getcertified4sure.com

Top Tips Of SY0-401 preparation




Victory is not much away by participating in Ucertify CompTIA education course which costs a little money. Sigh upwards for the CompTIA CompTIA SY0-401 education course along with make complete preparation for the true test. This particular training along with coaching will assure your good results in CompTIA SY0-401 exam. Each and every candidates will have got full command from the CompTIA actual check. We bear your concept in mind that "no help, complete refund". If you acquire our CompTIA CompTIA exam dumps yet get absolutely no expected results, you can claim the complete paying fees again.

2021 Mar SY0-401 latest exam

Q321. Which of the following is an example of a false positive? 

A. Anti-virus identifies a benign application as malware. 

B. A biometric iris scanner rejects an authorized user wearing a new contact lens. 

C. A user account is locked out after the user mistypes the password too many times. 

D. The IDS does not identify a buffer overflow. 

Answer:

Explanation: 

A false positive is an error in some evaluation process in which a condition tested for is mistakenly found to have been detected. In spam filters, for example, a false positive is a legitimate message mistakenly marked as UBE --unsolicited bulk email, as junk email is more formally known. Messages that are determined to be spam -- whether correctly or incorrectly -- may be rejected by a server or client-side spam filter and returned to the sender as bounce e-mail. One problem with many spam filtering tools is that if they are configured stringently enough to be effective, there is a fairly high chance of getting false positives. The risk of accidentally blocking an important message has been enough to deter many companies from implementing any anti-spam measures at all. False positives are also common in security systems. A host intrusion prevention system (HIPS), for example, looks for anomalies, such as deviations in bandwidth, protocols and ports. When activity varies outside of an acceptable range – for example, a remote application attempting to open a normally closed port -- an intrusion may be in progress. However, an anomaly, such as a sudden spike in bandwidth use, does not guarantee an actual attack, so this approach amounts to an educated guess and the chance for false positives can be high. False positives contrast with false negatives, which are results indicating mistakenly that some condition tested for is absent. 


Q322. In intrusion detection system vernacular, which account is responsible for setting the security policy for an organization? 

A. Supervisor 

B. Administrator 

C. Root 

D. Director 

Answer:

Explanation: 

The administrator is the person responsible for setting the security policy for an organization and is responsible for making decisions about the deployment and configuration of the IDS. 


Q323. Which of the following should a security technician implement to identify untrusted certificates? 

A. CA 

B. PKI 

C. CRL 

D. Recovery agent 

Answer:

Explanation: 

Untrusted certificates and keys are revoked and put into the CRL. Note: The CRL (Certificate revocation list) is exactly what its name implies: a list of subscribers paired with digital certificate status. The list enumerates revoked certificates along with the reason(s) for revocation. The dates of certificate issue, and the entities that issued them, are also included. 


Q324. A software development company wants to implement a digital rights management solution to protect its intellectual property. Which of the following should the company implement to enforce software digital rights? 

A. Transport encryption 

B. IPsec 

C. Non-repudiation 

D. Public key infrastructure 

Answer:

Explanation: 

The Public-Key Infrastructure (PKI) is intended to offer a means of providing security to messages and transactions on a grand scale. The need for universal systems to support e-commerce, secure transactions, and information privacy is one aspect of the issues being addressed with PKI. A PKI can be used to protect software. 


Q325. The IT department noticed that there was a significant decrease in network performance during the afternoon hours. The IT department performed analysis of the network and discovered this was due to users accessing and downloading music and video streaming from social sites. The IT department notified corporate of their findings and a memo was sent to all employees addressing the misuse of company resources and requesting adherence to company policy. Which of the following policies is being enforced? 

A. Acceptable use policy 

B. Telecommuting policy 

C. Data ownership policy 

D. Non disclosure policy 

Answer:

Explanation: 


Latest SY0-401 real exam:

Q326. A new application needs to be deployed on a virtual server. The virtual server hosts a SQL server that is used by several employees. 

Which of the following is the BEST approach for implementation of the new application on the virtual server? 

A. Take a snapshot of the virtual server after installing the new application and store the snapshot in a secure location. 

B. Generate a baseline report detailing all installed applications on the virtualized server after installing the new application. 

C. Take a snapshot of the virtual server before installing the new application and store the snapshot in a secure location. 

D. Create an exact copy of the virtual server and store the copy on an external hard drive after installing the new application. 

Answer:

Explanation: 

Snapshots are backups of virtual machines that can be used to quickly recover from poor updates, and errors arising from newly installed applications. However, the snapshot should be taken before the application or update is installed. 


Q327. Which of the following BEST describes part of the PKI process? 

A. User1 decrypts data with User2’s private key 

B. User1 hashes data with User2’s public key 

C. User1 hashes data with User2’s private key 

D. User1 encrypts data with User2’s public key 

Answer:

Explanation: 

In a PKI the sender encrypts the data using the receiver's public key. The receiver decrypts the 

data using his own private key. 

PKI is a two-key, asymmetric system with four main components: certificate authority (CA), 

registration authority (RA), RSA (the encryption algorithm), and digital certificates. Messages are 

encrypted with a public key and decrypted with a private key. 

A PKI example: 

1.

 You want to send an encrypted message to Jordan, so you request his public key. 

2.

 Jordan responds by sending you that key. 

3.

 You use the public key he sends you to encrypt the message. 

4.

 You send the message to him. 

5.

 Jordan uses his private key to decrypt the message. 


Q328. Which of the following assessment techniques would a security administrator implement to ensure that systems and software are developed properly? 

A. Baseline reporting 

B. Input validation 

C. Determine attack surface 

D. Design reviews 

Answer:

Explanation: 

When implementing systems and software, an important step is the design of the systems and 

software. The systems and software should be designed to ensure that the system works as 

intended and is secure. 

The design review assessment examines the ports and protocols used, the rules, segmentation, 

and access control in the system or application. A design review is basically a check to ensure that 

the design of the system meets the security requirements. 


Q329. During a security assessment, an administrator wishes to see which services are running on a remote server. Which of the following should the administrator use? 

A. Port scanner 

B. Network sniffer 

C. Protocol analyzer 

D. Process list 

Answer:

Explanation: 

Different services use different ports. When a service is enabled on a computer, a network port is opened for that service. For example, enabling the HTTP service on a web server will open port 80 on the server. By determining which ports are open on a remote server, we can determine which services are running on that server. A port scanner is a software application designed to probe a server or host for open ports. This is often used by administrators to verify security policies of their networks and by attackers to identify running services on a host with the view to compromise it. A port scan or portscan can be defined as a process that sends client requests to a range of server port addresses on a host, with the goal of finding an active port. While not a nefarious process in and of itself, it is one used by hackers to probe target machine services with the aim of exploiting a known vulnerability of that service. However the majority of uses of a port scan are not attacks and are simple probes to determine services available on a remote machine. 


Q330. An administrator implements SELinux on a production web server. After implementing this, the web server no longer serves up files from users' home directories. To rectify this, the administrator creates a new policy as the root user. This is an example of which of the following? (Select TWO). 

A. Enforcing SELinux in the OS kernel is role-based access control 

B. Enforcing SELinux in the OS kernel is rule-based access control 

C. The policy added by the root user is mandatory access control 

D. Enforcing SELinux in the OS kernel is mandatory access control 

E. The policy added by the root user is role-based access control 

F. The policy added by the root user is rule-based access control 

Answer: D,F 

Explanation: