★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/SY0-401-dumps.html


By simply getting a good CompTIA an individual end up being anywhere near this much more detailed gain access to virtually any upcoming position ability or maybe improvement with an individuals expert living. SY0-401 recognition will be honored once the customer travels some sort of computerised examination developing in the guarded setting. The CompTIA SY0-401courses often incorporates a comprehensive lessons substance covering up the majority of the simple and easy sophisticated written content with the involved CompTIA item.

2021 Dec exam sy0-401 pdf:

Q511. An IT auditor tests an application as an authenticated user. This is an example of which of the following types of testing? 

A. Penetration 

B. White box 

C. Black box 

D. Gray box 

Answer:

Explanation: 

In this question, the tester is testing the application as an authenticated user. We can assume from this that the tester has at least limited knowledge of the application. This meets the criteria of a grey-box test. Gray box testing, also called gray box analysis, is a strategy for software debugging in which the tester has limited knowledge of the internal details of the program. A gray box is a device, program or system whose workings are partially understood. Gray box testing can be contrasted with black box testing, a scenario in which the tester has no knowledge or access to the internal workings of a program, or white box testing, a scenario in which the internal particulars are fully known. Gray box testing is commonly used in penetration tests. Gray box testing is considered to be non-intrusive and unbiased because it does not require that the tester have access to the source code. With respect to internal processes, gray box testing treats a program as a black box that must be analyzed from the outside. During a gray box test, the person may know how the system components interact but not have detailed knowledge about internal program functions and operation. A clear distinction exists between the developer and the tester, thereby minimizing the risk of personnel conflicts. 


Q512. During a penetration test from the Internet, Jane, the system administrator, was able to establish a connection to an internal router, but not successfully log in to it. Which ports and protocols are MOST likely to be open on the firewall? (Select FOUR). 

A. 21 

B. 22 

C. 23 

D. 69 

E. 3389 

F. SSH 

G. Terminal services 

H. Rlogin 

I. Rsync 

J. Telnet 

Answer: B,C,F,J 

Explanation: 

The question states that Jane was able to establish a connection to an internal router. Typical 

ports and protocols used to connect to a router include the following: 

B, F: Port 22 which is used by SSH (Secure Shell). 

C, J: Port 23 which is used by Telnet. 

SSH and Telnet both provide command line interfaces for administering network devices such as 

routers and switches. 


Q513. A server administrator notes that a legacy application often stops running due to a memory error. When reviewing the debugging logs, they notice code being run calling an internal process to exploit the machine. Which of the following attacks does this describe? 

A. Zero-day 

B. Buffer overflow 

C. Cross site scripting 

D. Malicious add-on 

Answer:

Explanation: 

This question describes a buffer overflow attack. 

A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. Although it may occur accidentally through programming error, buffer overflow is an increasingly common type of security attack on data integrity. In buffer overflow attacks, the extra data may contain codes designed to trigger specific actions, in effect sending new instructions to the attacked computer that could, for example, damage the user's files, change data, or disclose confidential information. Buffer overflow attacks are said to have arisen because the C programming language supplied the framework, and poor programming practices supplied the vulnerability. 


Q514. An administrator is instructed to disable IP-directed broadcasts on all routers in an organization. Which of the following attacks does this prevent? 

A. Pharming 

B. Smurf 

C. Replay 

D. Xmas 

Answer:

Explanation: 


Q515. Which of the following is a best practice when a mistake is made during a forensics examination? 

A. The examiner should verify the tools before, during, and after an examination. 

B. The examiner should attempt to hide the mistake during cross-examination. 

C. The examiner should document the mistake and workaround the problem. 

D. The examiner should disclose the mistake and assess another area of the disc. 

Answer:

Explanation: 

Every step in an incident response should be documented, including every action taken by end users and the incident-response team. 


Rebirth braindumps sy0-401:

Q516. Which of the following passwords is the LEAST complex? 

A. MyTrain!45 

B. Mytr@in!! 

C. MyTr@in12 

D. MyTr@in#8 

Answer:

Explanation: 

Password policies often enforce a minimum of three out of four standard character types, which includes uppercase and lowercase letters, numbers, and symbols. Although this option includes three of the four character types, it does not include numbers, which makes it less complex than the other options. 


Q517. Ann is a member of the Sales group. She needs to collaborate with Joe, a member of the IT group, to edit a file. Currently, the file has the following permissions: Ann: read/write 

Sales Group: read 

IT Group: no access 

If a discretionary access control list is in place for the files owned by Ann, which of the following would be the BEST way to share the file with Joe? 

A. Add Joe to the Sales group. 

B. Have the system administrator give Joe full access to the file. 

C. Give Joe the appropriate access to the file directly. 

D. Remove Joe from the IT group and add him to the Sales group. 

Answer:

Explanation: 


Q518. Which of the following file systems is from Microsoft and was included with their earliest operating systems? 

A. NTFS 

B. UFS 

C. MTFS 

D. FAT 

Answer:

Explanation: 

File Allocation Table (FAT) is a file system created by Microsoft and used for its earliest DOS operating systems. 


Q519. A security analyst performs the following activities: monitors security logs, installs surveillance cameras and analyzes trend reports. Which of the following job responsibilities is the analyst performing? (Select TWO). 

A. Detect security incidents 

B. Reduce attack surface of systems 

C. Implement monitoring controls 

D. Hardening network devices 

E. Prevent unauthorized access 

Answer: A,C 

Explanation: 


Q520. Ann, a security analyst, is preparing for an upcoming security audit. To ensure that she identifies unapplied security controls and patches without attacking or compromising the system, Ann would use which of the following? 

A. Vulnerability scanning 

B. SQL injection 

C. Penetration testing 

D. Antivirus update 

Answer:

Explanation: 

A vulnerability scan is the process of scanning the network and/or I.T. infrastructure for threats and vulnerabilities. The threats and vulnerabilities are then evaluated in a risk assessment and the necessary actions taken to resolve and vulnerabilities. A vulnerability scan scans for known weaknesses such as missing patches or security updates. 

A vulnerability scan is the automated process of proactively identifying security vulnerabilities of computing systems in a network in order to determine if and where a system can be exploited and/or threatened. While public servers are important for communication and data transfer over the Internet, they open the door to potential security breaches by threat agents, such as malicious hackers. Vulnerability scanning employs software that seeks out security flaws based on a database of known flaws, testing systems for the occurrence of these flaws and generating a report of the findings that an individual or an enterprise can use to tighten the network's security.