CompTIA CompTIA exam demos contain reliable as well as valuable questions & answers that may offer a person abundant main items to pass the actual exam on your very first try. These people cover every one of the topics in the CompTIA exam. Passing the actual exam will be a breeze for you. One of the obvious as well as distinct features associated with our CompTIA SY0-401 exam dumps is actually that that guarantees the success inside the real testing room. Get certified along with full confidence as well as hunt for a good job. Many of us also offer you the complete refund policy. If you don?¡¥t pass the actual CompTIA CompTIA SY0-401 certification exam after making use of our exam demos in the first attempt, you just need to email us your failed transcript, and youll get the income back quickly.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for CompTIA SY0-401 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/SY0-401-exam-dumps.html
2021 Mar SY0-401 practice exam
Q461. Users at a company report that a popular news website keeps taking them to a web page with derogatory content. This is an example of which of the following?
A. Evil twin
B. DNS poisoning
C. Vishing
D. Session hijacking
Answer: B
Explanation:
DNS spoofing (or DNS cache poisoning) is a computer hacking attack, whereby data is introduced into a Domain Name System (DNS) resolver's cache, causing the name server to return an incorrect IP address, diverting traffic to the attacker's computer (or any other computer). A domain name system server translates a human-readable domain name (such as example.com) into a numerical IP address that is used to route communications between nodes. Normally if the server doesn't know a requested translation it will ask another server, and the process continues recursively. To increase performance, a server will typically remember (cache) these translations for a certain amount of time, so that, if it receives another request for the same translation, it can reply without having to ask the other server again. When a DNS server has received a false translation and caches it for performance optimization, it is considered poisoned, and it supplies the false data to clients. If a DNS server is poisoned, it may return an incorrect IP address, diverting traffic to another computer (in this case, the server hosting the web page with derogatory content).
Q462. Which of the following protocols allows for the LARGEST address space?
A. IPX
B. IPv4
C. IPv6
D. Appletalk
Answer: C
Explanation:
The main advantage of IPv6 over IPv4 is its larger address space. The length of an IPv6 address is 128 bits, compared with 32 bits in IPv4.
Q463. After reviewing the firewall logs of her organization’s wireless APs, Ann discovers an unusually high amount of failed authentication attempts in a particular segment of the building. She remembers that a new business moved into the office space across the street. Which of the following would be the BEST option to begin addressing the issue?
A. Reduce the power level of the AP on the network segment
B. Implement MAC filtering on the AP of the affected segment
C. Perform a site survey to see what has changed on the segment
D. Change the WPA2 encryption key of the AP in the affected segment
Answer: A
Explanation:
Some access points include power level controls that allow you to reduce the amount of output provided if the signal is traveling too far.
Q464. Which of the following network architecture concepts is used to securely isolate at the boundary between networks?
A. VLAN
B. Subnetting
C. DMZ
D. NAT
Answer: C
Explanation:
A demilitarized zone (DMZ) is an area of a network that is designed specifically for public users to access. The DMZ is a buffer network between the public untrusted Internet and the private trusted LAN. Often a DMZ is deployed through the use of a multihomed firewall.
Q465. An information bank has been established to store contacts, phone numbers and other records. A UNIX application needs to connect to the index server using port 389. Which of the following authentication services should be used on this port by default?
A. RADIUS
B. Kerberos
C. TACACS+
D. LDAP
Answer: D
Explanation:
LDAP makes use of port 389.
Rebirth SY0-401 free practice test:
Q466. NO: 104
A UNIX administrator would like to use native commands to provide a secure way of connecting to other devices remotely and to securely transfer files. Which of the following protocols could be utilized? (Select TWO).
A. RDP
B. SNMP
C. FTP
D. SCP
E. SSH
Answer: D,E
Explanation:
SSH is used to establish a command-line, text-only interface connection with a server, router,
switch, or similar device over any distance.
Secure Copy Protocol (SCP) is a secure file-transfer facility based on SSH and Remote Copy
Protocol (RCP). SCP is commonly used on Linux and Unix platforms.
Q467. Which of the following transportation encryption protocols should be used to ensure maximum security between a web browser and a web server?
A. SSLv2
B. SSHv1
C. RSA
D. TLS
Answer: D
Explanation:
HTTP Secure HTTP Secure (HTTPS) is the protocol used for “secure” web pages that users should see when they must enter personal information such as credit card numbers, passwords, and other identifiers. It combines HTTP with SSL/TLS to provide encrypted communication. Transport Layer Security (TLS) is a security protocol that expands upon SSL. Many industry analysts predict that TLS will replace SSL, and it is also referred to as SSL 3.1.
Q468. Pete, a security engineer, is trying to inventory all servers in a rack. The engineer launches RDP sessions to five different PCs and notices that the hardware properties are similar. Additionally, the MAC addresses of all five servers appear on the same switch port. Which of the following is MOST likely the cause?
A. The system is running 802.1x.
B. The system is using NAC.
C. The system is in active-standby mode.
D. The system is virtualized.
Answer: D
Explanation:
Virtualization allows a single set of hardware to host multiple virtual machines.
Q469. Upper management decides which risk to mitigate based on cost. This is an example of:
A. Qualitative risk assessment
B. Business impact analysis
C. Risk management framework
D. Quantitative risk assessment
Answer: D
Explanation:
Quantitative analysis / assessment is used to the show the logic and cost savings in replacing a server for example before it fails rather than after the failure. Quantitative assessments assign a dollar amount.
Q470. By default, which of the following uses TCP port 22? (Select THREE).
A. FTPS
B. STELNET
C. TLS
D. SCP
E. SSL
F. HTTPS
G. SSH
H. SFTP
Answer: D,G,H
Explanation:
G: Secure Shell (SSH) is a cryptographic network protocol for securing data communication. It establishes a secure channel over an insecure network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login, remote command execution, but any network service can be secured with SSH. SSH uses port 22.
D: SCP stands for Secure Copy. SCP is used to securely copy files over a network. SCP uses SSH to secure the connection and therefore uses port 22.
H: SFTP stands for stands for Secure File Transfer Protocol and is used for transferring files using FTP over a secure network connection. SFTP uses SSH to secure the connection and therefore uses port 22.