Today Big Q: sy0 401 practice test?

Your success in CompTIA sy0 401 pdf is our sole target and we develop all our sy0 401 study guide pdf braindumps in a way that facilitates the attainment of this target. Not only is our sy0 401 vce study material the best you can find, it is also the most detailed and the most updated. sy0 401 dump Practice Exams for CompTIA Security+ comptia sy0 401 are written to the highest standards of technical accuracy.


♥♥ 2021 NEW RECOMMEND ♥♥

Free VCE & PDF File for CompTIA SY0-401 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/SY0-401-exam-dumps.html

Q31. The administrator receives a call from an employee named Joe. Joe says the Internet is down and he is receiving a blank page when typing to connect to a popular sports website. The administrator asks Joe to try visiting a popular search engine site, which Joe reports as successful. Joe then says that he can get to the sports site on this phone. Which of the following might the administrator need to configure? 

A. The access rules on the IDS 

B. The pop up blocker in the employee’s browser 

C. The sensitivity level of the spam filter 

D. The default block page on the URL filter 

Answer:

Explanation: 

A URL filter is used to block access to a site based on all or part of a URL. There are a number of URL-filtering tools that can acquire updated master URL block lists from vendors, as well as allow administrators to add or remove URLs from a custom list. 


Q32. An administrator wants to minimize the amount of time needed to perform backups during the week. It is also acceptable to the administrator for restoration to take an extended time frame. 

Which of the following strategies would the administrator MOST likely implement? 

A. Full backups on the weekend and incremental during the week 

B. Full backups on the weekend and full backups every day 

C. Incremental backups on the weekend and differential backups every day 

D. Differential backups on the weekend and full backups every day 

Answer:

Explanation: 

A full backup is a complete, comprehensive backup of all fi les on a disk or server. The full backup is current only at the time it’s performed. Once a full backup is made, you have a complete archive of the system at that point in time. A system shouldn’t be in use while it undergoes a full backup because some fi les may not get backed up. Once the system goes back into operation, the backup is no longer current. A full backup can be a time-consuming process on a large system. An incremental backup is a partial backup that stores only the information that has been changed since the last full or the last incremental backup. If a full backup were performed on a Sunday night, an incremental backup done on Monday night would contain only the information that changed since Sunday night. Such a backup is typically considerably smaller than a full backup. Each incremental backup must be retained until a full backup can be performed. Incremental backups are usually the fastest backups to perform on most systems, and each incremental backup tape is relatively small. 


Q33. Which of the following has a storage root key? 

A. HSM 

B. EFS 

C. TPM 

D. TKIP 

Answer:

Explanation: 

Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores cryptographic keys, passwords, or certificates on non-volatile (NV) memory. Data stored on NV memory is retained unaltered when the device has no power. The storage root key is embedded in the TPM to protect TPM keys created by applications, so that these keys cannot be used without the TPM. 


Q34. Which of the following IP addresses would be hosts on the same subnet given the subnet mask 255.255.255.224? (Select TWO). 

A. 10.4.4.125 

B. 10.4.4.158 

C. 10.4.4.165 

D. 10.4.4.189 

E. 10.4.4.199 

Answer: C,D 

Explanation: 

With the given subnet mask, a maximum number of 30 hosts between IP addresses 10.4.4.161 and 10.4.4.190 are allowed. Therefore, option C and D would be hosts on the same subnet, and the other options would not. 

References: http://www.subnetonline.com/pages/subnet-calculators/ip-subnet-calculator.php 


Q35. A company with a US-based sales force has requested that the VPN system be configured to authenticate the sales team based on their username, password and a client side certificate. 

Additionally, the security administrator has restricted the VPN to only allow authentication from the US territory. How many authentication factors are in use by the VPN system? 

A. 1 

B. 2 

C. 3 

D. 4 

Answer:

Explanation: 

Three different types of authentication factors have been used in this question: 

Something you know – username and password. 

Something you have - client side certificate. 

Somewhere you are - authentication to the VPN is only allowed from the U.S. territory. 


Q36. A company’s employees were victims of a spear phishing campaign impersonating the CEO. The company would now like to implement a solution to improve the overall security posture by assuring their employees that email originated from the CEO. Which of the following controls could they implement to BEST meet this goal? 

A. Spam filter 

B. Digital signatures 

C. Antivirus software 

D. Digital certificates 

Answer:

Explanation: 

A digital signature is a mathematical technique used to validate the authenticity and integrity of a message, software, or digital document. The digital equivalent of a handwritten signature or stamped seal, but offering far more inherent security, a digital signature is intended to solve the problem of tampering and impersonation in digital communications. Digital signatures can provide the added assurances of evidence to origin, identity and status of an electronic document, transaction or message, as well as acknowledging informed consent by the signer. Digital signatures are based on public key cryptography, also known as asymmetric cryptography. Using a public key algorithm such as RSA, one can generate two keys that are mathematically linked: one private and one public. To create a digital signature, signing software (such as an email program) creates a one-way hash of the electronic data to be signed. The private key is then used to encrypt the hash. The encrypted hash -- along with other information, such as the hashing algorithm -- is the digital signature. The reason for encrypting the hash instead of the entire message or document is that a hash function can convert an arbitrary input into a fixed length value, which is usually much shorter. This saves time since hashing is much faster than signing. 


Q37. An internal auditor is concerned with privilege creep that is associated with transfers inside the company. Which mitigation measure would detect and correct this? 

A. User rights reviews 

B. Least privilege and job rotation 

C. Change management 

D. Change Control 

Answer:

Explanation: 

A privilege audit is used to determine that all groups, users, and other accounts have the appropriate privileges assigned according to the policies of an organization. This means that a user rights review will reveal whether user accounts have been assigned according to their ‘new’ job descriptions , or if there are privilege creep culprits after transfers has occurred. 


Q38. Joe, the Chief Technical Officer (CTO), is concerned about new malware being introduced into the corporate network. He has tasked the security engineers to implement a technology that is capable of alerting the team when unusual traffic is on the network. Which of the following types of technologies will BEST address this scenario? 

A. Application Firewall 

B. Anomaly Based IDS 

C. Proxy Firewall 

D. Signature IDS 

Answer:

Explanation: 

Anomaly-based detection watches the ongoing activity in the environment and looks for abnormal occurrences. An anomaly-based monitoring or detection method relies on definitions of all valid forms of activity. This database of known valid activity allows the tool to detect any and all anomalies. Anomaly-based detection is commonly used for protocols. Because all the valid and legal forms of a protocol are known and can be defined, any variations from those known valid constructions are seen as anomalies. 


Q39. Which of the following can hide confidential or malicious data in the whitespace of other files (e.g. JPEGs)? 

A. Hashing 

B. Transport encryption 

C. Digital signatures 

D. Steganography 

Answer:

Explanation: 

Steganography is the process of concealing a file, message, image, or video within another file, message, image, or video. Note: The advantage of steganography over cryptography alone is that the intended secret message does not attract attention to itself as an object of scrutiny. Plainly visible encrypted messages, no matter how unbreakable will arouse interest, and may in themselves be incriminating in countries where encryption is illegal. Thus, whereas cryptography is the practice of protecting the contents of a message alone, steganography is concerned with concealing the fact that a secret message is being sent, as well as concealing the contents of the message. 


Q40. Which of the following offers the LEAST amount of protection against data theft by USB drives? 

A. DLP 

B. Database encryption 

C. TPM 

D. Cloud computing 

Answer:

Explanation: 

Cloud computing refers to performing data processing and storage elsewhere, over a network connection, rather than locally. Because users have access to the data, it can easily be copied to a USB device.