This page was exported from Braindump2go Free Exam Dumps with PDF and VCE Collection [ https://www.mcitpdump.com ] Export date:Fri Nov 22 5:45:59 2024 / +0000 GMT ___________________________________________________ Title: Braindump2go SY0-401 Latest Dumps Free Download Pass SY0-401 Exam 100% (71-80) --------------------------------------------------- COMPTIA NEWS: SY0-401 Exam Questions has been Updated Today! Get Latest SY0-401 VCE and SY0-401 PDF Instantly! Welcome to Download the Newest Braindump2go SY0-401 VCE&SY0-401 PDF Dumps: http://www.braindump2go.com/sy0-401.html (1220 Q&As) New Braindump2go SY0-401 Exam Questions Updated Today! Want to know New Questions in 2015 SY0-401 Exam? Download Free Braindump2go SY0-401 Exam Preparation Materials Now! Exam Code: SY0-401Exam Name: CompTIA Security+Certification Provider: CompTIACorresponding Certification: CompTIA Security+SY0-401 Dump,SY0-401 PDF,SY0-401 VCE,SY0-401 Braindump,SY0-401 Study Guide,SY0-401 Study Guide PDF,SY0-401 Objectives,SY0-401 Practice Test,SY0-401 Practice Exam,SY0-401 Performance Based Questions,SY0-401 Exam Questions,SY0-401 Exam Dumps,SY0-401 Exam PDF,SY0-401 Dumps Free,SY0-401 Dumps PDF QUESTION 71A network consists of various remote sites that connect back to two main locations. Pete, the security administrator, needs to block TELNET access into the network. Which of the following, by default, would be the BEST choice to accomplish this goal? A.    Block port 23 on the L2 switch at each remote siteB.    Block port 23 on the network firewallC.    Block port 25 on the L2 switch at each remote siteD.    Block port 25 on the network firewall Answer: BExplanation:Telnet is a terminal-emulation network application that supports remote connectivity for executing commands and running applications but doesn't support transfer of fi les. Telnet uses TCP port 23. Because it's a clear text protocol and service, it should be avoided and replaced with SSH. QUESTION 72A security analyst noticed a colleague typing the following command:`Telnet some-host 443'Which of the following was the colleague performing? A.    A hacking attempt to the some-host web server with the purpose of achieving a distributed denial of service attack.B.    A quick test to see if there is a service running on some-host TCP/443, which is being routed correctly and not blocked by a firewall.C.    Trying to establish an insecure remote management session. The colleague should be using SSH or terminal services instead.D.    A mistaken port being entered because telnet servers typically do not listen on port 443. Answer: BExplanation:B: The Telnet program parameters are: telnet <hostname> <port> <hostname> is the name or IP address of the remote server to connect to. <port> is the port number of the service to use for the connection. TCP port 443 provides the HTTPS (used for secure web connections) service; it is the default SSL port. By running the Telnet some-host 443 command, the security analyst is checking that routing is done properly and not blocked by a firewall. QUESTION 73Which of the following secure file transfer methods uses port 22 by default? A.    FTPSB.    SFTPC.    SSLD.    S/MIME Answer: BExplanation:SSH uses TCP port 22. All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22. QUESTION 74Which of the following BEST describes the weakness in WEP encryption? A.    The initialization vector of WEP uses a crack-able RC4 encryption algorithm.Once enough packets are captured an XOR operation can be performed and the asymmetric keys can be derived.B.    The WEP key is stored in plain text and split in portions across 224 packets of random data.Once enough packets are sniffed the IV portion of the packets can be removed leaving the plain text key.C.    The WEP key has a weak MD4 hashing algorithm used.A simple rainbow table can be used to generate key possibilities due to MD4 collisions.D.    The WEP key is stored with a very small pool of random numbers to make the cipher text.As the random numbers are often reused it becomes easy to derive the remaining WEP key. Answer: DExplanation:WEP is based on RC4, but due to errors in design and implementation, WEP is weak in a number of areas, two of which are the use of a static common key and poor implementation of initiation vectors (IVs). When the WEP key is discovered, the attacker can join the network and then listen in on all other wireless client communications. QUESTION 75Which of the following would satisfy wireless network implementation requirements to use mutual authentication and usernames and passwords? A.    EAP-MD5B.    WEPC.    PEAP-MSCHAPv2D.    EAP-TLS Answer: CExplanation:PEAP-MS-CHAP v2 is easier to deploy than EAP-TLS or PEAP-TLS because user authentication is accomplished via password-base credentials (user name and password) rather than digital certificates or smart cards. QUESTION 76Matt, a systems security engineer, is determining which credential-type authentication to use within a planned 802.1x deployment. He is looking for a method that does not require a client certificate, has a server side certificate, and uses TLS tunnels for encryption. Which credential type authentication method BEST fits these requirements? A.    EAP-TLSB.    EAP-FASTC.    PEAP-CHAPD.    PEAP-MSCHAPv2 Answer: DExplanation:PEAP-MS-CHAP v2 is easier to deploy than EAP-TLS or PEAP-TLS because user authentication is accomplished via password-base credentials (user name and password) rather than digital certificates or smart cards. Only servers running Network Policy Server (NPS) or PEAP-MS-CHAP v2 are required to have a certificate. QUESTION 77Which of the following means of wireless authentication is easily vulnerable to spoofing? A.    MAC FilteringB.    WPA - LEAPC.    WPA - PEAPD.    Enabled SSID Answer: AExplanation:Each network interface on your computer or any other networked device has a unique MAC address. These MAC addresses are assigned in the factory, but you can easily change, or "spoof," MAC addresses in software.Networks can use MAC address filtering, only allowing devices with specific MAC addresses to connect to a network. This isn't a great security tool because people can spoof their MAC addresses. QUESTION 78Ann, a sales manager, successfully connected her company-issued smartphone to the wireless network in her office without supplying a username/password combination. Upon disconnecting from the wireless network, she attempted to connect her personal tablet computer to the same wireless network and could not connect.Which of the following is MOST likely the reason? A.    The company wireless is using a MAC filter.B.    The company wireless has SSID broadcast disabled.C.    The company wireless is using WEP.D.    The company wireless is using WPA2. Answer: AExplanation:MAC filtering allows you to include or exclude computers and devices based on their MAC address. QUESTION 79After entering the following information into a SOHO wireless router, a mobile device's user reports being unable to connect to the network:PERMIT 0A: D1: FA. B1: 03: 37DENY 01: 33: 7F: AB: 10: ABWhich of the following is preventing the device from connecting? A.    WPA2-PSK requires a supplicant on the mobile device.B.    Hardware address filtering is blocking the device.C.    TCP/IP Port filtering has been implemented on the SOHO router.D.    IP address filtering has disabled the device from connecting. Answer: BExplanation:MAC filtering allows you to include or exclude computers and devices based on their MAC address. QUESTION 80A security analyst has been tasked with securing a guest wireless network. They recommend the company use an authentication server but are told the funds are not available to set this up.Which of the following BEST allows the analyst to restrict user access to approved devices? A.    Antenna placementB.    Power level adjustmentC.    Disable SSID broadcastingD.    MAC filtering Answer: DExplanation:A MAC filter is a list of authorized wireless client interface MAC addresses that is used by a WAP to block access to all unauthorized devices. Thanks For Trying Braindump2go Latest CompTIA SY0-401 Dumps Questions! Braindump2go Exam Dumps ADVANTAGES:? 100% Pass Guaranteed Or Full Money Back!? Instant Download Access After Payment!? One Year Free Updation!? Well Formated: PDF,VCE,Exam Software!? Multi-Platform capabilities – Windows, Laptop, Mac, Android, iPhone, iPod, iPad.? Professional, Quick,Patient IT Expert Team 24/7/31220 Onlinen Help You!? We served more than 35,000 customers all around the world in last 5 years with 98.99% PASS RATE!? Guaranteed Secure Shopping! Your Transcations are protected by Braindump2go all the time!? Pass any exams at the FIRST try! FREE DOWNLOAD: NEW UPDATED SY0-401 PDF Dumps & SY0-401 VCE Dumps from Braindump2go: http://www.braindump2go.com/sy0-401.html (1220 Q&A) --------------------------------------------------- Images: --------------------------------------------------- --------------------------------------------------- Post date: 2015-11-13 01:41:35 Post date GMT: 2015-11-13 01:41:35 Post modified date: 2015-11-13 01:41:35 Post modified date GMT: 2015-11-13 01:41:35 ____________________________________________________________________________________________ Export of Post and Page as text file has been powered by [ Universal Post Manager ] plugin from www.gconverters.com