Top 10 questions pool SY0-401 for IT specialist (41 to 50)

SY0-401 Exam

2021 Apr SY0-401 exam topics

Q41. Which of the following tools would a security administrator use in order to identify all running services throughout an organization?

A. Architectural review

B. Penetration test

C. Port scanner

D. Design review

Answer: C

Explanation:

Different services use different ports. When a service is enabled on a computer, a network port is opened for that service. For example, enabling the HTTP service on a web server will open port 80 on the server. By determining which ports are open on a remote server, we can determine which services are running on that server. A port scanner is a software application designed to probe a server or host for open ports. This is often used by administrators to verify security policies of their networks and by attackers to identify running services on a host with the view to compromise it. A port scan or portscan can be defined as a process that sends client requests to a range of server port addresses on a host, with the goal of finding an active port. While not a nefarious process in and of itself, it is one used by hackers to probe target machine services with the aim of exploiting a known vulnerability of that service. However the majority of uses of a port scan are not attacks and are simple probes to determine services available on a remote machine.

Q42. When reviewing a digital certificate for accuracy, which of the following would Matt, a security administrator, focus on to determine who affirms the identity of the certificate owner?

A. Trust models

B. CRL

C. CA

D. Recovery agent

Answer: C

Explanation:

A certificate authority (CA) is an organization that is responsible for issuing, revoking, and distributing certificates. The CA affirms the identity of the certificate owner.

Q43. The process of making certain that an entity (operating system, application, etc.) is as secure as it can be is known as:

A. Stabilizing

B. Reinforcing

C. Hardening

D. Toughening

Answer: C

Explanation:

Hardening is the process of securing a system by reducing its surface of vulnerability. Reducing the surface of vulnerability typically includes removing unnecessary functions and features, removing unnecessary usernames or logins and disabling unnecessary services.

Q44. Digital Signatures provide which of the following?

A. Confidentiality

B. Authorization

C. Integrity

D. Authentication

E. Availability

Answer: C

Explanation:

A digital signature is similar in function to a standard signature on a document. It validates the integrity of the message and the sender.

Q45. An organization does not have adequate resources to administer its large infrastructure. A security administrator wishes to integrate the security controls of some of the network devices in the organization. Which of the following methods would BEST accomplish this goal?

A. Unified Threat Management

B. Virtual Private Network

C. Single sign on

D. Role-based management

Answer: A

Explanation:

Unified Threat Management (UTM) is, basically, the combination of a firewall with other abilities.

These abilities include intrusion prevention, antivirus, content filtering, etc. Advantages of

combining everything into one:

You only have one product to learn.

You only have to deal with a single vendor.

IT provides reduced complexity.

Renovate SY0-401 dumps:

Q46. Which of the following is the GREATEST security risk of two or more companies working together under a Memorandum of Understanding?

A. Budgetary considerations may not have been written into the MOU, leaving an entity to absorb more cost than intended at signing.

B. MOUs have strict policies in place for services performed between the entities and the penalties for compromising a partner are high.

C. MOUs are generally loose agreements and therefore may not have strict guidelines in place to protect sensitive data between the two entities.

D. MOUs between two companies working together cannot be held to the same legal standards as SLAs.

Answer: C

Explanation:

The Memorandum of Understanding This document is used in many settings in the information industry. It is a brief summary of which party is responsible for what portion of the work. For example, Company A may be responsible for maintaining the database server and Company B may be responsible for telecommunications. MOUs are not legally binding but they carry a degree of seriousness and mutual respect, stronger than a gentlemen’s agreement. Often, MOUs are the first steps towards a legal contract.

Q47. A recently installed application update caused a vital application to crash during the middle of the workday. The application remained down until a previous version could be reinstalled on the server, and this resulted in a significant loss of data and revenue.

Which of the following could BEST prevent this issue from occurring again?

A. Application configuration baselines

B. Application hardening

C. Application access controls

D. Application patch management

Answer: D

Explanation:

Patch management is the process of maintaining the latest source code for applications and operating systems by applying the latest vendor updates. This helps protect a systems from newly discovered attacks and vulnerabilities. A part of patch management is testing the effects of vendor updates on a test system first to ensure that the updates do not have detrimental effects on the system, and, should the updates have no detrimental effects on the test systems, backing up the production systems before applying the updates on a production system.

Q48. Which device monitors network traffic in a passive manner?

A. Sniffer

B. IDS

C. Firewall

D. Web browser

Answer: A

Explanation:

A sniffer is another name for a protocol analyzer. A protocol analyzer performs its function in a

passive manner. In other words, computers on the network do not know that their data packets

have been captured.

A Protocol Analyzer is a hardware device or more commonly a software program used to capture

network data communications sent between devices on a network. Capturing packets sent from a

computer system is known as packet sniffing.

Well known software protocol analyzers include Message Analyzer (formerly Network Monitor)

from Microsoft and Wireshark (formerly Ethereal).

A sniffer (packet sniffer) is a tool that intercepts data flowing in a network. If computers are

connected to a local area network that is not filtered or switched, the traffic can be broadcast to all

computers contained in the same segment. This doesn’t generally occur, since computers are

generally told to ignore all the comings and goings of traffic from other computers. However, in the

case of a sniffer, all traffic is shared when the sniffer software commands the Network Interface

Card (NIC) to stop ignoring the traffic. The NIC is put into promiscuous mode, and it reads

communications between computers within a particular segment. This allows the sniffer to seize everything that is flowing in the network, which can lead to the unauthorized access of sensitive data. A packet sniffer can take the form of either a hardware or software solution. A sniffer is also known as a packet analyzer.

Q49. A security administrator notices large amounts of traffic within the network heading out to an external website. The website seems to be a fake bank site with a phone number that when called, asks for sensitive information. After further investigation, the security administrator notices that a fake link was sent to several users. This is an example of which of the following attacks?

A. Vishing

B. Phishing

C. Whaling

D. SPAM

E. SPIM

Answer: B

Explanation:

Phishing is the act of sending an email to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. Phishing email will direct the user to visit a website where they are asked to update personal information, such as a password, credit card, social security, or bank account numbers, that the legitimate organization already has. The website, however, is bogus and set up only to steal the information the user enters on the page. Phishing emails are blindly sent to thousands, if not millions of recipients. By spamming large groups of people, the "phisher" counts on the email being read by a percentage of people who actually have an account with the legitimate company being spoofed in the email and corresponding webpage. Phishing, also referred to as brand spoofing or carding, is a variation on "fishing," the idea being that bait is thrown out with the hopes that while most will ignore the bait, some will be tempted into biting.

Q50. Mike, a security professional, is tasked with actively verifying the strength of the security controls on a company’s live modem pool. Which of the following activities is MOST appropriate?

A. War dialing

B. War chalking

C. War driving

D. Bluesnarfing

Answer: A

Explanation:

War dialing is a technique of using a modem to automatically scan a list of telephone numbers, usually dialing every number in a local area code to search for computers, Bulletin board systems and fax machines. Hackers use the resulting lists for various purposes: hobbyists for exploration, and crackers - malicious hackers who specialize in computer security - for guessing user accounts (by capturing voicemail greetings), or locating modems that might provide an entry-point into computer or other electronic systems. It may also be used by security personnel, for example, to detect unauthorized devices, such as modems or faxes, on a company's telephone network.