The Actualtests CompTIA SY0-401 simulation analyze study guidebook covers all the crucial contents of the CompTIA SY0-401 certification program. The CompTIA CompTIA SY0-401 exam questions are generally upgraded timely in line with your latest genuine exam. We guarantee you a new reliable, current, real CompTIA SY0-401 training analyze, which creates a great outstanding real CompTIA CompTIA SY0-401 testing atmosphere. Youll be able to utilize your CompTIA CompTIA SY0-401 study guidebook more than one particular time and make several alteration according to your own personal needs. You may be able to very easily pass the CompTIA CompTIA SY0-401 quiz without having any kind of trouble. Our newest Actualtests CompTIA CompTIA practice exam questions make your own skills extremely sharp and provide you with a vast understanding. Actualtests offers several CompTIA CompTIA SY0-401 practice exam questions and answers regarding all test-takers through the elementary level towards the advanced stage. Be one of those who acquire their CompTIA CompTIA certification just by a new click with Actualtests, you will always be very proud. The particular CompTIA certification must be a great advantage for you to be able to compete a high-paying task with others.
2021 Mar SY0-401 book
Q261. An email client says a digital signature is invalid and the sender cannot be verified. The recipient is concerned with which of the following concepts?
A. Integrity
B. Availability
C. Confidentiality
D. Remediation
Answer: A
Explanation:
A digital signature is similar in function to a standard signature on a document. It validates the integrity of the message and the sender. The message is encrypted using the encryption system, and a second piece of information, the digital signature, is added to the message. Digital Signatures is used to validate the integrity of the message and the sender. Integrity means the message can’t be altered without detection.
Q262. Which of the following is a Data Loss Prevention (DLP) strategy and is MOST useful for securing data in use?
A. Email scanning
B. Content discovery
C. Database fingerprinting
D. Endpoint protection
Answer: D
Explanation:
Data loss prevention (DLP) systems monitor the contents of systems (workstations, servers, and networks) to make sure that key content is not deleted or removed. They also monitor who is using the data (looking for unauthorized access) and transmitting the data. DLP systems share commonality with network intrusion prevention systems. Endpoint protection provides security and management over both physical and virtual environments.
Q263. Pete, the system administrator, wishes to monitor and limit users’ access to external websites.
Which of the following would BEST address this?
A. Block all traffic on port 80.
B. Implement NIDS.
C. Use server load balancers.
D. Install a proxy server.
Answer: D
Explanation:
A proxy is a device that acts on behalf of other(s). In the interest of security, all internal user interaction with the Internet should be controlled through a proxy server. The proxy server should automatically block known malicious sites. The proxy server should cache often-accessed sites to improve performance.
Q264. At the outside break area, an employee, Ann, asked another employee to let her into the building because her badge is missing. Which of the following does this describe?
A. Shoulder surfing
B. Tailgating
C. Whaling
D. Impersonation
Answer: B
Explanation:
Although Ann is an employee and therefore authorized to enter the building, she does not have her badge and therefore strictly she should not be allowed to enter the building. Just as a driver can tailgate another driver’s car by following too closely, in the security sense, tailgating means to compromise physical security by following somebody through a door meant to keep out intruders. Tailgating is actually a form of social engineering, whereby someone who is not authorized to enter a particular area does so by following closely behind someone who is authorized.
Q265. Which of the following allows lower level domains to access resources in a separate Public Key Infrastructure?
A. Trust Model
B. Recovery Agent
C. Public Key
D. Private Key
Answer: A
Explanation:
In a bridge trust model allows lower level domains to access resources in a separate PKI through the root CA. A trust Model is collection of rules that informs application on how to decide the legitimacy of a
Digital Certificate.
In a bridge trust model, a peer-to-peer relationship exists among the root CAs. The root CAs can
communicate with one another, allowing cross certification. This arrangement allows a certification
process to be established between organizations or departments.
Each intermediate CA trusts only the CAs above and below it, but the CA structure can be
expanded without creating additional layers of CAs.
Abreast of the times SY0-401 pdf exam:
Q266. A security administrator has concerns about new types of media which allow for the mass distribution of personal comments to a select group of people. To mitigate the risks involved with this media, employees should receive training on which of the following?
A. Peer to Peer
B. Mobile devices
C. Social networking
D. Personally owned devices
Answer: C
Explanation:
There many companies that allow full use of social media in the workplace, believing that the marketing opportunities it holds outweigh any loss in productivity. What they are unknowingly minimizing are the threats that exist. Rather than being all new threats, the social networking/media threats tend to fall in the categories of the same old tricks used elsewhere but in a new format. A tweet can be sent with a shortened URL so that it does not exceed the 140-character limit set by Twitter; unfortunately, the user has no idea what the shortened URL leads to. This makes training your employees regarding the risks social networking entails essential.
Q267. Identifying a list of all approved software on a system is a step in which of the following practices?
A. Passively testing security controls
B. Application hardening
C. Host software baselining
D. Client-side targeting
Answer: C
Explanation:
Application baseline defines the level or standard of security that will be implemented and maintained for the application. It may include requirements of hardware components, operating system versions, patch levels, installed applications and their configurations, and available ports and services. Systems can be compared to the baseline to ensure that the required level of security is being maintained.
Q268. The helpdesk reports increased calls from clients reporting spikes in malware infections on their systems. Which of the following phases of incident response is MOST appropriate as a FIRST response?
A. Recovery
B. Follow-up
C. Validation
D. Identification
E. Eradication
F. Containment
Answer: D
Explanation:
To be able to respond to the incident of malware infection you need to know what type of malware was used since there are many types of malware around. This makes identification critical in this case.
Q269. The security administrator needs to manage traffic on a layer 3 device to support FTP from a new remote site. Which of the following would need to be implemented?
A. Implicit deny
B. VLAN management
C. Port security
D. Access control lists
Answer: D
Explanation:
In the OSI model, IP addressing and IP routing are performed at layer 3 (the network layer). In this question we need to configure routing. When configuring routing, you specify which IP range (in this case, the IP subnet of the remote site) is allowed to route traffic through the router to the FTP server.
Traffic that comes into the router is compared to ACL entries based on the order that the entries occur in the router. New statements are added to the end of the list. The router continues to look until it has a match. If no matches are found when the router reaches the end of the list, the traffic is denied. For this reason, you should have the frequently hit entries at the top of the list. There is an implied deny for traffic that is not permitted.
Q270. Which of the following concepts defines the requirement for data availability?
A. Authentication to RADIUS
B. Non-repudiation of email messages
C. Disaster recovery planning
D. Encryption of email messages
Answer: C
Explanation:
A disaster-recovery plan, or scheme, helps an organization respond effectively when a disaster occurs. Disasters may include system failure, network failure, infrastructure failure, and natural disaster. The primary emphasis of such a plan is reestablishing services and minimizing losses.