What Avant-garde SY0-401 Is?

SY0-401 Exam

Cause all that matters here is passing the CompTIA SY0-401 exam. Cause all that you need is a high score of SY0-401 CompTIA Security+ Certification exam. The only one thing you need to do is downloading Ucertify SY0-401 exam study guides now. We will not let you down with our money-back guarantee.

2021 Apr SY0-401 exam

Q131. Which of the following technologies uses multiple devices to share work?

A. Switching

B. Load balancing

C. RAID

D. VPN concentrator

Answer: B

Explanation:

Load balancing is a way of providing high availability by splitting the workload across multiple computers.

Q132. A security administrator is reviewing the company’s continuity plan. The plan specifies an RTO of six hours and RPO of two days. Which of the following is the plan describing?

A. Systems should be restored within six hours and no later than two days after the incident.

B. Systems should be restored within two days and should remain operational for at least six hours.

C. Systems should be restored within six hours with a minimum of two days worth of data.

D. Systems should be restored within two days with a minimum of six hours worth of data.

Answer: C

Explanation:

The recovery time objective (RTO) is the maximum amount of time that a process or service is allowed to be down and the consequences still to be considered acceptable. Beyond this time, the break in business continuity is considered to affect the business negatively. The RTO is agreed on during the business impact analysis (BIA) creation.

The recovery point objective (RPO) is similar to RTO, but it defines the point at which the system needs to be restored. This could be where the system was two days before it crashed (whip out the old backup tapes) or five minutes before it crashed (requiring complete redundancy). As a general rule, the closer the RPO matches the item of the crash, the more expensive it is to obtain.

Q133. A network administrator is asked to send a large file containing PII to a business associate.

Which of the following protocols is the BEST choice to use?

A. SSH

B. SFTP

C. SMTP

D. FTP

Answer: B

Explanation:

SFTP encrypts authentication and data traffic between the client and server by making use of SSH to provide secure FTP communications. As a result, SFTP offers protection for both the authentication traffic and the data transfer taking place between a client and server.

Q134. Joe, a network security engineer, has visibility to network traffic through network monitoring tools.

However, he’s concerned that a disgruntled employee may be targeting a server containing the company’s financial records. Which of the following security mechanism would be MOST appropriate to confirm Joe’s suspicion?

A. HIDS

B. HIPS

C. NIPS

D. NIDS

Answer: A

Explanation:

A host-based IDS (HIDS) is an intrusion detection system that runs as a service on a host computer system. It is used to monitor the machine logs, system events, and application activity for signs of intrusion. It is useful for detecting attacks that originate outside the organization as well as attacks by internal users logged on to the system.

Q135. DRAG DROP

A security administrator wants to implement strong security on the company smart phones and terminal servers located in the data center. Drag and drop the applicable controls to each asset type.

Instructions: Controls can be used multiple times and not all placeholders need to be filled. When you have completed the simulation, please select the Done button to submit.

Answer:

Explanation:

References:

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex,

Indianapolis, 2014, pp 221, 222, 369, 418

http://www.mentor-app.com/

Updated SY0-401 training:

Q136. A technician is unable to manage a remote server. Which of the following ports should be opened on the firewall for remote server management? (Select TWO).

A. 22

B. 135

C. 137

D. 143

E. 443

F. 3389

Answer: A,F

Explanation:

A secure remote administration solution and Remote Desktop protocol is required.

Secure Shell (SSH) is a secure remote administration solution and makes use of TCP port 22.

Remote Desktop Protocol (RDP) uses TCP port 3389.

Q137. Which of the following must be kept secret for a public key infrastructure to remain secure?

A. Certificate Authority

B. Certificate revocation list

C. Public key ring

D. Private key

Answer: D

Explanation:

The private key, which is also called the secret key, must be kept secret.

Q138. The Quality Assurance team is testing a new third party developed application. The Quality team does not have any experience with the application. Which of the following is the team performing?

A. Grey box testing

B. Black box testing

C. Penetration testing

D. White box testing

Answer: B

Explanation:

Black-box testing is a method of software testing that examines the functionality of an application without peering into its internal structures or workings. This method of test can be applied to virtually every level of software testing: unit, integration, system and acceptance. It typically comprises most if not all higher level testing, but can also dominate unit testing as well. Specific knowledge of the application's code/internal structure and programming knowledge in general is not required. The tester is aware of what the software is supposed to do but is not aware of how it does it. For instance, the tester is aware that a particular input returns a certain, invariable output but is not aware of how the software produces the output in the first place.

Q139. A datacenter requires that staff be able to identify whether or not items have been removed from the facility. Which of the following controls will allow the organization to provide automated notification of item removal?

A. CCTV

B. Environmental monitoring

C. RFID

D. EMI shielding

Answer: C

Explanation:

RFID is radio frequency identification that works with readers that work with 13.56 MHz smart cards and 125 kHz proximity cards and can open turnstiles, gates, and any other physical security safeguards once the signal is read. Fitting out the equipment with RFID will allow you to provide automated notification of item removal in the event of any of the equipped items is taken off the premises.

Q140. Which of the following software allows a network administrator to inspect the protocol header in order to troubleshoot network issues?

A. URL filter

B. Spam filter

C. Packet sniffer

D. Switch

Answer: C

Explanation:

Every data packet transmitted across a network has a protocol header. To view a protocol header, you need to capture and view the contents of the packet with a packet sniffer.

A sniffer (packet sniffer) is a tool that intercepts data flowing in a network. If computers are connected to a local area network that is not filtered or switched, the traffic can be broadcast to all computers contained in the same segment. This doesn’t generally occur, since computers are generally told to ignore all the comings and goings of traffic from other computers. However, in the case of a sniffer, all traffic is shared when the sniffer software commands the Network Interface Card (NIC) to stop ignoring the traffic. The NIC is put into promiscuous mode, and it reads communications between computers within a particular segment. This allows the sniffer to seize everything that is flowing in the network, which can lead to the unauthorized access of sensitive data. A packet sniffer can take the form of either a hardware or software solution. A sniffer is also known as a packet analyzer.