getcertified4sure.com

SY0-401 Exam

Certified SY0-401 discount pack Reviews & Tips



Exambible offers the most reliable along with high-quality CompTIA SY0-401 practice dumps for CompTIA certification exam. A new large amount of consumers have faith in your CompTIA CompTIA products. We are confident with the quality regarding our CompTIA CompTIA goods and that is why many of us offer any no hassle 30 days Income Back Promise. If you fail the CompTIA exam after buying our goods, we may refund the total amount. Exambible contains the utmost source regarding CompTIA SY0-401 exam questions and answers. These types of understandable CompTIA SY0-401 study components are offered in downloadable Pdf format which is basic to utilize.

2021 Mar SY0-401 download

Q141. Which of the following types of risk reducing policies also has the added indirect benefit of cross training employees when implemented? 

A. Least privilege 

B. Job rotation 

C. Mandatory vacations 

D. Separation of duties 

Answer:

Explanation: 

A job rotation policy defines intervals at which employees must rotate through positions. Similar in purpose to mandatory vacations, it helps to ensure that the company does not become too dependent on one person and it does afford the company with the opportunity to place another person in that same job. 


Q142. A firewall technician has been instructed to disable all non-secure ports on a corporate firewall. The technician has blocked traffic on port 21, 69, 80, and 137-139. The technician has allowed traffic on ports 22 and 443. Which of the following correctly lists the protocols blocked and allowed? 

A. Blocked: TFTP, HTTP, NetBIOS; Allowed: HTTPS, FTP 

B. Blocked: FTP, TFTP, HTTP, NetBIOS; Allowed: SFTP, SSH, SCP, HTTPS 

C. Blocked: SFTP, TFTP, HTTP, NetBIOS; Allowed: SSH, SCP, HTTPS 

D. Blocked: FTP, HTTP, HTTPS; Allowed: SFTP, SSH, SCP, NetBIOS 

Answer:

Explanation: 

The question states that traffic on port 21, 69, 80, and 137-139 is blocked, while ports 22 and 443 are allowed. 

Port 21 is used for FTP by default. 

Port 69 is used for TFTP. 

Port 80 is used for HTTP. 

Ports 137-139 are used for NetBIOS. 

VMM uses SFTP over default port 22. 

Port 22 is used for SSH by default. 

SCP runs over TCP port 22 by default. 

Port 443 is used for HTTPS. 


Q143. A hospital IT department wanted to secure its doctor’s tablets. The IT department wants operating system level security and the ability to secure the data from alteration. Which of the following methods would MOST likely work? 

A. Cloud storage 

B. Removal Media 

C. TPM 

D. Wiping 

Answer:

Explanation: 

Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores cryptographic keys, passwords, or certificates. 


Q144. Pete’s corporation has outsourced help desk services to a large provider. Management has published a procedure that requires all users, when receiving support, to call a special number. 

Users then need to enter the code provided to them by the help desk technician prior to allowing the technician to work on their PC. Which of the following does this procedure prevent? 

A. Collusion 

B. Impersonation 

C. Pharming 

D. Transitive Access 

Answer:

Explanation: 

Impersonation is where a person, computer, software application or service pretends to be someone or something it’s not. Impersonation is commonly non-maliciously used in client/server applications. However, it can also be used as a security threat. 

The procedure the users have to go through is to ensure that the technician who will have access to the computer is a genuine technician and not someone impersonating a technician. 


Q145. Matt, the network engineer, has been tasked with separating network traffic between virtual machines on a single hypervisor. Which of the following would he implement to BEST address this requirement? (Select TWO). 

A. Virtual switch 

B. NAT 

C. System partitioning 

D. Access-list 

E. Disable spanning tree 

F. VLAN 

Answer: A,F 

Explanation: 

A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. A virtual switch is a software application that allows communication between virtual machines. A combination of the two would best satisfy the question. 


Improved SY0-401 exam answers:

Q146. A security administrator wants to ensure that the message the administrator sends out to their Chief Financial Officer (CFO) does not get changed in route. Which of the following is the administrator MOST concerned with? 

A. Data confidentiality 

B. High availability 

C. Data integrity 

D. Business continuity 

Answer:

Explanation: 

Integrity is the process of ensuring that the information has not been altered during transmission. This can be accomplished by means of hashing. 


Q147. Allowing unauthorized removable devices to connect to computers increases the risk of which of the following? 

A. Data leakage prevention 

B. Data exfiltration 

C. Data classification 

D. Data deduplication 

Answer:

Explanation: Data exfiltration is the unauthorized copying, transfer or retrieval of data from a system. 


Q148. Which of the following controls should critical application servers implement to protect themselves from other potentially compromised application services? 

A. NIPS 

B. Content filter 

C. NIDS 

D. Host-based firewalls 

Answer:

Explanation: 


Q149. Which of the following could a security administrator implement to mitigate the risk of tailgating for a large organization? 

A. Train employees on correct data disposal techniques and enforce policies. 

B. Only allow employees to enter or leave through one door at specified times of the day. 

C. Only allow employees to go on break one at a time and post security guards 24/7 at each entrance. 

D. Train employees on risks associated with social engineering attacks and enforce policies. 

Answer:

Explanation: 

Tailgating is the term used for someone being so close to you when you enter a building that they are able to come in right behind you without needing to use a key, a card, or any other security device. Many social engineering intruders needing physical access to a site will use this method of gaining entry. Educate users to beware of this and other social engineering ploys and prevent them from happening. 


Q150. It has been discovered that students are using kiosk tablets intended for registration and scheduling to play games and utilize instant messaging. Which of the following could BEST eliminate this issue? 

A. Device encryption 

B. Application control 

C. Content filtering 

D. Screen-locks 

Answer:

Explanation: 


© Copyright Getcertified4sure.com. examcollectionuk.com
All other trademarks and copyrights are the property of their respective owners.
All rights reserved.