Skip to content (Press Enter)

Microsoft Azure MCSD MCSE MCSA MCTS Exams Questions Online

  • Home
  • Online Microsoft Exams PDF Files
  • Online Cisco Exams PDF Files
  • Online CompTIA Exams PDF Files
  • Online VMware Exams PDF Files

[Free] 2018(Apr) EnsurePass Braindumps CompTIA SY0-401 Dumps with VCE and PDF 941-950

by adminupdated on April 27, 2018April 27, 2018

Ensurepass.com : Ensure you pass the IT Exams
2018 Apr CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!

CompTIA Security Certification

Question No: 941 – (Topic 5)

A small company has a website that provides online customer support. The company requires an account recovery process so that customers who forget their passwords can regain access.

Which of the following is the BEST approach to implement this process?

  1. Replace passwords with hardware tokens which provide two-factor authentication to the online customer support site.

  2. Require the customer to physically come into the company’s main office so that the customer can be authenticated prior to their password being reset.

  3. Web-based form that identifies customer by another mechanism and then emails the customer their forgotten password.

  4. Web-based form that identifies customer by another mechanism, sets a temporary password and forces a password change upon first login.

Answer: D Explanation:

People tend to forget their passwords, thus you should have a password recovery system for them that will not increase risk exposure. Setting a temporary password will restrict the time that the password is valid and thus decrease risk; and in addition forcing the customer to change it upon first login will make the password more secure for the customer.

Question No: 942 – (Topic 5)

Use of a smart card to authenticate remote servers remains MOST susceptible to which of the following attacks?

  1. Malicious code on the local system

  2. Shoulder surfing

  3. Brute force certificate cracking

  4. Distributed dictionary attacks

Answer: A Explanation:

Once a user authenticates to a remote server, malicious code on the user’s workstation could then infect the server.

Question No: 943 – (Topic 5)

After a recent internal audit, the security administrator was tasked to ensure that all credentials must be changed within 90 days, cannot be repeated, and cannot contain any dictionary words or patterns. All credentials will remain enabled regardless of the number of attempts made. Which of the following types of user account options were enforced? (Select TWO).

  1. Recovery

  2. User assigned privileges

  3. Lockout

  4. Disablement

  5. Group based privileges

  6. Password expiration

  7. Password complexity

Answer: F,G Explanation:

Password complexity often requires the use of a minimum of three out of four standard character types for a password. The more characters in a password that includes some character type complexity, the more resistant it is to password-cracking techniques. In most cases, passwords are set to expire every 90 days.

Question No: 944 – (Topic 5)

A network administrator uses an RFID card to enter the datacenter, a key to open the server rack, and a username and password to logon to a server. These are examples of

which of the following?

  1. Multifactor authentication

  2. Single factor authentication

  3. Separation of duties

  4. Identification

Answer: B Explanation:

Single-factor authentication (SFA) is a process for securing access to a given system by identifying the party requesting access via a single category of credentials. In this case, the network administrator makes use of an RFID card to access the datacenter, a key to access the server rack, and a username and password to access a server.

Question No: 945 – (Topic 5)

A technician wants to implement a dual factor authentication system that will enable the organization to authorize access to sensitive systems on a need-to-know basis. Which of the following should be implemented during the authorization stage?

  1. Biometrics

  2. Mandatory access control

  3. Single sign-on

  4. Role-based access control

Answer: A Explanation:

This question is asking about “authorization”, not authentication.

Mandatory access control (MAC) is a form of access control commonly employed by government and military environments. MAC specifies that access is granted based on a set of rules rather than at the discretion of a user. The rules that govern MAC are hierarchical in nature and are often called sensitivity labels, security domains, or classifications.

MAC can also be deployed in private sector or corporate business environments. Such cases typically involve the following four security domain levels (in order from least sensitive to most sensitive):

Public Sensitive Private Confidential

A MAC environment works by assigning subjects a clearance level and assigning objects a sensitivity label-in other words, everything is assigned a classification marker. Subjects or users are assigned clearance levels. The name of the clearance level is the same as the name of the sensitivity label assigned to objects or resources. A person (or other subject, such as a program or a computer system) must have the same or greater assigned clearance level as the resources they wish to access. In this manner, access is granted or restricted based on the rules of classification (that is, sensitivity labels and clearance levels).

MAC is named as it is because the access control it imposes on an environment is mandatory. Its assigned classifications and the resulting granting and restriction of access can’t be altered by users. Instead, the rules that define the environment and judge the assignment of sensitivity labels and clearance levels control authorization.

MAC isn’t a very granularly controlled security environment. An improvement to MAC includes the use of need to know: a security restriction where some objects (resources or data) are restricted unless the subject has a need to know them. The objects that require a specific need to know are assigned a sensitivity label, but they’re compartmentalized from the rest of the objects with the same sensitivity label (in the same security domain). The need to know is a rule in and of itself, which states that access is granted only to users who have been assigned work tasks that require access to the cordoned-off object. Even if users have the proper level of clearance, without need to know, they’re denied access.

Need to know is the MAC equivalent of the principle of least privilege from DAC

Question No: 946 – (Topic 5)

Ann is a member of the Sales group. She needs to collaborate with Joe, a member of the IT group, to edit a file. Currently, the file has the following permissions:

Ann:read/write Sales Group:read IT Group:no access

If a discretionary access control list is in place for the files owned by Ann, which of the

following would be the BEST way to share the file with Joe?

  1. Add Joe to the Sales group.

  2. Have the system administrator give Joe full access to the file.

  3. Give Joe the appropriate access to the file directly.

  4. Remove Joe from the IT group and add him to the Sales group.

Answer: C Explanation:

Joe needs access to only one file. He also needs to ‘edit’ that file. Editing a file requires Read and Write access to the file. The best way to provide Joe with the minimum required permissions to edit the file would be to give Joe the appropriate access to the file directly.

Question No: 947 – (Topic 5)

An internal auditing team would like to strengthen the password policy to support special characters. Which of the following types of password controls would achieve this goal?

  1. Add reverse encryption

  2. Password complexity

  3. Increase password length

  4. Allow single sign on

Answer: B Explanation:

Generally, the minimum password length is considered to be 8 upper and lowercase characters. The use of at least one non-alpha character like punctuation, special characters, or numbers, combined with the password length produces strong passwords. Strong passwords are produced by the combination of a password’s length and complexity.

Question No: 948 – (Topic 5)

The IT department has setup a website with a series of questions to allow end users to reset their own accounts. Which of the following account management practices does this help?

  1. Account Disablements

  2. Password Expiration

  3. Password Complexity

  4. Password Recovery

Answer: D Explanation:

People tend to forget their own passwords and because a user’s password in not stored on the operating system, only a hash value is kept and most operating systems allows the administrator to change the value meaning that the password can then be recovered. If you allow end users to reset their own accounts then the password recovery process is helped along.

Question No: 949 – (Topic 5)

Which of the following common access control models is commonly used on systems to ensure a quot;need to knowquot; based on classification levels?

  1. Role Based Access Controls

  2. Mandatory Access Controls

  3. Discretionary Access Controls

  4. Access Control List

Answer: B Explanation:

Mandatory Access Control allows access to be granted or restricted based on the rules of classification. MAC also includes the use of need to know. Need to know is a security restriction where some objects are restricted unless the subject has a need to know them.

Question No: 950 – (Topic 5)

A security technician has been asked to recommend an authentication mechanism that will allow users to authenticate using a password that will only be valid for a predefined time interval. Which of the following should the security technician recommend?

  1. CHAP

  2. TOTP

  3. HOTP

  4. PAP

Answer: B

Explanation: Time-based one-time password (TOTP) tokens are devices or applications that generate passwords at fixed time intervals. Therefore, the password will only be valid for a predefined time interval.

100% Ensurepass Free Download!
–Download Free Demo:SY0-401 Demo PDF
100% Ensurepass Free Guaranteed!
–SY0-401 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

HOT CATEGORY!

Pass CISCO EXAM with EnsurePass
Pass CCNA EXAM with EnsurePass
Pass CCNP EXAM with EnsurePass
Pass Security Exam with EnsurePass
Pass MCSE EXAM with EnsurePass
Pass MSCA EXAM with EnsurePass

HOT EXAM!

Microsoft Dumps VCE PDF
Cisco Dumps VCE PDF
VMware Dumps VCE PDF
CompTIA Dumps VCE PDF

SY0-401 Latest Exam (Apr 2018)
CompTIA SY0-401 PDF CompTIA SY0-401 Practice Test CompTIA SY0-401 Testing software CompTIA SY0-401 VCE Latest CompTIA SY0-401 Dumps Latest CompTIA SY0-401 Real Exam Latest CompTIA SY0-401 Real Test New Updated SY0-401 Actual Tests
0

admin

Post Navigation

Previous Article
Next Article

Latest Microsoft Certifications Exams Dumps

Microsoft Azure Exams Dumps
Azure AI Engineer Associate Exams Dumps
Azure Data Engineer Associate Exams Dumps
Azure Security Engineer Associate Exams Dumps
Microsoft Azure Fundamentals Exams Dumps
MCSA Exams Dumps
MCSD Exams Dumps
MCSE Exams Dumps
MCTS Exams Dumps
MOS Exams Dumps
MTA Exams Dumps

Categories

Tags

CompTIA JK0-018 PDF CompTIA JK0-018 Practice Test CompTIA JK0-018 Testing software CompTIA JK0-018 VCE CompTIA JK0-022 PDF CompTIA JK0-022 Practice Test CompTIA JK0-022 Testing software CompTIA JK0-022 VCE CompTIA JK0-023 PDF CompTIA JK0-023 Practice Test CompTIA JK0-023 Testing software CompTIA JK0-023 VCE CompTIA SY0-401 PDF CompTIA SY0-401 Practice Test CompTIA SY0-401 Testing software CompTIA SY0-401 VCE Latest CompTIA JK0-018 Dumps Latest CompTIA JK0-018 Real Exam Latest CompTIA JK0-018 Real Test Latest CompTIA JK0-022 Dumps Latest CompTIA JK0-022 Real Exam Latest CompTIA JK0-022 Real Test Latest CompTIA JK0-023 Dumps Latest CompTIA JK0-023 Real Exam Latest CompTIA JK0-023 Real Test Latest CompTIA SY0-401 Dumps Latest CompTIA SY0-401 Real Exam Latest CompTIA SY0-401 Real Test Latest Oracle 1z0-053 Dumps Latest Oracle 1z0-053 Real Exam Latest Oracle 1z0-053 Real Test Latest VMware VCP-310 Dumps Latest VMware VCP-310 Real Exam New Updated 1z0-053 Actual Tests New Updated JK0-018 Actual Tests New Updated JK0-022 Actual Tests New Updated JK0-023 Actual Tests New Updated SY0-401 Actual Tests Oracle 1z0-053 PDF Oracle 1z0-053 Practice Test Oracle 1z0-053 Testing software Oracle 1z0-053 VCE VMware VCP-310 PDF VMware VCP-310 Testing software VMware VCP-310 VCE

Top Microsoft Exams

70-345 Dumps
70-410 Dumps
70-411 Dumps
70-412 Dumps
70-461 Dumps
70-462 Dumps
70-480 Dumps
70-483 Dumps
70-486 Dumps
70-487 Dumps
70-537 Dumps
70-703 Dumps
70-740 Dumps
70-741 Dumps
70-742 Dumps
70-743 Dumps
70-744 Dumps
70-762 Dumps
70-764 Dumps
70-767 Dumps
70-778 Dumps
77-725 Dumps
77-727 Dumps
98-365 Dumps
98-367 Dumps
98-381 Dumps
AI-100 Dumps
AZ-103 Dumps
AZ-203 Dumps
AZ-300 Dumps
AZ-301 Dumps
AZ-400 Dumps
AZ-500 Dumps
AZ-900 Dumps
DP-201 Dumps
MB-200 Dumps
MB-210 Dumps
MB-220 Dumps
MB-240 Dumps
MB-300 Dumps
MB-310 Dumps
MB-320 Dumps
MB-330 Dumps
MB-900 Dumps
MB6-894 Dumps
MD-100 Dumps
MD-101 Dumps
MS-100 Dumps
MS-101 Dumps
MS-200 Dumps
MS-201 Dumps
MS-202 Dumps
MS-300 Dumps
MS-302 Dumps
MS-500 Dumps
MS-900 Dumps

Full Microsoft Exams

70-333 Dumps
70-334 Dumps
70-339 Dumps
70-348 Dumps
70-357 Dumps
70-413 Dumps
70-414 Dumps
70-417 Dumps
70-463 Dumps
70-464 Dumps
70-465 Dumps
70-466 Dumps
70-467 Dumps
70-705 Dumps
70-713 Dumps
70-735 Dumps
70-745 Dumps
70-761 Dumps
70-765 Dumps
70-768 Dumps
70-777 Dumps
70-779 Dumps
77-418 Dumps
77-419 Dumps
77-420 Dumps
77-421 Dumps
77-422 Dumps
77-423 Dumps
77-424 Dumps
77-425 Dumps
77-426 Dumps
77-427 Dumps
77-428 Dumps
77-726 Dumps
77-728 Dumps
77-729 Dumps
77-730 Dumps
77-731 Dumps
77-881 Dumps
77-882 Dumps
77-883 Dumps
77-884 Dumps
77-885 Dumps
77-887 Dumps
77-888 Dumps
98-349 Dumps
98-361 Dumps
98-364 Dumps
98-366 Dumps
98-368 Dumps
98-369 Dumps
98-375 Dumps
98-382 Dumps
98-383 Dumps
98-388 Dumps
DP-100 Dumps
DP-200 Dumps
MB-230 Dumps
MB2-706 Dumps
MB2-707 Dumps
MB2-708 Dumps
MB2-710 Dumps
MB2-711 Dumps
MB2-712 Dumps
MB2-713 Dumps
MB2-714 Dumps
MB2-716 Dumps
MB6-897 Dumps
MB6-898 Dumps
MO-100 Dumps
MO-200 Dumps
MO-300 Dumps
MS-301 Dumps

Microsoft Certifications Exams

Microsoft Cisco VMware CompTIA Dumps VCE and PDF
Microsoft Exams Dumps
Microsoft MCITP Exams Practice Questions and Answers

[Free] 2018(Apr) EnsurePass Braindumps CompTIA SY0-401 Dumps with VCE and PDF 931-940
Recommended for you...

[Free] 2018(Apr) EnsurePass Braindumps CompTIA SY0-401 Dumps with VCE and PDF 931-940

by admin
[Free] 2018(Apr) EnsurePass Braindumps CompTIA SY0-401 Dumps with VCE and PDF 441-450
Recommended for you...

[Free] 2018(Apr) EnsurePass Braindumps CompTIA SY0-401 Dumps with VCE and PDF 441-450

by admin
[Free] 2018(Apr) EnsurePass Braindumps CompTIA SY0-401 Dumps with VCE and PDF 131-140
Recommended for you...

[Free] 2018(Apr) EnsurePass Braindumps CompTIA SY0-401 Dumps with VCE and PDF 131-140

by admin

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

© Copyright 2019 Microsoft Azure MCSD MCSE MCSA MCTS Exams Questions Online. All Rights Reserved. The Ultralight | Developed By Rara Theme. Powered by WordPress.