Certleader provide SY0-401 analyze prep materials for CompTIA certification exam. And you can download probably the most efficient as well as original CompTIA SY0-401 analyze demos. Certleader experts design the CompTIA SY0-401 practice tests in accordance with the genuine exam and the most recent syllabus. The kind of the sample questions may be the same because actual test-multiple choice. The particular CompTIA SY0-401 test prep will be designed with superb quality as well as high standard associated with accuracy. The sophisticated analyze engine will leave you a deep impression. It can make you feel that you are taking genuine CompTIA SY0-401 test. The particular team of our own staff members constantly update your CompTIA SY0-401 exam dumps in order to offer with the most recent training materials for our own customers. Your own satisfaction is our own main target. Were so confident that you will pass your exam after utilizing our SY0-401 goods.


♥♥ 2021 NEW RECOMMEND ♥♥

Free VCE & PDF File for CompTIA SY0-401 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/SY0-401-exam-dumps.html

2021 Apr SY0-401 brain dumps

Q371. Which of the following assessments would Pete, the security administrator, use to actively test that an application’s security controls are in place? 

A. Code review 

B. Penetration test 

C. Protocol analyzer 

D. Vulnerability scan 

Answer:

Explanation: 

Penetration testing (also called pen testing) is the practice of testing a computer system, network or Web application to find vulnerabilities that an attacker could exploit. Pen tests can be automated with software applications or they can be performed manually. Either way, the process includes gathering information about the target before the test (reconnaissance), identifying possible entry points, attempting to break in (either virtually or for real) and reporting back the findings. The main objective of penetration testing is to determine security weaknesses. A pen test can also be used to test an organization's security policy compliance, its employees' security awareness and the organization's ability to identify and respond to security incidents. Penetration tests are sometimes called white hat attacks because in a pen test, the good guys are attempting to break in. 

Pen test strategies include: 

Targeted testing Targeted testing is performed by the organization's IT team and the penetration testing team working together. It's sometimes referred to as a "lights-turned-on" approach because everyone can see the test being carried out. 

External testing This type of pen test targets a company's externally visible servers or devices including domain name servers (DNS), e-mail servers, Web servers or firewalls. The objective is to find out if an outside attacker can get in and how far they can get in once they've gained access. 

Internal testing This test mimics an inside attack behind the firewall by an authorized user with standard access privileges. This kind of test is useful for estimating how much damage a disgruntled employee could cause. 

Blind testing A blind test strategy simulates the actions and procedures of a real attacker by severely limiting the information given to the person or team that's performing the test beforehand. Typically, they may only be given the name of the company. Because this type of test can require a considerable amount of time for reconnaissance, it can be expensive. 

Double blind testing Double blind testing takes the blind test and carries it a step further. In this type of pen test, only one or two people within the organization might be aware a test is being conducted. Double-blind tests can be useful for testing an organization's security monitoring and incident identification as well as its response procedures. 


Q372. Some customers have reported receiving an untrusted certificate warning when visiting the company’s website. The administrator ensures that the certificate is not expired and that customers have trusted the original issuer of the certificate. Which of the following could be causing the problem? 

A. The intermediate CA certificates were not installed on the server. 

B. The certificate is not the correct type for a virtual server. 

C. The encryption key used in the certificate is too short. 

D. The client’s browser is trying to negotiate SSL instead of TLS. 

Answer:

Explanation: 

In a hierarchical trust model, also known as a tree, a root CA at the top provides all of the information. The intermediate CAs are next in the hierarchy, and they trust only information provided by the root CA. The root CA also trusts intermediate CAs that are in their level in the hierarchy and none that aren’t. 


Q373. The fundamental information security principals include confidentiality, availability and which of the following? 

A. The ability to secure data against unauthorized disclosure to external sources 

B. The capacity of a system to resist unauthorized changes to stored information 

C. The confidence with which a system can attest to the identity of a user 

D. The characteristic of a system to provide uninterrupted service to authorized users 

Answer:

Explanation: Confidentiality, integrity, and availability, which make up the CIA triad, are the three most important concepts in security. In this instance, the answer describes the Integrity part of the CIA triad. 


Q374. Which of the following ports would be blocked if Pete, a security administrator, wants to deny access to websites? 

A. 21 

B. 25 

C. 80 

D. 3389 

Answer:

Explanation: 

Port 80 is used by HTTP, which is the foundation of data communication for the World Wide Web. 


Q375. Which of the following presents the STRONGEST access control? 

A. MAC 

B. TACACS 

C. DAC 

D. RBAC 

Answer:

Explanation: 

A: With Mandatory Access Control (MAC) all access is predefined. This makes it the strongest access control of the options presented in the question. 


Most recent SY0-401 exam answers:

Q376. Configuring key/value pairs on a RADIUS server is associated with deploying which of the following? 

A. WPA2-Enterprise wireless network 

B. DNS secondary zones 

C. Digital certificates 

D. Intrusion detection system 

Answer:

Explanation: 

WPA2-Enterprise is designed for enterprise networks and requires a RADIUS authentication server. 


Q377. A program has been discovered that infects a critical Windows system executable and stays dormant in memory. When a Windows mobile phone is connected to the host, the program infects the phone’s boot loader and continues to target additional Windows PCs or phones. Which of the following malware categories BEST describes this program? 

A. Zero-day 

B. Trojan 

C. Virus 

D. Rootkit 

Answer:

Explanation: 

A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. Viruses can also replicate themselves. All computer viruses are man-made. A simple virus that can make a copy of itself over and over again is relatively easy to produce. Even such a simple virus is dangerous because it will quickly use all available memory and bring the system to a halt. An even more dangerous type of virus is one capable of transmitting itself across networks and bypassing security systems. Some people distinguish between general viruses and worms. A worm is a special type of virus that can replicate itself and use memory, but cannot attach itself to other programs. 


Q378. The security administrator at ABC company received the following log information from an external party: 

10:45:01 EST, SRC 10.4.3.7:3056, DST 8.4.2.1:80, ALERT, Directory traversal 

10:45:02 EST, SRC 10.4.3.7:3057, DST 8.4.2.1:80, ALERT, Account brute force 

10:45:03 EST, SRC 10.4.3.7:3058, DST 8.4.2.1:80, ALERT, Port scan 

The external party is reporting attacks coming from abc-company.com. Which of the following is the reason the ABC company’s security administrator is unable to determine the origin of the attack? 

A. A NIDS was used in place of a NIPS. 

B. The log is not in UTC. 

C. The external party uses a firewall. 

D. ABC company uses PAT. 

Answer:

Explanation: 

PAT would ensure that computers on ABC’s LAN translate to the same IP address, but with a different port number assignment. The log information shows the IP address, not the port number, making it impossible to pin point the exact source. 


Q379. Which of the following assets is MOST likely considered for DLP? 

A. Application server content 

B. USB mass storage devices 

C. Reverse proxy 

D. Print server 

Answer:

Explanation: 

Data loss prevention (DLP) systems monitor the contents of systems (workstations, servers, and networks) to make sure that key content is not deleted or removed. They also monitor who is using the data (looking for unauthorized access) and transmitting the data. A USB presents the most likely device to be used to steal data because of its physical size. 


Q380. Users require access to a certain server depending on their job function. Which of the following would be the MOST appropriate strategy for securing the server? 

A. Common access card 

B. Role based access control 

C. Discretionary access control 

D. Mandatory access control 

Answer:

Explanation: 

Role-based Access Control is basically based on a user’s job description. When a user is assigned a specific role in an environment, that user’s access to objects is granted based on the required tasks of that role.