this examination, look for threats such as opportunities for injection to occur (SQL, LDAP, code, and so on), cross-site request forgery, and authentication. Code review is often conducted as a part of gray box testing. Looking at source code can often be one of the easiest ways to find weaknesses within the application. Simply reading the code is known as manual assessment, whereas using tools to scan the code is known as automated assessment.

Question No: 709 – (Topic 3)

Matt, an IT administrator, wants to protect a newly built server from zero day attacks. Which of the following would provide the BEST level of protection?

  1. HIPS

  2. Antivirus

  3. NIDS

  4. ACL

Answer: A Explanation:

Intrusion prevention systems (IPS), also known as intrusion detection and prevention systems (IDPS), are network security appliances that monitor network and/or system activities for malicious activity. The main functions of intrusion prevention systems are to identify malicious activity, log information about this activity, attempt to block/stop it, and report it.

Intrusion prevention systems are considered extensions of intrusion detection systems because they both monitor network traffic and/or system activities for malicious activity. The main differences are, unlike intrusion detection systems, intrusion prevention systems are placed in-line and are able to actively prevent/block intrusions that are detected. More specifically, IPS can take such actions as sending an alarm, dropping the malicious packets, resetting the connection and/or blocking the traffic from the offending IP address. An IPS can also correct Cyclic Redundancy Check (CRC) errors, unfragment packet

streams, prevent TCP sequencing issues, and clean up unwanted transport and network layer options.

Host-based intrusion prevention system (HIPS) is an installed software package which monitors a single host for suspicious activity by analyzing events occurring within that host. A Host-based intrusion prevention system (HIPS) is an installed software package which monitors a single host for suspicious activity by analyzing events occurring within that host. As a zero-day attack is an unknown vulnerability (a vulnerability that does not have a fix or a patch to prevent it), the best defence would be an intrusion prevention system.

Question No: 710 – (Topic 3)

An attacker crafts a message that appears to be from a trusted source, but in reality it redirects the recipient to a malicious site where information is harvested. The message is narrowly tailored so it is effective on only a small number of victims. This describes which of the following?

  1. Spear phishing

  2. Phishing

  3. Smurf attack

  4. Vishing

Answer: A Explanation:

Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. As with the e-mail messages used in regular phishing expeditions, spear phishing messages appear to come from a trusted source. Phishing messages usually appear to come from a large and well-known company or Web site with a broad membership base, such as eBay or PayPal. In the case of spear phishing, however, the apparent source of the e-mail is likely to be an individual within the recipient#39;s own company and generally someone in a position of authority.

100% Dumps4cert Free Download!
SY0-401 PDF
100% Dumps4cert Pass Guaranteed!
SY0-401 Dumps

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No