Ensurepass.com : Ensure you pass the IT Exams
2018 Apr CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!
CompTIA Security Certification
Question No: 1031 – (Topic 6)
Which of the following is true about the CRL?
-
It should be kept public
-
It signs other keys
-
It must be kept secret
-
It must be encrypted
Answer: A Explanation:
The CRL must be public so that it can be known which keys and certificates have been revoked.
In the operation of some cryptosystems, usually public key infrastructures (PKIs), a certificate revocation list (CRL) is a list of certificates (or more specifically, a list of serial numbers for certificates) that have been revoked, and therefore, entities presenting those (revoked) certificates should no longer be trusted.
Question No: 1032 – (Topic 6)
Which of the following types of cryptography should be used when minimal overhead is necessary for a mobile device?
-
Block cipher
-
Elliptical curve cryptography
-
Diffie-Hellman algorithm
-
Stream cipher
Answer: B Explanation:
Regarding the performance of ECC applications on various mobile devices, ECC is the most suitable PKC (Public-key cryptography) scheme for use in a constrained environment. Note: Elliptic curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. One of the main benefits in comparison with non-ECC cryptography (with plain Galois fields as a basis) is the same level of security provided by keys of smaller size. Using smaller key size would be faster.
Question No: 1033 – (Topic 6)
Which of the following cryptographic algorithms is MOST often used with IPSec?
-
Blowfish
-
Twofish
-
RC4
-
HMAC
Answer: D Explanation:
The HMAC-MD5-96 (also known as HMAC-MD5) encryption technique is used by IPSec to make sure that a message has not been altered.
Question No: 1034 – (Topic 6)
When using PGP, which of the following should the end user protect from compromise? (Select TWO).
-
Private key
-
CRL details
-
Public key
-
Key password
-
Key escrow
-
Recovery agent
Answer: A,D Explanation:
A: In PGP only the private key belonging to the receiver can decrypt the session key. PGP combines symmetric-key encryption and public-key encryption. The message is encrypted using a symmetric encryption algorithm, which requires a symmetric key. Each symmetric key is used only once and is also called a session key.
D: PGP uses a passphrase to encrypt your private key on your machine. Your private key is encrypted on your disk using a hash of your passphrase as the secret key. You use the passphrase to decrypt and use your private key.
Question No: 1035 – (Topic 6)
Matt, a security analyst, needs to select an asymmetric encryption method that allows for the same level of encryption strength with a lower key length than is typically necessary. Which of the following encryption methods offers this capability?
-
Twofish
-
Diffie-Hellman
-
ECC
-
RSA
Answer: C Explanation:
Elliptic curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. One of the main benefits in comparison with non-ECC cryptography (with plain Galois fields as a basis) is the same level of security provided by keys of smaller size.
Question No: 1036 – (Topic 6)
Public key certificates and keys that are compromised or were issued fraudulently are listed on which of the following?
-
PKI
-
ACL
-
CA
-
CRL
Answer: D Explanation:
A CRL is a locally stored record containing revoked certificates and revoked keys.
Question No: 1037 – (Topic 6)
Which of the following protocols uses an asymmetric key to open a session and then establishes a symmetric key for the remainder of the session?
-
SFTP
-
HTTPS
-
TFTP
-
TLS
Answer: D Explanation:
SSL establishes a session using asymmetric encryption and maintains the session using symmetric encryption.
Question No: 1038 – (Topic 6)
Which of the following transportation encryption protocols should be used to ensure maximum security between a web browser and a web server?
-
SSLv2
-
SSHv1
-
RSA
-
TLS
Answer: D Explanation:
HTTP Secure HTTP Secure (HTTPS) is the protocol used for “secure” web pages that
users should see when they must enter personal information such as credit card numbers, passwords, and other identifiers. It combines HTTP with SSL/TLS to provide encrypted communication.
Transport Layer Security (TLS) is a security protocol that expands upon SSL. Many industry analysts predict that TLS will replace SSL, and it is also referred to as SSL 3.1.
Question No: 1039 – (Topic 6)
Protecting the confidentiality of a message is accomplished by encrypting the message with which of the following?
-
Sender#39;s private key
-
Recipient#39;s public key
-
Sender#39;s public key
-
Recipient#39;s private key
Answer: B Explanation:
To achieve both authentication and confidentiality, the sender should include the recipient#39;s name in the message, sign it using his private key, and then encrypt both the message and the signature using the recipient#39;s public key.
Question No: 1040 – (Topic 6)
When reviewing a digital certificate for accuracy, which of the following would Matt, a security administrator, focus on to determine who affirms the identity of the certificate owner?
-
Trust models
-
CRL
-
CA
-
Recovery agent
Answer: C Explanation:
A certificate authority (CA) is an organization that is responsible for issuing, revoking, and
distributing certificates. The CA affirms the identity of the certificate owner.
100% Ensurepass Free Download!
–Download Free Demo:SY0-401 Demo PDF
100% Ensurepass Free Guaranteed!
–SY0-401 Dumps
| EnsurePass | ExamCollection | Testking | |
|---|---|---|---|
| Lowest Price Guarantee | Yes | No | No |
| Up-to-Dated | Yes | No | No |
| Real Questions | Yes | No | No |
| Explanation | Yes | No | No |
| PDF VCE | Yes | No | No |
| Free VCE Simulator | Yes | No | No |
| Instant Download | Yes | No | No |
![[Free] 2018(Apr) EnsurePass Braindumps CompTIA SY0-401 Dumps with VCE and PDF 641-650](http://www.70-744.com/wp-content/themes/the-ultralight/images/the-ultralight-post-related.jpg)