Download of SY0-401 exam prep materials and courses for CompTIA certification for IT learners, Real Success Guaranteed with Updated SY0-401 pdf dumps vce Materials. 100% PASS CompTIA Security+ Certification exam Today!
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for CompTIA SY0-401 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/SY0-401-exam-dumps.html
2021 Apr SY0-401 training
Q431. A company hosts its public websites internally. The administrator would like to make some changes to the architecture.
The three goals are:
(1)
reduce the number of public IP addresses in use by the web servers
(2)
drive all the web traffic through a central point of control
(3)
mitigate automated attacks that are based on IP address scanning
Which of the following would meet all three goals?
A. Firewall
B. Load balancer
C. URL filter
D. Reverse proxy
Answer: D
Explanation:
Q432. A company wants to ensure that its hot site is prepared and functioning. Which of the following would be the BEST process to verify the backup datacenter is prepared for such a scenario?
A. Site visit to the backup data center
B. Disaster recovery plan review
C. Disaster recovery exercise
D. Restore from backup
Answer: C
Explanation:
A hot site is a location that can provide operations within hours of a failure. This type of site would have servers, networks, and telecommunications equipment in place to reestablish service in a short time. Hot sites provide network connectivity, systems, and preconfigured software to meet the needs of an organization. This means that an actual exercise run would test the abilities of your hot site best.
Q433. Which of the following devices is BEST suited to protect an HTTP-based application that is susceptible to injection attacks?
A. Protocol filter
B. Load balancer
C. NIDS
D. Layer 7 firewall
Answer: D
Explanation:
An application-level gateway firewall filters traffic based on user access, group membership, the application or service used, or even the type of resources being transmitted. This type of firewall operates at the Application layer (Layer 7) of the OSI model.
Q434. Sara, a security engineer, is testing encryption ciphers for performance. Which of the following ciphers offers strong encryption with the FASTEST speed?
A. 3DES
B. Blowfish
C. Serpent
D. AES256
Answer: B
Explanation:
Blowfish is an encryption system invented by a team led by Bruce Schneier that performs a 64-bit block cipher at very fast speeds. Blowfish is a fast, except when changing keys. It is a symmetric block cipher that can use variable-length keys (from 32 bits to 448 bits).
Q435. After a company has standardized to a single operating system, not all servers are immune to a well-known OS vulnerability. Which of the following solutions would mitigate this issue?
A. Host based firewall
B. Initial baseline configurations
C. Discretionary access control
D. Patch management system
Answer: D
Explanation:
Rebirth SY0-401 question:
Q436. Ann is a member of the Sales group. She needs to collaborate with Joe, a member of the IT group, to edit a file. Currently, the file has the following permissions: Ann: read/write
Sales Group: read
IT Group: no access
If a discretionary access control list is in place for the files owned by Ann, which of the following would be the BEST way to share the file with Joe?
A. Add Joe to the Sales group.
B. Have the system administrator give Joe full access to the file.
C. Give Joe the appropriate access to the file directly.
D. Remove Joe from the IT group and add him to the Sales group.
Answer: C
Explanation:
Q437. While configuring a new access layer switch, the administrator, Joe, was advised that he needed to make sure that only devices authorized to access the network would be permitted to login and utilize resources. Which of the following should the administrator implement to ensure this happens?
A. Log Analysis
B. VLAN Management
C. Network separation
D. 802.1x
Answer: D
Explanation:
802.1x is a port-based authentication mechanism. It’s based on Extensible Authentication Protocol (EAP) and is commonly used in closed-environment wireless networks. 802.1x was initially used to compensate for the weaknesses of Wired Equivalent Privacy (WEP), but today it’s often used as a component in more complex authentication and connection-management systems, including Remote Authentication Dial-In User Service (RADIUS), Diameter, Cisco System’s Terminal Access Controller Access-Control System Plus (TACACS+), and Network Access Control (NAC).
Q438. An administrator needs to renew a certificate for a web server. Which of the following should be submitted to a CA?
A. CSR
B. Recovery agent
C. Private key
D. CRL
Answer: A
Explanation:
In public key infrastructure (PKI) systems, a certificate signing request (also CSR or certification
request) is a message sent from an applicant to a certificate authority in order to apply for a digital
identity certificate.
When you renew a certificate you send a CSR to the CA to get the certificate resigned.
Q439. Human Resources suspect an employee is accessing the employee salary database. The administrator is asked to find out who it is. In order to complete this task, which of the following is a security control that should be in place?
A. Shared accounts should be prohibited.
B. Account lockout should be enabled
C. Privileges should be assigned to groups rather than individuals
D. Time of day restrictions should be in use
Answer: A
Explanation:
Since distinguishing between the actions of one person and another isn’t possible if they both use a shared account, shared accounts should not be allowed. If shared accounts are being used, the administrator will find the account, but have more than one suspect. To nullify this occurrence, Shared accounts should be prohibited.
Q440. A security administrator is aware that a portion of the company’s Internet-facing network tends to be non-secure due to poorly configured and patched systems. The business owner has accepted the risk of those systems being compromised, but the administrator wants to determine the degree to which those systems can be used to gain access to the company intranet. Which of the following should the administrator perform?
A. Patch management assessment
B. Business impact assessment
C. Penetration test
D. Vulnerability assessment
Answer: C
Explanation:
Penetration testing is the most intrusive type of testing because you are actively trying to circumvent the system’s security controls to gain access to the system. It is also used to determine the degree to which the systems can be used to gain access to the company intranet (the degree of access to local network resources). Penetration testing (also called pen testing) is the practice of testing a computer system, network or Web application to find vulnerabilities that an attacker could exploit. Pen tests can be automated with software applications or they can be performed manually. Either way, the process includes gathering information about the target before the test (reconnaissance), identifying possible entry points, attempting to break in (either virtually or for real) and reporting back the findings. The main objective of penetration testing is to determine security weaknesses. A pen test can also be used to test an organization's security policy compliance, its employees' security awareness and the organization's ability to identify and respond to security incidents. Penetration tests are sometimes called white hat attacks because in a pen test, the good guys are attempting to break in.
Pen test strategies include:
Targeted testing Targeted testing is performed by the organization's IT team and the penetration testing team working together. It's sometimes referred to as a "lights-turned-on" approach because everyone can see the test being carried out.
External testing This type of pen test targets a company's externally visible servers or devices including domain name servers (DNS), e-mail servers, Web servers or firewalls. The objective is to find out if an outside attacker can get in and how far they can get in once they've gained access.
Internal testing This test mimics an inside attack behind the firewall by an authorized user with standard access privileges. This kind of test is useful for estimating how much damage a disgruntled employee could cause.
Blind testing A blind test strategy simulates the actions and procedures of a real attacker by severely limiting the information given to the person or team that's performing the test beforehand. Typically, they may only be given the name of the company. Because this type of test can require a considerable amount of time for reconnaissance, it can be expensive.
Double blind testing Double blind testing takes the blind test and carries it a step further. In this type of pen test, only one or two people within the organization might be aware a test is being conducted. Double-blind tests can be useful for testing an organization's security monitoring and incident identification as well as its response procedures.
