CompTIA CompTIA Certifications SY0-501 Questions & Answers

• Question 371:

  A security administrator needs to address the following audit recommendations for a public-facing SFTP server:

  Users should be restricted to upload and download files to their own home directories only. Users should not be allowed to use interactive shell login. Which of the following configuration parameters should be implemented? (Select TWO).

  A. PermitTunnel

  B. ChrootDirectory

  C. PermitTTY

  D. AllowTcpForwarding

  E. IgnoreRhosts

  Correct Answer: BC

• Question 372:

  Which of the following are used to increase the computing time it takes to brute force a password using an offline attack? (Select TWO)

  A. XOR

  B. PBKDF2

  C. bcrypt

  D. HMAC

  E. RIPEMD

  Correct Answer: BC

• Question 373:

  To determine the ALE of a particular risk, which of the following must be calculated? (Select two.)

  A. ARO

  B. ROI

  C. RPO

  D. SLE

  E. RTO

  Correct Answer: AD

• Question 374:

  Ann, a security administrator, wants to ensure credentials are encrypted in transit when implementing a RADIUS server for SSO. Which of the following are needed given these requirements? (Select TWO)

  A. Public key

  B. Shared key

  C. Elliptic curve

  D. MD5

  E. Private key

  F. DES

  Correct Answer: AE

• Question 375:

  The POODLE attack is an MITM exploit that affects:

  A. TLS1.0 with CBC mode cipher

  B. SSLv2.0 with CBC mode cipher

  C. SSLv3.0 with CBC mode cipher

  D. SSLv3.0 with ECB mode cipher

  Correct Answer: C

  A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. How To Protect your Server Against the POODLE SSLv3 Vulnerability On October

  14th, 2014, a vulnerability in version 3 of the SSL encryption protocol was disclosed. This vulnerability, dubbed POODLE (Padding Oracle On Downgraded Legacy Encryption), allows an attacker to read information encrypted with this version

  of the protocol in plain text using a man-in-the-middle attack. Although SSLv3 is an older version of the protocol which is mainly obsolete, many pieces of software still fall back on SSLv3 if better encryption options are not available. More

  importantly, it is possible for an attacker to force SSLv3 connections if it is an available alternative for both participants attempting a connection.

  The POODLE vulnerability affects any services or clients that make it possible to communicate using SSLv3.

  Because this is a flaw with the protocol design, and not an implementation issue, every piece of software that uses SSLv3 is vulnerable.

  To find out more information about the vulnerability, consult the CVE information found at CVE- 2014-3566.

  What is the POODLE Vulnerability?

  The POODLE vulnerability is a weakness in version 3 of the SSL protocol that allows an attacker in a man-inthe-middle context to decipher the plain text content of an SSLv3 encrypted message.

  Who is Affected by this Vulnerability?

  This vulnerability affects every piece of software that can be coerced into communicating with SSLv3. This means that any software that implements a fallback mechanism that includes SSLv3 support is vulnerable and can be exploited.

  Some common pieces of software that may be affected are web browsers, web servers, VPN servers, mail servers, etc.

  How Does It Work?

  In short, the POODLE vulnerability exists because the SSLv3 protocol does not adequately check the padding bytes that are sent with encrypted messages. Since these cannot be verified by the receiving party, an attacker can replace these

  and pass them on to the intended destination. When done in a specific way, the modified payload will potentially be accepted by the recipient without complaint.

  An average of once out of every 256 requests will accepted at the destination, allowing the attacker to decrypt a single byte. This can be repeated easily in order to progressively decrypt additional bytes. Any attacker able to repeatedly force a

  participant to resend data using this protocol can break the encryption in a very short amount of time.

  How Can I Protect Myself?

  Actions should be taken to ensure that you are not vulnerable in your roles as both a client and a server. Since encryption is usually negotiated between clients and servers, it is an issue that involves both parties. Servers and clients should

  should take steps to disable SSLv3 support completely. Many applications use better encryption by default, but implement SSLv3 support as a fallback option. This should be disabled, as a malicious user can force SSLv3 communication if

  both participants allow it as an acceptable method.

• Question 376:

  A third-party penetration testing company was able to successfully use an ARP cache poison technique to gain root access on a server. The tester successfully moved to another server that was not in the original network. Which of the following is the MOST likely method used to gain access to the other host?

  A. Backdoor

  B. Pivoting

  C. Persistance

  D. Logic bomp

  Correct Answer: B

• Question 377:

  The IT department is deploying new computers. To ease the transition, users will be allowed to access their old and new systems. The help desk is receive reports that users are experiencing the following error when attempting to log in to

  their previous system:

  Logon Failure: Access Denied

  Which of the following can cause this issue?

  A. Permission issues

  B. Access violations

  C. Certificate issues

  D. Misconfigured devices

  Correct Answer: C

• Question 378:

  Which of the following could help detect trespassers in a secure facility? (Select TWO)

  A. Faraday cages

  B. Motion-detection sensors

  C. Tall, chain-link fencing

  D. Security guards

  E. Smart cards

  Correct Answer: BD

• Question 379:

  A security analyst is updating a BIA document. The security analyst notices the support vendor's time to replace a server hard drive went from eight hours to two hours. Given these new metrics, which of the following can be concluded? (Select TWO)

  A. The MTTR is faster.

  B. The MTTR is slower.

  C. The RTO has increased.

  D. The RTO has decreased.

  E. The MTTF has increased.

  F. The MTTF has decreased.

  Correct Answer: AD

• Question 380:

  A web developer improves client access to the company's REST API. Authentication needs to be tokenized but not expose the client's password. Which of the following methods would BEST meet the developer's requirements?

  A. SAML

  B. LDAP

  C. OAuth

  D. Shibboleth

  Correct Answer: A