SY0-401 Exam
What Most up-to-date SY0-401 Is?
After getting CompTIA SY0-401 class coaching or even when youre totally happy about your groundwork, exclusively then simply set up a account for Prometric regarding assessment area inside your area. Working with SY0-401 exercise issues as well as appraisal resources together with getting ready your CompTIA SY0-401 review is a wonderful strategy to polish your effort. Our recommendation is that you select on the net CompTIA SY0-401 review sources towards the end of this preparation. It does not exclusively sharpen your skills although will in addition aid in avoiding inability.
2021 Mar SY0-401 brain dumps
Q281. Sara, a security analyst, is trying to prove to management what costs they could incur if their customer database was breached. This database contains 250 records with PII. Studies show that the cost per record for a breach is $300. The likelihood that their database would be breached in the next year is only 5%. Which of the following is the ALE that Sara should report to management for a security breach?
A. $1,500
B. $3,750
C. $15,000
D. $75,000
Answer: B
Explanation:
SLE × ARO = ALE, where SLE is equal to asset value (AV) times exposure factor (EF); and ARO
is the annualized rate of occurrence.
SLE = 250 x $300; ARO = 5%
$75000 x 0.05 = $3750
Q282. Requiring technicians to report spyware infections is a step in which of the following?
A. Routine audits
B. Change management
C. Incident management
D. Clean desk policy
Answer: C
Explanation:
Incident management refers to the steps followed when events occur (making sure controls are in place to prevent unauthorized access to, and changes of, all IT assets).
Q283. A security administrator is aware that a portion of the company’s Internet-facing network tends to be non-secure due to poorly configured and patched systems. The business owner has accepted the risk of those systems being compromised, but the administrator wants to determine the degree to which those systems can be used to gain access to the company intranet. Which of the following should the administrator perform?
A. Patch management assessment
B. Business impact assessment
C. Penetration test
D. Vulnerability assessment
Answer: C
Explanation:
Penetration testing is the most intrusive type of testing because you are actively trying to circumvent the system’s security controls to gain access to the system. It is also used to determine the degree to which the systems can be used to gain access to the company intranet (the degree of access to local network resources). Penetration testing (also called pen testing) is the practice of testing a computer system, network or Web application to find vulnerabilities that an attacker could exploit. Pen tests can be automated with software applications or they can be performed manually. Either way, the process includes gathering information about the target before the test (reconnaissance), identifying possible entry points, attempting to break in (either virtually or for real) and reporting back the findings. The main objective of penetration testing is to determine security weaknesses. A pen test can also be used to test an organization's security policy compliance, its employees' security awareness and the organization's ability to identify and respond to security incidents. Penetration tests are sometimes called white hat attacks because in a pen test, the good guys are attempting to break in.
Pen test strategies include:
Targeted testing Targeted testing is performed by the organization's IT team and the penetration testing team working together. It's sometimes referred to as a "lights-turned-on" approach because everyone can see the test being carried out.
External testing This type of pen test targets a company's externally visible servers or devices including domain name servers (DNS), e-mail servers, Web servers or firewalls. The objective is to find out if an outside attacker can get in and how far they can get in once they've gained access.
Internal testing This test mimics an inside attack behind the firewall by an authorized user with standard access privileges. This kind of test is useful for estimating how much damage a disgruntled employee could cause.
Blind testing A blind test strategy simulates the actions and procedures of a real attacker by severely limiting the information given to the person or team that's performing the test beforehand. Typically, they may only be given the name of the company. Because this type of test can require a considerable amount of time for reconnaissance, it can be expensive.
Double blind testing Double blind testing takes the blind test and carries it a step further. In this type of pen test, only one or two people within the organization might be aware a test is being conducted. Double-blind tests can be useful for testing an organization's security monitoring and incident identification as well as its response procedures.
Q284. Which of the following security concepts would Sara, the security administrator, use to mitigate the risk of data loss?
A. Record time offset
B. Clean desk policy
C. Cloud computing
D. Routine log review
Answer: B
Explanation:
Clean Desk Policy Information on a desk—in terms of printouts, pads of note paper, sticky notes, and the like—can be easily seen by prying eyes and taken by thieving hands. To protect data and your business, encourage employees to maintain clean desks and to leave out only those papers that are relevant to the project they are working on at that moment. All sensitive information should be put away when the employee is away from their desk. This will mitigate the risk of data loss when applied.
Q285. Which of the following protocols is vulnerable to man-in-the-middle attacks by NOT using end to end TLS encryption?
A. HTTPS
B. WEP
C. WPA
D. WPA 2
Answer: B
Explanation:
WEP offers no end-to-end TLS encryption.
The WEP process consists of a series of steps as follows:
The wireless client sends an authentication request.
The Access Point (AP) sends an authentication response containing clear-text (uh-oh!) challenge
text.
The client takes the challenge text received and encrypts it using a static WEP key.
The client sends the encrypted authentication packet to the AP.
The AP encrypts the challenge text using its own static WEP key and compares the result to the
authentication packet sent by the client. If the results match, the AP begins the association
process for the wireless client.
The big issue with WEP is the fact that it is very susceptible to a Man in the Middle attack. The
attacker captures the clear-text challenge and then the authentication packet reply. The attacker
then reverses the RC4 encryption in order to derive the static WEP key. Yikes!
As you might guess, the designers attempted to strengthen WEP using the approach of key
lengths. The native Windows client supported a 104-bit key as opposed to the initial 40-bit key.
The fundamental weaknesses in the WEP process still remained however.
Far out SY0-401 exam fees:
Q286. Which of the following concepts is used by digital signatures to ensure integrity of the data?
A. Non-repudiation
B. Hashing
C. Transport encryption
D. Key escrow
Answer: B
Explanation:
Most digital signature implementations also use a hash to verify that the message has not been altered, intentionally or accidently, in transit.
Q287. The security administrator needs to manage traffic on a layer 3 device to support FTP from a new remote site. Which of the following would need to be implemented?
A. Implicit deny
B. VLAN management
C. Port security
D. Access control lists
Answer: D
Explanation:
In the OSI model, IP addressing and IP routing are performed at layer 3 (the network layer). In this question we need to configure routing. When configuring routing, you specify which IP range (in this case, the IP subnet of the remote site) is allowed to route traffic through the router to the FTP server.
Traffic that comes into the router is compared to ACL entries based on the order that the entries occur in the router. New statements are added to the end of the list. The router continues to look until it has a match. If no matches are found when the router reaches the end of the list, the traffic is denied. For this reason, you should have the frequently hit entries at the top of the list. There is an implied deny for traffic that is not permitted.
Q288. Ann is an employee in the accounting department and would like to work on files from her home computer. She recently heard about a new personal cloud storage service with an easy web interface. Before uploading her work related files into the cloud for access, which of the following is the MOST important security concern Ann should be aware of?
A. Size of the files
B. Availability of the files
C. Accessibility of the files from her mobile device
D. Sensitivity of the files
Answer: D
Explanation:
Q289. LDAP and Kerberos are commonly used for which of the following?
A. To perform queries on a directory service
B. To store usernames and passwords for Federated Identity
C. To sign SSL wildcard certificates for subdomains
D. To utilize single sign-on capabilities
Answer: D
Explanation:
Single sign-on is usually achieved via the Lightweight Directory Access Protocol (LDAP), although Kerberos can also be used.
Q290. An achievement in providing worldwide Internet security was the signing of certificates associated with which of the following protocols?
A. TCP/IP
B. SSL
C. SCP
D. SSH
Answer: B
Explanation:
SSL (Secure Sockets Layer) is used for establishing an encrypted link between two computers, typically a web server and a browser. SSL is used to enable sensitive information such as login credentials and credit card numbers to be transmitted securely.