Audit SY0-401 is considered the most greatly regarded as well as commanded examination inside subject. To pass the following process examination SY0-401 isnt that easy although with the service you will distinct SY0-401 in an initially option. The pros who possibly be competent on their areas and have absolutely a prefer to achieve with the maximum connected with capability as well as being successful they often use different documentation assessments that is why. Training assessments SY0-401 are usually true qualifications of which guarantee your own recruiters that you are highly skilled, skilled, as well as reliable.

2021 Mar SY0-401 free download

Q471. A security administrator is tasked with calculating the total ALE on servers. In a two year period of time, a company has to replace five servers. Each server replacement has cost the company $4,000 with downtime costing $3,000. Which of the following is the ALE for the company? 

A. $7,000 

B. $10,000 

C. $17,500 

D. $35,000 

Answer:

Explanation: 

SLE × ARO = ALE, where SLE is equal to asset value (AV) times exposure factor (EF); and ARO is the annualized rate of occurrence. SLE =($4000 + $3000) x 5 = $35000 ARO = 2 years Thus per year it would be 50% = 0,5 The ALE is thus $35000 x 0.5 = $17500 


Q472. While securing a network it is decided to allow active FTP connections into the network. Which of the following ports MUST be configured to allow active FTP connections? (Select TWO). 

A. 20 

B. 21 

C. 22 

D. 68 

E. 69 

Answer: A,B 

Explanation: 


Q473. Which of the following uses both a public and private key? 

A. RSA 

B. AES 

C. MD5 

D. SHA 

Answer:

Explanation: 

The RSA algorithm is an early public-key encryption system that uses large integers as the basis 

for the process. 

RSA uses both a public key and a secret. 

RSA key generation process: 

1.

 Generate two large random primes, p and q, of approximately equal size such that their product, n = pq, is of the required bit length (such as 2048 bits, 4096 bits, and so forth). Let n = pq Let m = (p-1)(q-1) 

2.

 Choose a small number e, co-prime to m (note: Two numbers are co-prime if they have no common factors). 

3.

 Find d, such that de % m = 1 

4.

 Publish e and n as the public key. Keep d and n as the secret key. 


Q474. The datacenter design team is implementing a system, which requires all servers installed in racks to face in a predetermined direction. AN infrared camera will be used to verify that servers are properly racked. Which of the following datacenter elements is being designed? 

A. Hot and cold aisles 

B. Humidity control 

C. HVAC system 

D. EMI shielding 

Answer:

Explanation: 

There are often multiple rows of servers located in racks in server rooms. The rows of servers are known as aisles, and they can be cooled as hot aisles and cold aisles. With a hot aisle, hot air outlets are used to cool the equipment, whereas with cold aisles, cold air intake is used to cool the equipment. Combining the two, you have cold air intake from below the aisle and hot air outtake above it, providing constant circulation. Infrared cameras are heat detection measures thus it is hot and cold aisle design elements. 


Q475. Which of the following would the security engineer set as the subnet mask for the servers below to utilize host addresses on separate broadcast domains? 

Server 1: 192.168.100.6 

Server 2: 192.168.100.9 

Server 3: 192.169.100.20 

A. /24 

B. /27 

C. /28 

D. /29 

E. /30 

Answer:

Explanation: 

Using this option will result in all three servers using host addresses on different broadcast domains. 


Improved SY0-401 exam prep:

Q476. A technician has implemented a system in which all workstations on the network will receive security updates on the same schedule. Which of the following concepts does this illustrate? 

A. Patch management 

B. Application hardening 

C. White box testing 

D. Black box testing 

Answer:

Explanation: 

Explanation: Patch management is the process of maintaining the latest source code for applications and operating systems by applying the latest vendor updates. This helps protect a systems from newly discovered attacks and vulnerabilities. A part of patch management is testing the effects of vendor updates on a test system before applying the updates on a production system, and scheduling updates. 


Q477. Which of the following is a way to implement a technical control to mitigate data loss in case of a mobile device theft? 

A. Disk encryption 

B. Encryption policy 

C. Solid state drive 

D. Mobile device policy 

Answer:

Explanation: 

Disk and device encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should the device be stolen. 


Q478. Which of the following could cause a browser to display the message below? 

"The security certificate presented by this website was issued for a different website’s address." 

A. The website certificate was issued by a different CA than what the browser recognizes in its trusted CAs. 

B. The website is using a wildcard certificate issued for the company’s domain. 

C. HTTPS://127.0.01 was used instead of HTTPS://localhost. 

D. The website is using an expired self signed certificate. 

Answer:

Explanation: 

PKI is a two-key, asymmetric system with four main components: certificate authority (CA), registration authority (RA), RSA (the encryption algorithm), and digital certificates. In typical public key infrastructure (PKI) arrangements, a digital signature from a certificate authority (CA) attests that a particular public key certificate is valid (i.e., contains correct information). Users, or their software on their behalf, check that the private key used to sign some certificate matches the public key in the CA's certificate. Since CA certificates are often signed by other, "higher-ranking," CAs, there must necessarily be a highest CA, which provides the ultimate in attestation authority in that particular PKI scheme. Localhost is a hostname that means this computer and may be used to access the computer's own network services via its loopback network interface. Using the loopback interface bypasses local network interface hardware. In this case the HTTPS://127.0.01 was used and not HTTPS//localhost 


Q479. Which of the following attacks targets high level executives to gain company information? 

A. Phishing 

B. Whaling 

C. Vishing 

D. Spoofing 

Answer:

Explanation: 

Whaling is a specific kind of malicious hacking within the more general category of phishing, which involves hunting for data that can be used by the hacker. In general, phishing efforts are focused on collecting personal data about users. In whaling, the targets are high-ranking bankers, executives or others in powerful positions or job titles. Hackers who engage in whaling often describe these efforts as "reeling in a big fish," applying a familiar metaphor to the process of scouring technologies for loopholes and opportunities for data theft. Those who are engaged in whaling may, for example, hack into specific networks where these powerful individuals work or store sensitive data. They may also set up keylogging or other malware on a work station associated with one of these executives. There are many ways that hackers can pursue whaling, leading C-level or top-level executives in business and government to stay vigilant about the possibility of cyber threats. 


Q480. During a recent investigation, an auditor discovered that an engineer’s compromised workstation was being used to connect to SCADA systems while the engineer was not logged in. The engineer is responsible for administering the SCADA systems and cannot be blocked from connecting to them. The SCADA systems cannot be modified without vendor approval which requires months of testing. 

Which of the following is MOST likely to protect the SCADA systems from misuse? 

A. Update anti-virus definitions on SCADA systems 

B. Audit accounts on the SCADA systems 

C. Install a firewall on the SCADA network 

D. Deploy NIPS at the edge of the SCADA network 

Answer:

Explanation: 

A supervisory control and data acquisition (SCADA) system is an industrial control system (ICS) that is used to control infrastructure processes, facility-based processes, or industrial processes. A network-based IPS (NIPS) is an intrusion detection and prevention system that scans network traffic in real time against a database of attack signatures. It is useful for detecting and responding to network-based attacks originating from outside the organization.