SY0-401 Exam
Top Most recent SY0-401 dumps Reviews!
Actualtests provides 100% free of charge CompTIA SY0-401 braindumps which guarantee your success at the 1st attempt. No far more other web sites can provide this offer. You will have immediate access to our downloadable SY0-401 examination engine software. Get the perfect CompTIA CompTIA training materials as well as make complete preparation for the SY0-401 exam. You can find everything accessible that may look in the CompTIA SY0-401 exam. Each of our CompTIA CompTIA exam questions and answers are in specifics and in depth. We develop an interactive platform regarding all the candidates. You are able to visit the webpage, as well as talk with each other. So you may make progress quicker as well as easier.
2021 Apr SY0-401 exam cram
Q531. In PKI, a key pair consists of: (Select TWO).
A. A key ring
B. A public key
C. A private key
D. Key escrow
E. A passphrase
Answer: B,C
Explanation:
In a PKI the sender encrypts the data using the receiver's public key. The receiver decrypts the data using his own private key. The key pair consists of these two keys.
Q532. Which of the following techniques describes the use of application isolation during execution to prevent system compromise if the application is compromised?
A. Least privilege
B. Sandboxing
C. Black box
D. Application hardening
Answer: B
Explanation:
Sandboxing is the process of isolating a system before installing new applications on it so as to restrict any potential malware that may be embedded in the new application from being able to cause harm to production systems.
Q533. A recent review of accounts on various systems has found that after employees' passwords are required to change they are recycling the same password as before. Which of the following policies should be enforced to prevent this from happening? (Select TWO).
A. Reverse encryption
B. Minimum password age
C. Password complexity
D. Account lockouts
E. Password history
F. Password expiration
Answer: B,E
Explanation:
Q534. Matt, a security consultant, has been tasked with increasing server fault tolerance and has been given no budget to accomplish his task. Which of the following can Matt implement to ensure servers will withstand hardware failure?
A. Hardware load balancing
B. RAID
C. A cold site
D. A host standby
Answer: B
Explanation:
Fault tolerance is the ability of a system to sustain operations in the event of a component failure. Fault-tolerant systems can continue operation even though a critical component, such as a disk drive, has failed. This capability involves overengineering systems by adding redundant components and subsystems. RAID can achieve fault tolerance using software which can be done using the existing hardware and software.
Q535. After entering the following information into a SOHO wireless router, a mobile device’s user reports being unable to connect to the network:
PERMIT 0A: D1: FA. B1: 03: 37
DENY 01: 33: 7F: AB: 10: AB
Which of the following is preventing the device from connecting?
A. WPA2-PSK requires a supplicant on the mobile device.
B. Hardware address filtering is blocking the device.
C. TCP/IP Port filtering has been implemented on the SOHO router.
D. IP address filtering has disabled the device from connecting.
Answer: B
Explanation:
MAC filtering allows you to include or exclude computers and devices based on their MAC address.
Up to the immediate present SY0-401 dumps:
Q536. Which of the following should be deployed to prevent the transmission of malicious traffic between virtual machines hosted on a singular physical device on a network?
A. HIPS on each virtual machine
B. NIPS on the network
C. NIDS on the network
D. HIDS on each virtual machine
Answer: A
Explanation:
Host-based intrusion prevention system (HIPS) is an installed software package which monitors a single host for suspicious activity by analyzing events occurring within that host.
Q537. The network security engineer just deployed an IDS on the network, but the Chief Technical Officer (CTO) has concerns that the device is only able to detect known anomalies. Which of the following types of IDS has been deployed?
A. Signature Based IDS
B. Heuristic IDS
C. Behavior Based IDS
D. Anomaly Based IDS
Answer: A
Explanation:
A signature based IDS will monitor packets on the network and compare them against a database of signatures or attributes from known malicious threats.
Q538. A process in which the functionality of an application is tested without any knowledge of the internal mechanisms of the application is known as:
A. Black box testing
B. White box testing
C. Black hat testing
D. Gray box testing
Answer: A
Explanation:
Black-box testing is a method of software testing that examines the functionality of an application without peering into its internal structures or workings. This method of test can be applied to virtually every level of software testing: unit, integration, system and acceptance. It typically comprises most if not all higher level testing, but can also dominate unit testing as well. Specific knowledge of the application's code/internal structure and programming knowledge in general is not required. The tester is aware of what the software is supposed to do but is not aware of how it does it. For instance, the tester is aware that a particular input returns a certain, invariable output but is not aware of how the software produces the output in the first place.
Q539. Jane, a VPN administrator, was asked to implement an encryption cipher with a MINIMUM effective security of 128-bits. Which of the following should Jane select for the tunnel encryption?
A. Blowfish
B. DES
C. SHA256
D. HMAC
Answer: A
Explanation:
Blowfish is an encryption system that performs a 64-bit block cipher at very fast speeds. It is a symmetric block cipher that can use variable-length keys (from 32 bits to 448 bits). Among the alternatives listed above, it is the only cipher that can use a 128-bit key and which does provide additional security through a symmetric key.
Q540. Pete, the system administrator, wishes to monitor and limit users’ access to external websites.
Which of the following would BEST address this?
A. Block all traffic on port 80.
B. Implement NIDS.
C. Use server load balancers.
D. Install a proxy server.
Answer: D
Explanation:
A proxy is a device that acts on behalf of other(s). In the interest of security, all internal user interaction with the Internet should be controlled through a proxy server. The proxy server should automatically block known malicious sites. The proxy server should cache often-accessed sites to improve performance.