We provide real sy0 401 vce exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass CompTIA comptia security+ sy0 401 pdf Exam quickly & easily. The sy0 401 dump PDF type is available for reading and printing. You can print more and practice many times. With the help of our CompTIA sy0 401 pdf dumps pdf and vce product and material, you can easily pass the comptia security+ sy0 401 exam.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for CompTIA SY0-401 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/SY0-401-exam-dumps.html
Q291. An organization does not have adequate resources to administer its large infrastructure. A security administrator wishes to integrate the security controls of some of the network devices in the organization. Which of the following methods would BEST accomplish this goal?
A. Unified Threat Management
B. Virtual Private Network
C. Single sign on
D. Role-based management
Answer: A
Explanation:
Unified Threat Management (UTM) is, basically, the combination of a firewall with other abilities.
These abilities include intrusion prevention, antivirus, content filtering, etc. Advantages of
combining everything into one:
You only have one product to learn.
You only have to deal with a single vendor.
IT provides reduced complexity.
Q292. A network administrator needs to provide daily network usage reports on all layer 3 devices without compromising any data while gathering the information. Which of the following would be configured to provide these reports?
A. SNMP
B. SNMPv3
C. ICMP
D. SSH
Answer: B
Explanation:
Currently, SNMP is predominantly used for monitoring and performance management. SNMPv3 defines a secure version of SNMP and also facilitates remote configuration of the SNMP entities.
Q293. The Chief Technical Officer (CTO) has been informed of a potential fraud committed by a database administrator performing several other job functions within the company. Which of the following is the BEST method to prevent such activities in the future?
A. Job rotation
B. Separation of duties
C. Mandatory Vacations
D. Least Privilege
Answer: B
Explanation:
Separation of duties means that users are granted only the permissions they need to do their work and no more. More so it means that you are employing best practices. The segregation of duties and separation of environments is a way to reduce the likelihood of misuse of systems or information. A separation of duties policy is designed to reduce the risk of fraud and to prevent other losses in an organization.
Q294. A security analyst has been notified that trade secrets are being leaked from one of the executives in the corporation. When reviewing this executive’s laptop they notice several pictures of the employee’s pets are on the hard drive and on a cloud storage network. When the analyst hashes the images on the hard drive against the hashes on the cloud network they do not match.
Which of the following describes how the employee is leaking these secrets?
A. Social engineering
B. Steganography
C. Hashing
D. Digital signatures
Answer: B
Explanation:
Steganography is the process of hiding one message in another. Steganography may also be referred to as electronic watermarking. It is also the process of hiding a message in a medium such as a digital image, audio fi le, or other fi le. In theory, doing this prevents analysts from detecting the real message. You could encode your message in another file or message and use that file to hide your message.
Q295. Datacenter access is controlled with proximity badges that record all entries and exits from the datacenter. The access records are used to identify which staff members accessed the data center in the event of equipment theft. Which of the following MUST be prevented in order for this policy to be effective?
A. Password reuse
B. Phishing
C. Social engineering
D. Tailgating
Answer: D
Explanation:
Tailgating is the term used for someone being so close to you when you enter a building that they are able to come in right behind you without needing to use a key, a card, or any other security device. This should be prevented in this case.
Q296. Which of the following are examples of detective controls?
A. Biometrics, motion sensors and mantraps.
B. Audit, firewall, anti-virus and biometrics.
C. Motion sensors, intruder alarm and audit.
D. Intruder alarm, mantraps and firewall.
Answer: C
Explanation:
Q297. Which of the following helps to establish an accurate timeline for a network intrusion?
A. Hashing images of compromised systems
B. Reviewing the date of the antivirus definition files
C. Analyzing network traffic and device logs
D. Enforcing DLP controls at the perimeter
Answer: C
Explanation:
Q298. An active directory setting restricts querying to only secure connections. Which of the following ports should be selected to establish a successful connection?
A. 389
B. 440
C. 636
D. 3286
Answer: C
Explanation:
Q299. A security administrator is responsible for performing periodic reviews of user permission settings due to high turnover and internal transfers at a corporation. Which of the following BEST describes the procedure and security rationale for performing such reviews?
A. Review all user permissions and group memberships to ensure only the minimum set of permissions required to perform a job is assigned.
B. Review the permissions of all transferred users to ensure new permissions are granted so the employee can work effectively.
C. Ensure all users have adequate permissions and appropriate group memberships, so the volume of help desk calls is reduced.
D. Ensure former employee accounts have no permissions so that they cannot access any network file stores and resources.
Answer: A
Explanation:
Reviewing user permissions and group memberships form part of a privilege audit is used to determine that all groups, users, and other accounts have the appropriate privileges assigned according to the policies of the corporation.
Q300. Which of the following is the term for a fix for a known software problem?
A. Skiff
B. Patch
C. Slipstream
D. Upgrade
Answer: B
Explanation:
Patch management is the process of maintaining the latest source code for applications and operating systems by applying the latest vendor updates. This helps protect a systems from newly discovered attacks and vulnerabilities.