Exambible is renowned for providing students together with the most reliable and correct certification exam preparatory materials. That enjoys the higher reputation for several years. Several candidates have handed their desired exam together with the help of Exambibles training products. The professors take into account that they work hard to design the high-quality exam demos and give the actual candidates the most effective preparation resources. They make certain that their particular customers can make excellent achievements after employing their products. However they additionally provide using full refund inside case of failure.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for CompTIA SY0-401 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/SY0-401-exam-dumps.html
2021 Apr SY0-401 exam answers
Q1. The helpdesk reports increased calls from clients reporting spikes in malware infections on their systems. Which of the following phases of incident response is MOST appropriate as a FIRST response?
A. Recovery
B. Follow-up
C. Validation
D. Identification
E. Eradication
F. Containment
Answer: D
Explanation:
To be able to respond to the incident of malware infection you need to know what type of malware was used since there are many types of malware around. This makes identification critical in this case.
Q2. Which of the following would a security administrator use to verify the integrity of a file?
A. Time stamp
B. MAC times
C. File descriptor
D. Hash
Answer: D
Explanation:
Hashing refers to the hash algorithms used in cryptography. It is used to store data, such as hash tables and it is a one-way transformation in order to validate the integrity of data.
Q3. Which of the following common access control models is commonly used on systems to ensure a "need to know" based on classification levels?
A. Role Based Access Controls
B. Mandatory Access Controls
C. Discretionary Access Controls
D. Access Control List
Answer: B
Explanation:
Mandatory Access Control allows access to be granted or restricted based on the rules of classification. MAC also includes the use of need to know. Need to know is a security restriction where some objects are restricted unless the subject has a need to know them.
Q4. FTP/S uses which of the following TCP ports by default?
A. 20 and 21
B. 139 and 445
C. 443 and 22
D. 989 and 990
Answer: D
Explanation: FTPS uses ports 989 and 990.
Q5. An administrator has a network subnet dedicated to a group of users. Due to concerns regarding data and network security, the administrator desires to provide network access for this group only. Which of the following would BEST address this desire?
A. Install a proxy server between the users’ computers and the switch to filter inbound network traffic.
B. Block commonly used ports and forward them to higher and unused port numbers.
C. Configure the switch to allow only traffic from computers based upon their physical address.
D. Install host-based intrusion detection software to monitor incoming DHCP Discover requests.
Answer: C
Explanation:
Configuring the switch to allow only traffic from computers based upon their physical address is known as MAC filtering. The physical address is known as the MAC address. Every network adapter has a unique MAC address hardcoded into the adapter. You can configure the ports of a switch to allow connections from computers with specific MAC addresses only and block all other MAC addresses. MAC filtering is commonly used in wireless networks but is considered insecure because a MAC address can be spoofed. However, in a wired network, it is more secure because it would be more difficult for a rogue computer to sniff a MAC address.
Replace SY0-401 practice:
Q6. Which of the following security concepts can prevent a user from logging on from home during the weekends?
A. Time of day restrictions
B. Multifactor authentication
C. Implicit deny
D. Common access card
Answer: A
Explanation:
Time of day restrictions limit when users can access specific systems based on the time of day or week. It can limit access to sensitive environments to normal business hours when oversight and monitoring can be performed to prevent fraud, abuse, or intrusion.
Q7. A security administrator must implement a firewall rule to allow remote employees to VPN onto the company network. The VPN concentrator implements SSL VPN over the standard HTTPS port. Which of the following is the MOST secure ACL to implement at the company's gateway firewall?
A. PERMIT TCP FROM ANY 443 TO 199.70.5.25 443
B. PERMIT TCP FROM ANY ANY TO 199.70.5.23 ANY
C. PERMIT TCP FROM 199.70.5.23 ANY TO ANY ANY
D. PERMIT TCP FROM ANY 1024-65535 TO 199.70.5.23 443
Answer: D
Explanation:
Q8. To ensure proper evidence collection, which of the following steps should be performed FIRST?
A. Take hashes from the live system
B. Review logs
C. Capture the system image
D. Copy all compromised files
Answer: C
Explanation:
Capturing an image of the operating system in its exploited state can be helpful in revisiting the issue after the fact to learn more about it. This is essential since the collection of evidence process may result in some mishandling and changing the exploited state.
Q9. An employee connects a wireless access point to the only jack in the conference room to provide Internet access during a meeting. The access point is configured to use WPA2-TKIP. A malicious user is able to intercept clear text HTTP communication between the meeting attendees and the Internet. Which of the following is the reason the malicious user is able to intercept and see the clear text communication?
A. The malicious user has access to the WPA2-TKIP key.
B. The wireless access point is broadcasting the SSID.
C. The malicious user is able to capture the wired communication.
D. The meeting attendees are using unencrypted hard drives.
Answer: C
Explanation:
Q10. During the information gathering stage of a deploying role-based access control model, which of the following information is MOST likely required?
A. Conditional rules under which certain systems may be accessed
B. Matrix of job titles with required access privileges
C. Clearance levels of all company personnel
D. Normal hours of business operation
Answer: B
Explanation:
Role-based access control is a model where access to resources is determines by job role rather than by user account.
Within an organization, roles are created for various job functions. The permissions to perform certain operations are assigned to specific roles. Members or staff (or other system users) are assigned particular roles, and through those role assignments acquire the computer permissions to perform particular computer-system functions. Since users are not assigned permissions directly, but only acquire them through their role (or roles), management of individual user rights becomes a matter of simply assigning appropriate roles to the user's account; this simplifies common operations, such as adding a user, or changing a user's department.
To configure role-based access control, you need a list (or matrix) of job titles (roles) and the access privileges that should be assigned to each role.
