CompTIA SY0-401 Free Practice Questions

Answer: B 

Explanation: 

The administrator is the person responsible for setting the security policy for an organization and is responsible for making decisions about the deployment and configuration of the IDS. 

Answer: B 

Explanation: 

This question is asking about a new private network link (a VPN) with a business partner. This will 

provide access to the local network from the business partner. 

When implementing a VPN, an important step is the design of the VPN. The VPN should be 

designed to ensure that the security of the network and local systems is not compromised. 

The design review assessment examines the ports and protocols used, the rules, segmentation, 

and access control in the systems or applications. A design review is basically a check to ensure 

that the design of the system meets the security requirements. 

Answer: B 

Explanation: 

This question describes a buffer overflow attack. 

A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. Although it may occur accidentally through programming error, buffer overflow is an increasingly common type of security attack on data integrity. In buffer overflow attacks, the extra data may contain codes designed to trigger specific actions, in effect sending new instructions to the attacked computer that could, for example, damage the user's files, change data, or disclose confidential information. Buffer overflow attacks are said to have arisen because the C programming language supplied the framework, and poor programming practices supplied the vulnerability. 

Answer: D 

Explanation: 

Disabling unused switch ports a simple method many network administrators use to help secure their network from unauthorized access. 

All ports not in use should be disabled. Otherwise, they present an open door for an attacker to enter. 

Answer: C 

Explanation: 

SCP (Secure Copy) uses SSH (Secure Shell). SSH runs in the application layer (layer 7) of the OSI model. 

Answer: C 

Explanation: 

HVAC refers to heating, ventilation and air-conditioning to allow for a zone-based environmental control measure. The fire-alarm system should ideally also be hooked up to the HVAC so that the HVAC can monitor the changes in heating and ventilation. 

Answer: A 

Explanation: 

Information classification is done by confidentiality and comprises of three categories, namely: public use, internal use and restricted use. These categories make applying the appropriate policies and security controls practical. 

Answer: D 

Explanation: 

Creating a security group for each folder and assigning necessary users to each group would only allow users belonging to the folder’s security group access to the folder. It will make assigning folder privileges much easier, while also being more secure. 

Answer: C 

Explanation: 

Cable locks are theft deterrent devices that can be used to tether a device to a fixed point keep smaller devices from being easy to steal. 

Answer: C 

Explanation: 

Promiscuous mode allows the network card to look at any packet that it sees on the network. This even includes packets that are not addressed to that network card. 

Answer: B 

Explanation: 

Answer: A 

Explanation: 

SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker). SQL injection must exploit a security vulnerability in an application's software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database. 

Answer: A 

Explanation: 

The CCTV camera has recorded people entering their PINs in the ATMs. This is known as shoulder surfing. 

Shoulder surfing is using direct observation techniques, such as looking over someone's shoulder, to get information. Shoulder surfing is an effective way to get information in crowded places because it's relatively easy to stand next to someone and watch as they fill out a form, enter a PIN number at an ATM machine, or use a calling card at a public pay phone. Shoulder surfing can also be done long distance with the aid of binoculars or other vision-enhancing devices. To prevent shoulder surfing, experts recommend that you shield paperwork or your keypad from view by using your body or cupping your hand. 

Answer: A 

Explanation: 

A full backup is a complete, comprehensive backup of all fi les on a disk or server. The full backup is current only at the time it’s performed. Once a full backup is made, you have a complete archive of the system at that point in time. A system shouldn’t be in use while it undergoes a full backup because some fi les may not get backed up. Once the system goes back into operation, the backup is no longer current. A full backup can be a time-consuming process on a large system. An incremental backup is a partial backup that stores only the information that has been changed since the last full or the last incremental backup. If a full backup were performed on a Sunday night, an incremental backup done on Monday night would contain only the information that changed since Sunday night. Such a backup is typically considerably smaller than a full backup. Each incremental backup must be retained until a full backup can be performed. Incremental backups are usually the fastest backups to perform on most systems, and each incremental backup tape is relatively small. 

Answer: D 

Explanation: 

When setting up a wireless network, you’ll find two very different modes of Wi-Fi Protected Access (WPA) security, which apply to both the WPA and WPA2 versions. The easiest to setup is the Personal mode, technically called the Pre-Shared Key (PSK) mode. It doesn’t require anything beyond the wireless router or access points (APs) and uses a single passphrase or password for all users/devices. The other is the Enterprise mode —which should be used by businesses and organizations—and 

is also known as the RADIUS, 802.1X, 802.11i, or EAP mode. It provides better security and key 

management, and supports other enterprise-type functionality, such as VLANs and NAP. 

However, it requires an external authentication server, called a Remote Authentication Dial In User 

Service (RADIUS) server to handle the 802.1X authentication of users. 

To help you better understand the process of setting up WPA/WPA2-Enterprise and 802.1X, 

here’s the basic overall steps: 

Choose, install, and configure a RADIUS server, or use a hosted service. 

Create a certificate authority (CA), so you can issue and install a digital certificate onto the 

RADIUS server, which may be done as a part of the RADIUS server installation and configuration. 

Alternatively, you could purchase a digital certificate from a public CA, such as GoDaddy or 

Verisign, so you don’t have to install the server certificate on all the clients. If using EAP-TLS, 

you’d also create digital certificates for each end-user. 

On the server, populate the RADIUS client database with the IP address and shared secret for 

each AP. 

On the server, populate user data with usernames and passwords for each end-user. 

On each AP, configure the security for WPA/WPA2-Enterprise and input the RADIUS server IP 

address and the shared secret you created for that particular AP. 

On each Wi-Fi computer and device, configure the security for WPA/WPA2-Enterprise and set the 

802.1X authentication settings.