★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/SY0-401-dumps.html


Advantages of CompTIA SY0-401: This SY0-401 certs with CompTIA present you with the possibility to be employed in any part on the planet as it would be recognized both equally in all of the countries. It all besides elevates your talent and data nevertheless enables you to create your employment. CompTIA SY0-401 certificate gives the possibility to create skilled and better utilization of virtually all goods under unique disorders.

2021 Sep actual test sy0-401:

Q661. The Chief Executive Officer (CEO) receives a suspicious voice mail warning of credit card fraud. No one else received the voice mail. Which of the following BEST describes this attack? 

A. Whaling 

B. Vishing 

C. Spear phishing 

D. Impersonation 

Answer: A 

Explanation: 


Q662. A security administrator is tackling issues related to authenticating users at a remote site. There have been a large number of security incidents that resulted from either tailgating or impersonation of authorized users with valid credentials. The security administrator has been told to implement multifactor authentication in order to control facility access. To secure access to the remote facility, which of the following could be implemented without increasing the amount of space required at the entrance? 

A. MOTD challenge and PIN pad 

B. Retina scanner and fingerprint reader 

C. Voice recognition and one-time PIN token 

D. One-time PIN token and proximity reader 

Answer: C 

Explanation: 


Q663. Sara, an employee, tethers her smartphone to her work PC to bypass the corporate web security gateway while connected to the LAN. While Sara is out at lunch her PC is compromised via the tethered connection and corporate data is stolen. Which of the following would BEST prevent this from occurring again? 

A. Disable the wireless access and implement strict router ACLs. 

B. Reduce restrictions on the corporate web security gateway. 

C. Security policy and threat awareness training. 

D. Perform user rights and permissions reviews. 

Answer: C 

Explanation: 

BYOD (In this case Sara’s smart phone) involves the possibility of a personal device that is infected with malware introducing that malware to the network and security awareness training will address the issue of the company’s security policy with regard to BYOD. 


Q664. Which of the following allows a company to maintain access to encrypted resources when employee turnover is high? 

A. Recovery agent 

B. Certificate authority 

C. Trust model 

D. Key escrow 

Answer: A 

Explanation: 

If an employee leaves and we need access to data he has encrypted, we can use the key recovery agent to retrieve his decryption key. We can use this recovered key to access the data. A key recovery agent is an entity that has the ability to recover a key, key components, or plaintext messages as needed. As opposed to escrow, recovery agents are typically used to access information that is encrypted with older keys. 


Q665. A large multinational corporation with networks in 30 countries wants to establish an understanding of their overall public-facing network attack surface. Which of the following security techniques would be BEST suited for this? 

A. External penetration test 

B. Internal vulnerability scan 

C. External vulnerability scan 

D. Internal penetration test 

Answer: C 

Explanation: 


SY0-401 exam question

Down to date security+ + sy0-401 practice test:

Q666. A company that purchased an HVAC system for the datacenter is MOST concerned with which of the following? 

A. Availability 

B. Integrity 

C. Confidentiality 

D. Fire suppression 

Answer: A 

Explanation: 

Availability means simply to make sure that the data and systems are available for authorized users. Data backups, redundant systems, and disaster recovery plans all support availability; as does environmental support by means of HVAC. 


Q667. The network security engineer just deployed an IDS on the network, but the Chief Technical Officer (CTO) has concerns that the device is only able to detect known anomalies. Which of the following types of IDS has been deployed? 

A. Signature Based IDS 

B. Heuristic IDS 

C. Behavior Based IDS 

D. Anomaly Based IDS 

Answer: A 

Explanation: 

A signature based IDS will monitor packets on the network and compare them against a database of signatures or attributes from known malicious threats. 


Q668. Which of the following BEST explains the use of an HSM within the company servers? 

A. Thumb drives present a significant threat which is mitigated by HSM. 

B. Software encryption can perform multiple functions required by HSM. 

C. Data loss by removable media can be prevented with DLP. 

D. Hardware encryption is faster than software encryption. 

Answer: D 

Explanation: 

Hardware Security Module (HSM) is a cryptoprocessor that can be used to enhance security. It provides a fast solution for the for large asymmetrical encryption calculations and is much faster than software-based cryptographic solutions. 


Q669. Which of the following mitigation strategies is established to reduce risk when performing updates to business critical systems? 

A. Incident management 

B. Server clustering 

C. Change management 

D. Forensic analysis 

Answer: C 

Explanation: 

Change Management is a risk mitigation approach and refers to the structured approach that is followed to secure a company’s assets. In this case ‘performing updates to business critical systems. 


Q670. A bank has recently deployed mobile tablets to all loan officers for use at customer sites. Which of the following would BEST prevent the disclosure of customer data in the event that a tablet is lost or stolen? 

A. Application control 

B. Remote wiping 

C. GPS 

D. Screen-locks 

Answer: B 

Explanation: 

Remote wipe is the process of deleting data on a device in the event that the device is stolen. This is performed over remote connections such as the mobile phone service or the internet connection and helps ensure that sensitive data is not accessed by unauthorized people.