★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/SY0-401-dumps.html


By producing the utmost regarding our CompTIA SY0-401 goods which contain SY0-401 exam question as well as answers, you are bond to have through the CompTIA true test. All of us guarantee your success with the help regarding CompTIA SY0-401 professionally written practice questions as well as answers at Ucertify. Each of our CompTIA practice materials gives you comprehensive coaching for the SY0-401 exam syllabus. Cracking the CompTIA CompTIA exam is no difficulty with our own precise, accurate as well as logical dumps. The feedback as well as high passing ratio could prove our own promise. All of us offer an individual the money-back policy just in case you fail in the 1st attempt after making use of CompTIA SY0-401 products.

2021 Mar SY0-401 test question

Q131. Pete, a network administrator, is capturing packets on the network and notices that a large amount of the traffic on the LAN is SIP and RTP protocols. Which of the following should he do to segment that traffic from the other traffic? 

A. Connect the WAP to a different switch. 

B. Create a voice VLAN. 

C. Create a DMZ. 

D. Set the switch ports to 802.1q mode. 

Answer:

Explanation: 

It is a common and recommended practice to separate voice and data traffic by using VLANs. Separating voice and data traffic using VLANs provides a solid security boundary, preventing data applications from reaching the voice traffic. It also gives you a simpler method to deploy QoS, prioritizing the voice traffic over the data. 


Q132. After analyzing and correlating activity from multiple sensors, the security administrator has determined that a group of very well organized individuals from an enemy country is responsible for various attempts to breach the company network, through the use of very sophisticated and targeted attacks. Which of the following is this an example of? 

A. Privilege escalation 

B. Advanced persistent threat 

C. Malicious insider threat 

D. Spear phishing 

Answer:

Explanation: 

Definitions of precisely what an APT is can vary widely, but can best be summarized by their named requirements: Advanced – Criminal operators behind the threat utilize the full spectrum of computer intrusion technologies and techniques. While individual components of the attack may not be classed as particularly “advanced” (e.g. malware components generated from commonly available DIY construction kits, or the use of easily procured exploit materials), their operators can typically access and develop more advanced tools as required. They combine multiple attack methodologies and tools in order to reach and compromise their target. Persistent – Criminal operators give priority to a specific task, rather than opportunistically seeking immediate financial gain. This distinction implies that the attackers are guided by external entities. The attack is conducted through continuous monitoring and interaction in order to achieve the defined objectives. It does not mean a barrage of constant attacks and malware updates. In fact, a “low-and-slow” approach is usually more successful. Threat – means that there is a level of coordinated human involvement in the attack, rather than a mindless and automated piece of code. The criminal operators have a specific objective and are skilled, motivated, organized and well funded. 


Q133. An administrator is looking to implement a security device which will be able to not only detect network intrusions at the organization level, but help defend against them as well. Which of the following is being described here? 

A. NIDS 

B. NIPS 

C. HIPS 

D. HIDS 

Answer:

Explanation: 

Network-based intrusion prevention system (NIPS) monitors the entire network for suspicious traffic by analyzing protocol activity. The main functions of intrusion prevention systems are to identify malicious activity, log information about this activity, attempt to block/stop it, and report it 


Q134. A security administrator at a company which implements key escrow and symmetric encryption only, needs to decrypt an employee's file. The employee refuses to provide the decryption key to the file. Which of the following can the administrator do to decrypt the file? 

A. Use the employee's private key 

B. Use the CA private key 

C. Retrieve the encryption key 

D. Use the recovery agent 

Answer:

Explanation: 


Q135. A security administrator discovered that all communication over the company’s encrypted wireless network is being captured by savvy employees with a wireless sniffing tool and is then being decrypted in an attempt to steal other employee’s credentials. Which of the following technology is MOST likely in use on the company’s wireless? 

A. WPA with TKIP 

B. VPN over open wireless 

C. WEP128-PSK 

D. WPA2-Enterprise 

Answer:

Explanation: 

WEP's major weakness is its use of static encryption keys. When you set up a router with a WEP encryption key, that one key is used by every device on your network to encrypt every packet that's transmitted. But the fact that packets are encrypted doesn't prevent them from being intercepted, and due to some esoteric technical flaws it's entirely possible for an eavesdropper to intercept enough WEP-encrypted packets to eventually deduce what the key is. This problem used to be something you could mitigate by periodically changing the WEP key (which is why routers generally allow you to store up to four keys). But few bother to do this because changing WEP keys is inconvenient and time-consuming because it has to be done not just on the router, but on every device that connects to it. As a result, most people just set up a single key and then continue using it ad infinitum. Even worse, for those that do change the WEP key, new research and developments reinforce how even changing WEP keys frequently is no longer sufficient to protect a WLAN. The process of 'cracking' a WEP key used to require that a malicious hacker intercept millions of packets plus spend a fair amount of time and computing power. Researchers in the computer science department of a German university recently demonstrated the capability to compromise a WEP-protected network very quickly. After spending less than a minute intercepting data (fewer than 100,000 packets in all) they were able to compromise a WEP key in just three seconds. 


Up to the immediate present SY0-401 rapidshare:

Q136. When implementing fire suppression controls in a datacenter it is important to: 

A. Select a fire suppression system which protects equipment but may harm technicians. 

B. Ensure proper placement of sprinkler lines to avoid accidental leakage onto servers. 

C. Integrate maintenance procedures to include regularly discharging the system. 

D. Use a system with audible alarms to ensure technicians have 20 minutes to evacuate. 

Answer:

Explanation: 

Water-based systems can cause serious damage to all electrical equipment and the sprinkler lines in a fire suppression control system should be placed in such a way so as not to leak onto computers when it do get activated because it works with overhead nozzles. 


Q137. A security administrator wants to ensure that the message the administrator sends out to their Chief Financial Officer (CFO) does not get changed in route. Which of the following is the administrator MOST concerned with? 

A. Data confidentiality 

B. High availability 

C. Data integrity 

D. Business continuity 

Answer:

Explanation: 

Integrity is the process of ensuring that the information has not been altered during transmission. This can be accomplished by means of hashing. 


Q138. A technician is reviewing the logical access control method an organization uses. One of the senior managers requests that the technician prevent staff members from logging on during nonworking days. Which of the following should the technician implement to meet managements request? 

A. Enforce Kerberos 

B. Deploy smart cards 

C. Time of day restrictions 

D. Access control lists 

Answer:

Explanation: Time of day restrictions limit when users can access specific systems based on the time of day or week. It can limit access to sensitive environments to normal business hours. 


Q139. Which of the following protocols is used to validate whether trust is in place and accurate by returning responses of either "good", "unknown", or "revoked"? 

A. CRL 

B. PKI 

C. OCSP 

D. RA 

Answer:

Explanation: 

The Online Certificate Status Protocol (OCSP) is an Internet protocol used for obtaining the revocation status of an X.509 digital certificate. An OCSP responder (a server typically run by the certificate issuer) may return a signed response signifying that the certificate specified in the request is 'good', 'revoked', or 'unknown'. If it cannot process the request, it may return an error code. 


Q140. A systems administrator has implemented PKI on a classified government network. In the event that a disconnect occurs from the primary CA, which of the following should be accessible locally from every site to ensure users with bad certificates cannot gain access to the network? 

A. A CRL 

B. Make the RA available 

C. A verification authority 

D. A redundant CA 

Answer:

Explanation: 

A certificate revocation list (CRL) is created and distributed to all CAs to revoke a certificate or 

key. 

By checking the CRL you can check if a particular certificate has been revoked.