Proper study guides for Replace CompTIA CompTIA Security+ Certification certified begins with CompTIA SY0-401 preparation products which designed to deliver the Guaranteed SY0-401 questions by making you pass the SY0-401 test at your first time. Try the free SY0-401 demo right now.

♥♥ 2021 NEW RECOMMEND ♥♥

Free VCE & PDF File for CompTIA SY0-401 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/SY0-401-exam-dumps.html

2021 Mar SY0-401 free practice test

Q341. A security analyst informs the Chief Executive Officer (CEO) that a security breach has just occurred. This results in the Risk Manager and Chief Information Officer (CIO) being caught unaware when the CEO asks for further information. Which of the following strategies should be implemented to ensure the Risk Manager and CIO are not caught unaware in the future? 

A. Procedure and policy management 

B. Chain of custody management 

C. Change management 

D. Incident management 

Answer: D 

Explanation: 

incident management refers to the steps followed when events occur (making sure controls are in place to prevent unauthorized access to, and changes of, all IT assets). The events that could occur include security breaches. 

Q342. Which of the following provides data the best fault tolerance at the LOWEST cost? 

A. Load balancing 

B. Clustering 

C. Server virtualization 

D. RAID 6 

Answer: D 

Explanation: 

RAID, or redundant array of independent disks (RAID). RAID allows your existing servers to have more than one hard drive so that if the main hard drive fails, the system keeps functioning. RAID can achieve fault tolerance using software which can be done using the existing hardware and software thus representing the lowest cost option. 

Q343. An administrator wants to ensure that the reclaimed space of a hard drive has been sanitized while the computer is in use. Which of the following can be implemented? 

A. Cluster tip wiping 

B. Individual file encryption 

C. Full disk encryption 

D. Storage retention 

Answer: A 

Explanation: 

A computer hard disk is divided into small segments called clusters. A file usually spans several clusters but rarely fills the last cluster, which is called cluster tip. This cluster tip area may contain file data because the size of the file you are working with may grow or shrink and needs to be securely deleted. 

Q344. A computer is suspected of being compromised by malware. The security analyst examines the computer and finds that a service called Telnet is running and connecting to an external website over port 443. This Telnet service was found by comparing the system’s services to the list of standard services on the company’s system image. This review process depends on: 

A. MAC filtering. 

B. System hardening. 

C. Rogue machine detection. 

D. Baselining. 

Answer: D 

Explanation: 

Application baseline defines the level or standard of security that will be implemented and maintained for the application. It may include requirements of hardware components, operating system versions, patch levels, installed applications and their configurations, and available ports and services. Systems can be compared to the baseline to ensure that the required level of security is being maintained. 

Q345. Review the following diagram depicting communication between PC1 and PC2 on each side of a router. Analyze the network traffic logs which show communication between the two computers as captured by the computer with IP 10.2.2.10. 

DIAGRAM 

PC1 PC2 

[192.168.1.30]--------[INSIDE 192.168.1.1 router OUTSIDE 10.2.2.1]---------[10.2.2.10] LOGS 

10:30:22, SRC 10.2.2.1:3030, DST 10.2.2.10:80, SYN 

10:30:23, SRC 10.2.2.10:80, DST 10.2.2.1:3030, SYN/ACK 

10:30:24, SRC 10.2.2.1:3030, DST 10.2.2.10:80, ACK 

Given the above information, which of the following can be inferred about the above environment? 

A. 192.168.1.30 is a web server. 

B. The web server listens on a non-standard port. 

C. The router filters port 80 traffic. 

D. The router implements NAT. 

Answer: D 

Explanation: 

Network address translation (NAT) allows you to share a connection to the public Internet via a single interface with a single public IP address. NAT maps the private addresses to the public address. In a typical configuration, a local network uses one of the designated "private" IP address subnets. A router on that network has a private address (192.168.1.1) in that address space, and is also connected to the Internet with a "public" address (10.2.2.1) assigned by an Internet service provider. 

Improved SY0-401 testing engine:

Q346. Which of the following should Pete, a security manager, implement to reduce the risk of employees working in collusion to embezzle funds from their company? 

A. Privacy Policy 

B. Least Privilege 

C. Acceptable Use 

D. Mandatory Vacations 

Answer: D 

Explanation: 

A mandatory vacation policy requires all users to take time away from work to refresh. But not only does mandatory vacation give the employee a chance to refresh, but it also gives the company a chance to make sure that others can fill in any gaps in skills and satisfies the need to have replication or duplication at all levels as well as an opportunity to discover fraud. 

Q347. Configuring the mode, encryption methods, and security associations are part of which of the following? 

A. IPSec 

B. Full disk encryption 

C. 802.1x 

D. PKI 

Answer: A 

Explanation: 

IPSec can operate in tunnel mode or transport mode. It uses symmetric cryptography to provide encryption security. Furthermore, it makes use of Internet Security Association and Key Management Protocol (ISAKMP). 

Q348. An organizations' security policy requires that users change passwords every 30 days. After a security audit, it was determined that users were recycling previously used passwords. Which of the following password enforcement policies would have mitigated this issue? 

A. Password history 

B. Password complexity 

C. Password length 

D. Password expiration 

Answer: A 

Explanation: 

Q349. A software development company wants to implement a digital rights management solution to protect its intellectual property. Which of the following should the company implement to enforce software digital rights? 

A. Transport encryption 

B. IPsec 

C. Non-repudiation 

D. Public key infrastructure 

Answer: D 

Explanation: 

The Public-Key Infrastructure (PKI) is intended to offer a means of providing security to messages and transactions on a grand scale. The need for universal systems to support e-commerce, secure transactions, and information privacy is one aspect of the issues being addressed with PKI. A PKI can be used to protect software. 

Q350. The company’s sales team plans to work late to provide the Chief Executive Officer (CEO) with a special report of sales before the quarter ends. After working for several hours, the team finds they cannot save or print the reports. 

Which of the following controls is preventing them from completing their work? 

A. Discretionary access control 

B. Role-based access control 

C. Time of Day access control 

D. Mandatory access control 

Answer: C 

Explanation: 

Time of day restrictions limit when users can access specific systems based on the time of day or week. It can limit access to sensitive environments to normal business hours when oversight and monitoring can be performed to prevent fraud, abuse, or intrusion. In this case, the sales team is prevented from saving or printing reports after a certain time.