SY0-401 Exam
Mar 2021 updated: Actualtests CompTIA SY0-401 practice 461-470
Testking Interactive evaluating software package are suitable for Each of the CompTIA SY0-401 assessment training products and solutions consist of a few characteristics that can make training materials stay ahead of many other on line assessment planning remedy providers. Testking provide make fun of CompTIA SY0-401 assessments for your lifetime of your own devices drivers license, and that we guarantee your own documentation being successful following employing some of our CompTIA SY0-401 documentation tools. Tired with relaxing training by using braindump web-sites and their worthless braindumps? There are plenty of offline and online sources offered currently for your planning of a typical documentation assessment. Applicants may make your mind up the offered method to get geared up with this documentation assessment via Testking together with obtain the transferring report. These kinds of present methods incorporate boot camps, corresponding SY0-401, CompTIA SY0-401 training books, CompTIA SY0-401 process assessments,CompTIA SY0-401 assessment Puts inquiries, CompTIA SY0-401 assessment insights, training any kind of many other sources and also tools. The training is made much simpler as you can down load CompTIA, examine put assessments together with evaluating software within the site.
2021 Mar SY0-401 practice exam
Q461. The network administrator is responsible for promoting code to applications on a DMZ web server. Which of the following processes is being followed to ensure application integrity?
A. Application hardening
B. Application firewall review
C. Application change management
D. Application patch management
Answer: C
Explanation:
Change management is the structured approach that is followed to secure a company’s assets.
Promoting code to application on a SMZ web server would be change management.
Q462. The security administrator at ABC company received the following log information from an external party:
10:45:01 EST, SRC 10.4.3.7:3056, DST 8.4.2.1:80, ALERT, Directory traversal
10:45:02 EST, SRC 10.4.3.7:3057, DST 8.4.2.1:80, ALERT, Account brute force
10:45:03 EST, SRC 10.4.3.7:3058, DST 8.4.2.1:80, ALERT, Port scan
The external party is reporting attacks coming from abc-company.com. Which of the following is the reason the ABC company’s security administrator is unable to determine the origin of the attack?
A. A NIDS was used in place of a NIPS.
B. The log is not in UTC.
C. The external party uses a firewall.
D. ABC company uses PAT.
Answer: D
Explanation:
PAT would ensure that computers on ABC’s LAN translate to the same IP address, but with a different port number assignment. The log information shows the IP address, not the port number, making it impossible to pin point the exact source.
Q463. Which of the following is BEST used as a secure replacement for TELNET?
A. HTTPS
B. HMAC
C. GPG
D. SSH
Answer: D
Explanation:
SSH transmits both authentication traffic and data in a secured encrypted form, whereas Telnet transmits both authentication credentials and data in clear text.
Q464. Verifying the integrity of data submitted to a computer program at or during run-time, with the intent of preventing the malicious exploitation of unintentional effects in the structure of the code, is BEST described as which of the following?
A. Output sanitization
B. Input validation
C. Application hardening
D. Fuzzing
Answer: B
Explanation:
Q465. Which of the following assets is MOST likely considered for DLP?
A. Application server content
B. USB mass storage devices
C. Reverse proxy
D. Print server
Answer: B
Explanation:
Data loss prevention (DLP) systems monitor the contents of systems (workstations, servers, and networks) to make sure that key content is not deleted or removed. They also monitor who is using the data (looking for unauthorized access) and transmitting the data. A USB presents the most likely device to be used to steal data because of its physical size.
Renew SY0-401 exam question:
Q466. Which of the following access controls enforces permissions based on data labeling at specific levels?
A. Mandatory access control
B. Separation of duties access control
C. Discretionary access control
D. Role based access control
Answer: A
Explanation:
In a MAC environment everything is assigned a classification marker. Subjects are assigned a clearance level and objects are assigned a sensitivity label.
Q467. Which of the following is an example of a false negative?
A. The IDS does not identify a buffer overflow.
B. Anti-virus identifies a benign application as malware.
C. Anti-virus protection interferes with the normal operation of an application.
D. A user account is locked out after the user mistypes the password too many times.
Answer: A
Explanation:
With a false negative, you are not alerted to a situation when you should be alerted.
Q468. Which of the following protocols allows for the LARGEST address space?
A. IPX
B. IPv4
C. IPv6
D. Appletalk
Answer: C
Explanation:
The main advantage of IPv6 over IPv4 is its larger address space. The length of an IPv6 address is 128 bits, compared with 32 bits in IPv4.
Q469. The Chief Security Officer (CSO) is contacted by a first responder. The CSO assigns a handler. Which of the following is occurring?
A. Unannounced audit response
B. Incident response process
C. Business continuity planning
D. Unified threat management
E. Disaster recovery process
Answer: B
Explanation:
Q470. After a network outage, a PC technician is unable to ping various network devices. The network administrator verifies that those devices are working properly and can be accessed securely.
Which of the following is the MOST likely reason the PC technician is unable to ping those devices?
A. ICMP is being blocked
B. SSH is not enabled
C. DNS settings are wrong
D. SNMP is not configured properly
Answer: A
Explanation:
ICMP is a protocol that is commonly used by tools such as ping, traceroute, and pathping. ICMP offers no information If ICMP request queries go unanswered, or ICMP replies are lost or blocked.