★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/SY0-401-dumps.html


Sighing up in Pass4sure.com, you may get all of the CompTIA CompTIA exam demos. The CompTIA SY0-401 exam questions along with answers are introduced in 2 forms. The 2 forms are Pdf along with Test Motor. Both tend to be free downloadable for you personally when we confirm the payment. You d better take a quiz prior to buying each of our CompTIA CompTIA products in order to check out the strong along with weak areas. Devote more time on the weak details and lay a new solid foundation for the CompTIA SY0-401 exam preparation.

2021 Apr SY0-401 exam

Q201. Which of the following allows a network administrator to implement an access control policy based on individual user characteristics and NOT on job function? 

A. Attributes based 

B. Implicit deny 

C. Role based 

D. Rule based 

Answer:

Explanation: 

Attribute-based access control allows access rights to be granted to users via policies, which combine attributes together. The policies can make use of any type of attributes, which includes user attributes, resource attributes and environment attributes. 


Q202. The loss prevention department has purchased a new application that allows the employees to monitor the alarm systems at remote locations. However, the application fails to connect to the vendor's server and the users are unable to log in. Which of the following are the MOST likely causes of this issue? (Select TWO). 

A. URL filtering 

B. Role-based access controls 

C. MAC filtering 

D. Port Security 

E. Firewall rules 

Answer: A,E 

Explanation: 


Q203. After encrypting all laptop hard drives, an executive officer’s laptop has trouble booting to the operating system. Now that it is successfully encrypted the helpdesk cannot retrieve the data. 

Which of the following can be used to decrypt the information for retrieval? 

A. Recovery agent 

B. Private key 

C. Trust models 

D. Public key 

Answer:

Explanation: 

To access the data the hard drive need to be decrypted. To decrypt the hard drive you would need 

the proper private key. The key recovery agent can retrieve the required key. 

A key recovery agent is an entity that has the ability to recover a key, key components, or plaintext 

messages as needed. 


Q204. Several employee accounts appear to have been cracked by an attacker. Which of the following should the security administrator implement to mitigate password cracking attacks? (Select TWO). 

A. Increase password complexity 

B. Deploy an IDS to capture suspicious logins 

C. Implement password history 

D. Implement monitoring of logins 

E. Implement password expiration 

F. Increase password length 

Answer: A,F 

Explanation: 

The more difficult a password is the more difficult it is to be cracked by an attacker. By increasing 

the password complexity you make it more difficult. 

Passwords that are too short can easily be cracked. The more characters used in a password, 

combined with the increased complexity will mitigate password cracking attacks. 


Q205. Which of the following can Joe, a security administrator, implement on his network to capture attack details that are occurring while also protecting his production network? 

A. Security logs 

B. Protocol analyzer 

C. Audit logs 

D. Honeypot 

Answer:

Explanation: 

A honeypot is a system whose purpose it is to be attacked. An administrator can watch and study 

the attack to research current attack methodologies. 

According to the Wepopedia.com, a Honeypot luring a hacker into a system has several main 

purposes: 

The administrator can watch the hacker exploit the vulnerabilities of the system, thereby learning 

where the system has weaknesses that need to be redesigned. 

The hacker can be caught and stopped while trying to obtain root access to the system. 

By studying the activities of hackers, designers can better create more secure systems that are 

potentially invulnerable to future hackers. 

There are two main types of honeypots: 

Production - A production honeypot is one used within an organization's environment to help 

mitigate risk. 

Research – A research honeypot add value to research in computer security by providing a platform to study the threat. 


Renewal SY0-401 simulations:

Q206. A company recently experienced data loss when a server crashed due to a midday power outage. 

Which of the following should be used to prevent this from occurring again? 

A. Recovery procedures 

B. EMI shielding 

C. Environmental monitoring 

D. Redundancy 

Answer:

Explanation: 

Redundancy refers to systems that either are duplicated or fail over to other systems in the event of a malfunction (in this case a power outage). Failover refers to the process of reconstructing a system or switching over to other systems when a failure is detected. In the case of a server, the server switches to a redundant server when a fault is detected. This strategy allows service to continue uninterrupted until the primary server can be restored. 


Q207. Matt, a security administrator, wants to ensure that the message he is sending does not get intercepted or modified in transit. This concern relates to which of the following concepts? 

A. Availability 

B. Integrity 

C. Accounting 

D. Confidentiality 

Answer:

Explanation: 

Integrity means ensuring that data has not been altered. Hashing and message authentication codes are the most common methods to accomplish this. In addition, ensuring nonrepudiation via digital signatures supports integrity. 


Q208. After running into the data center with a vehicle, attackers were able to enter through the hole in the building and steal several key servers in the ensuing chaos. Which of the following security measures can be put in place to mitigate the issue from occurring in the future? 

A. Fencing 

B. Proximity readers 

C. Video surveillance 

D. Bollards 

Answer:

Explanation: 

To stop someone from entering a facility, barricades or gauntlets can be used. These are often used in conjunction with guards, fencing, and other physical security measures. Bollards are physical barriers that are strong enough to withstand impact with a vehicle. 


Q209. ON NO: 50 

The Human Resources department has a parent shared folder setup on the server. There are two groups that have access, one called managers and one called staff. There are many sub folders under the parent shared folder, one is called payroll. The parent folder access control list propagates all subfolders and all subfolders inherit the parent permission. Which of the following is the quickest way to prevent the staff group from gaining access to the payroll folder? 

A. Remove the staff group from the payroll folder 

B. Implicit deny on the payroll folder for the staff group 

C. Implicit deny on the payroll folder for the managers group 

D. Remove inheritance from the payroll folder 

Answer:

Explanation: Implicit deny is the default security stance that says if you aren’t specifically granted access or privileges for a resource, you’re denied access by default. 


Q210. A corporation is looking to expand their data center but has run out of physical space in which to store hardware. Which of the following would offer the ability to expand while keeping their current data center operated by internal staff? 

A. Virtualization 

B. Subnetting 

C. IaaS 

D. SaaS 

Answer:

Explanation: 

Virtualization allows a single set of hardware to host multiple virtual machines.