Selecting which unfortunately approach to discovering fits into your budget should really be a persons first master plan before beginning to review. In case you?¡¥re performing and also don?¡¥t possess the time for them to commit to in-class bootcamps, Ucertify would suggest personally analysis software programs. Utilizing this type of tactic, you?¡¥re capable of analysis for your stipulations, this means any time you?¡¥re at ease and possess time for them to absolutely center. Why would certainly somebody that?¡¥s recently been employed by a company sometimes trouble to have authorized specially when they have a CompTIA SY0-401 qualification and possess recently been employed by some time with the one manager? By just proving your skills usually are updated you will be additional throughout range for one more publicity further advancement with your function or for the subsequent function. Your own likewise proving a persons manager which you?¡¥re an invaluable an affiliate the team which you?¡¥re ready to learn about new things.

2021 Mar SY0-401 free exam

Q611. Ann, a newly hired human resource employee, sent out confidential emails with digital signatures, to an unintended group. Which of the following would prevent her from denying accountability? 

A. Email Encryption 

B. Steganography 

C. Non Repudiation 

D. Access Control 

Answer:

Explanation: 

Nonrepudiation prevents one party from denying actions they carried out. 


Q612. Matt, a security analyst, needs to implement encryption for company data and also prevent theft of company data. Where and how should Matt meet this requirement? 

A. Matt should implement access control lists and turn on EFS. 

B. Matt should implement DLP and encrypt the company database. 

C. Matt should install Truecrypt and encrypt the company server. 

D. Matt should install TPMs and encrypt the company database. 

Answer:

Explanation: 

Data loss prevention (DLP) systems monitor the contents of systems (workstations, servers, and networks) to make sure that key content is not deleted or removed. They also monitor who is using the data (looking for unauthorized access) and transmitting the data. Encryption is used to protect data. 


Q613. An internal audit has detected that a number of archived tapes are missing from secured storage. There was no recent need for restoration of data from the missing tapes. The location is monitored by access control and CCTV systems. Review of the CCTV system indicates that it has not been recording for three months. The access control system shows numerous valid entries into the storage location during that time. The last audit was six months ago and the tapes were accounted for at that time. Which of the following could have aided the investigation? 

A. Testing controls 

B. Risk assessment 

C. Signed AUP 

D. Routine audits 

Answer:

Explanation: 


Q614. Which of the following identifies certificates that have been compromised or suspected of being compromised? 

A. Certificate revocation list 

B. Access control list 

C. Key escrow registry 

D. Certificate authority 

Answer:

Explanation: 

Certificates that have been compromised or are suspected of being compromised are revoked. A CRL is a locally stored record containing revoked certificates and revoked keys. 


Q615. Which of the following can be implemented with multiple bit strength? 

A. AES 

B. DES 

C. SHA-1 

D. MD5 

E. MD4 

Answer:

Explanation: 

AES (a symmetric algorithm) uses key sizes of 128, 192, or 256 bits. 


Leading SY0-401 exam answers:

Q616. Which of the following types of data encryption would Matt, a security administrator, use to encrypt a specific table? 

A. Full disk 

B. Individual files 

C. Database 

D. Removable media 

Answer:

Explanation: 

A table is stored in a database. Database encryption makes use of cryptography functions that are built into the database software to encrypt the data stored in the database. This often offers granular encryption options which allows for the encryptions of the entire database, specific database tables, or specific database fields, such as a credit card number field. 


Q617. When reviewing a digital certificate for accuracy, which of the following would Matt, a security administrator, focus on to determine who affirms the identity of the certificate owner? 

A. Trust models 

B. CRL 

C. CA 

D. Recovery agent 

Answer:

Explanation: 

A certificate authority (CA) is an organization that is responsible for issuing, revoking, and distributing certificates. The CA affirms the identity of the certificate owner. 


Q618. According to company policy an administrator must logically keep the Human Resources department separated from the Accounting department. Which of the following would be the simplest way to accomplish this? 

A. NIDS 

B. DMZ 

C. NAT 

D. VLAN 

Answer:

Explanation: A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. 


Q619. After a company has standardized to a single operating system, not all servers are immune to a well-known OS vulnerability. Which of the following solutions would mitigate this issue? 

A. Host based firewall 

B. Initial baseline configurations 

C. Discretionary access control 

D. Patch management system 

Answer:

Explanation: 


Q620. Three of the primary security control types that can be implemented are. 

A. Supervisory, subordinate, and peer. 

B. Personal, procedural, and legal. 

C. Operational, technical, and management. 

D. Mandatory, discretionary, and permanent. 

Answer:

Explanation: 

The National Institute of Standards and Technology (NIST) places controls into various types. The control types fall into three categories: Management, Operational, and Technical.