♥♥ 2021 NEW RECOMMEND ♥♥

Free VCE & PDF File for CompTIA SY0-401 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/SY0-401-exam-dumps.html

Q281. Pete, a security administrator, is informed that people from the HR department should not have access to the accounting department’s server, and the accounting department should not have access to the HR department’s server. The network is separated by switches. Which of the following is designed to keep the HR department users from accessing the accounting department’s server and vice-versa? 

A. ACLs 

B. VLANs 

C. DMZs 

D. NATS 

Answer:

Explanation: 

A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. VLANs are used for traffic management. Communications between ports within the same VLAN occur without hindrance, but communications between VLANs require a routing function. 


Q282. HOTSPOT 

For each of the given items, select the appropriate authentication category from the dropdown choices. 

Instructions: When you have completed the simulation, please select the Done button to submit. 

Answer: 

Explanation: 

Something you are includes fingerprints, retina scans, or voice recognition. 

Something you have includes smart cards, token devices, or keys. 

Something you know includes a passwords, codes, PINs, combinations, or secret phrases. 

Somewhere you are includes a physical location s or logical addresses, such as domain name, an IP address, or a MAC address. 

Something you do includes your typing rhythm, a secret handshake, or a private knock. 

References: 

Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p 285. 


Q283. An administrator is investigating a system that may potentially be compromised, and sees the following log entries on the router. 

*Jul 15 14:47:29.779:%Router1: list 101 permitted tcp 192.10.3.204(57222) (FastEthernet 0/3) -> 

10.10.1.5 (6667), 3 packets. 

*Jul 15 14:47:38.779:%Router1: list 101 permitted tcp 192.10.3.204(57222) (FastEthernet 0/3) -> 

10.10.1.5 (6667), 6 packets. 

*Jul 15 14:47:45.779:%Router1: list 101 permitted tcp 192.10.3.204(57222) (FastEthernet 0/3) -> 

10.10.1.5 (6667), 8 packets. 

Which of the following BEST describes the compromised system? 

A. It is running a rogue web server 

B. It is being used in a man-in-the-middle attack 

C. It is participating in a botnet 

D. It is an ARP poisoning attack 

Answer:

Explanation: 


Q284. A security analyst needs to ensure all external traffic is able to access the company’s front-end servers but protect all access to internal resources. Which of the following network design elements would MOST likely be recommended? 

A. DMZ 

B. Cloud computing 

C. VLAN 

D. Virtualization 

Answer:

Explanation: 

A demilitarized zone (DMZ) is an area of a network that is designed specifically for public users to access. The DMZ is a buffer network between the public untrusted Internet and the private trusted LAN. Often a DMZ is deployed through the use of a multihomed firewall. 


Q285. An incident response team member needs to perform a forensics examination but does not have the required hardware. Which of the following will allow the team member to perform the examination with minimal impact to the potential evidence? 

A. Using a software file recovery disc 

B. Mounting the drive in read-only mode 

C. Imaging based on order of volatility 

D. Hashing the image after capture 

Answer:

Explanation: 

Mounting the drive in read-only mode will prevent any executable commands from being executed. This is turn will have the least impact on potential evidence using the drive in question. 


Q286. NO: 104 

A UNIX administrator would like to use native commands to provide a secure way of connecting to other devices remotely and to securely transfer files. Which of the following protocols could be utilized? (Select TWO). 

A. RDP 

B. SNMP 

C. FTP 

D. SCP 

E. SSH 

Answer: D,E 

Explanation: 

SSH is used to establish a command-line, text-only interface connection with a server, router, 

switch, or similar device over any distance. 

Secure Copy Protocol (SCP) is a secure file-transfer facility based on SSH and Remote Copy 

Protocol (RCP). SCP is commonly used on Linux and Unix platforms. 


Q287. Which of the following can be used to mitigate risk if a mobile device is lost? 

A. Cable lock 

B. Transport encryption 

C. Voice encryption 

D. Strong passwords 

Answer:

Explanation: 

Passwords are the most likely mechanism that can be used to mitigate risk when a mobile device is lost. A strong password would be more difficult to crack. 


Q288. The act of magnetically erasing all of the data on a disk is known as: 

A. Wiping 

B. Dissolution 

C. Scrubbing 

D. Degaussing 

Answer:

Explanation: 

Degaussing is a form a data wiping that entails the use of magnets to alter the magnetic structure of the storage medium. 


Q289. Ann, the system administrator, is installing an extremely critical system that can support ZERO downtime. Which of the following BEST describes the type of system Ann is installing? 

A. High availability 

B. Clustered 

C. RAID 

D. Load balanced 

Answer:

Explanation: 


Q290. In order to secure additional budget, a security manager wants to quantify the financial impact of a one-time compromise. Which of the following is MOST important to the security manager? 

A. Impact 

B. SLE 

C. ALE 

D. ARO 

Answer:

Explanation: