Ucertify comptia security+ study guide sy0 401 Questions are updated and all comptia security+ sy0 401 pdf answers are verified by experts. Once you have completely prepared with our sy0 401 braindump exam prep kits you will be ready for the real sy0 401 practice test exam without a problem. We have Renew CompTIA sy0 401 practice exam dumps study guide. PASSED sy0 401 vce First attempt! Here What I Did.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for CompTIA SY0-401 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/SY0-401-exam-dumps.html
Q171. A company has decided to move large data sets to a cloud provider in order to limit the costs of new infrastructure. Some of the data is sensitive and the Chief Information Officer wants to make sure both parties have a clear understanding of the controls needed to protect the data.
Which of the following types of interoperability agreement is this?
A. ISA
B. MOU
C. SLA
D. BPA
Answer: A
Explanation:
ISA/ Interconnection Security Agreement is an agreement between two organizations that have connected systems. The agreement documents the technical requirements of the connected systems.
Q172. After reviewing the firewall logs of her organization’s wireless APs, Ann discovers an unusually high amount of failed authentication attempts in a particular segment of the building. She remembers that a new business moved into the office space across the street. Which of the following would be the BEST option to begin addressing the issue?
A. Reduce the power level of the AP on the network segment
B. Implement MAC filtering on the AP of the affected segment
C. Perform a site survey to see what has changed on the segment
D. Change the WPA2 encryption key of the AP in the affected segment
Answer: A
Explanation:
Some access points include power level controls that allow you to reduce the amount of output provided if the signal is traveling too far.
Q173. Using proximity card readers instead of the traditional key punch doors would help to mitigate:
A. Impersonation
B. Tailgating
C. Dumpster diving
D. Shoulder surfing
Answer: D
Explanation:
Using a traditional key punch door, a person enters a code into a keypad to unlock the door. Someone could be watching the code being entered. They would then be able to open the door by entering the code. The process of watching the key code being entered is known as shoulder surfing.
Shoulder surfing is using direct observation techniques, such as looking over someone's shoulder, to get information. Shoulder surfing is an effective way to get information in crowded places because it's relatively easy to stand next to someone and watch as they fill out a form, enter a PIN number at an ATM machine, or use a calling card at a public pay phone. Shoulder surfing can also be done long distance with the aid of binoculars or other vision-enhancing devices. To prevent shoulder surfing, experts recommend that you shield paperwork or your keypad from view by using your body or cupping your hand.
Q174. A business has set up a Customer Service kiosk within a shopping mall. The location will be staffed by an employee using a laptop during the mall business hours, but there are still concerns regarding the physical safety of the equipment while it is not in use. Which of the following controls would BEST address this security concern?
A. Host-based firewall
B. Cable locks
C. Locking cabinets
D. Surveillance video
Answer: C
Explanation:
Q175. Mike, a security professional, is tasked with actively verifying the strength of the security controls on a company’s live modem pool. Which of the following activities is MOST appropriate?
A. War dialing
B. War chalking
C. War driving
D. Bluesnarfing
Answer: A
Explanation:
War dialing is a technique of using a modem to automatically scan a list of telephone numbers, usually dialing every number in a local area code to search for computers, Bulletin board systems and fax machines. Hackers use the resulting lists for various purposes: hobbyists for exploration, and crackers - malicious hackers who specialize in computer security - for guessing user accounts (by capturing voicemail greetings), or locating modems that might provide an entry-point into computer or other electronic systems. It may also be used by security personnel, for example, to detect unauthorized devices, such as modems or faxes, on a company's telephone network.
Q176. A software company has completed a security assessment. The assessment states that the company should implement fencing and lighting around the property. Additionally, the assessment states that production releases of their software should be digitally signed. Given the recommendations, the company was deficient in which of the following core security areas? (Select TWO).
A. Fault tolerance
B. Encryption
C. Availability
D. Integrity
E. Safety
F. Confidentiality
Answer: D,E
Explanation:
Aspects such as fencing, proper lighting, locks, CCTV, Escape plans Drills, escape routes and
testing controls form part of safety controls.
Integrity refers to aspects such as hashing, digital signatures, certificates and non-repudiation – all
of which has to do with data integrity.
Q177. Which of the following is required to allow multiple servers to exist on one physical server?
A. Software as a Service (SaaS)
B. Platform as a Service (PaaS)
C. Virtualization
D. Infrastructure as a Service (IaaS)
Answer: C
Explanation:
Virtualization allows a single set of hardware to host multiple virtual machines.
Q178. A vulnerability scan is reporting that patches are missing on a server. After a review, it is determined that the application requiring the patch does not exist on the operating system.
Which of the following describes this cause?
A. Application hardening
B. False positive
C. Baseline code review
D. False negative
Answer: B
Explanation:
False positives are essentially events that are mistakenly flagged and are not really events to be concerned about.
Q179. Which of the following security devices can be replicated on a Linux based computer using IP tables to inspect and properly handle network based traffic?
A. Sniffer
B. Router
C. Firewall
D. Switch
Answer: C
Explanation:
Ip tables are a user-space application program that allows a system administrator to configure the tables provided by the Linux kernel firewall and the chains and rules it stores.
Q180. A password history value of three means which of the following?
A. Three different passwords are used before one can be reused.
B. A password cannot be reused once changed for three years.
C. After three hours a password must be re-entered to continue.
D. The server stores passwords in the database for three days.
Answer: A
Explanation:
Password History defines the number of unique new passwords a user must use before an old password can be reused.
