♥♥ 2021 NEW RECOMMEND ♥♥

Free VCE & PDF File for CompTIA SY0-401 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/SY0-401-exam-dumps.html

Q421. Which of the following assessments would Pete, the security administrator, use to actively test that an application’s security controls are in place? 

A. Code review 

B. Penetration test 

C. Protocol analyzer 

D. Vulnerability scan 

Answer:

Explanation: 

Penetration testing (also called pen testing) is the practice of testing a computer system, network or Web application to find vulnerabilities that an attacker could exploit. Pen tests can be automated with software applications or they can be performed manually. Either way, the process includes gathering information about the target before the test (reconnaissance), identifying possible entry points, attempting to break in (either virtually or for real) and reporting back the findings. The main objective of penetration testing is to determine security weaknesses. A pen test can also be used to test an organization's security policy compliance, its employees' security awareness and the organization's ability to identify and respond to security incidents. Penetration tests are sometimes called white hat attacks because in a pen test, the good guys are attempting to break in. 

Pen test strategies include: 

Targeted testing Targeted testing is performed by the organization's IT team and the penetration testing team working together. It's sometimes referred to as a "lights-turned-on" approach because everyone can see the test being carried out. 

External testing This type of pen test targets a company's externally visible servers or devices including domain name servers (DNS), e-mail servers, Web servers or firewalls. The objective is to find out if an outside attacker can get in and how far they can get in once they've gained access. 

Internal testing This test mimics an inside attack behind the firewall by an authorized user with standard access privileges. This kind of test is useful for estimating how much damage a disgruntled employee could cause. 

Blind testing A blind test strategy simulates the actions and procedures of a real attacker by severely limiting the information given to the person or team that's performing the test beforehand. Typically, they may only be given the name of the company. Because this type of test can require a considerable amount of time for reconnaissance, it can be expensive. 

Double blind testing Double blind testing takes the blind test and carries it a step further. In this type of pen test, only one or two people within the organization might be aware a test is being conducted. Double-blind tests can be useful for testing an organization's security monitoring and incident identification as well as its response procedures. 


Q422. A security administrator needs to update the OS on all the switches in the company. Which of the following MUST be done before any actual switch configuration is performed? 

A. The request needs to be sent to the incident management team. 

B. The request needs to be approved through the incident management process. 

C. The request needs to be approved through the change management process. 

D. The request needs to be sent to the change management team. 

Answer:

Explanation: 

Change Management is a risk mitigation approach and refers to the structured approach that is followed to secure a company’s assets. Thus the actual switch configuration should first be subject to the change management approval. 


Q423. Which of the following should Pete, a security manager, implement to reduce the risk of employees working in collusion to embezzle funds from their company? 

A. Privacy Policy 

B. Least Privilege 

C. Acceptable Use 

D. Mandatory Vacations 

Answer:

Explanation: 

A mandatory vacation policy requires all users to take time away from work to refresh. But not only does mandatory vacation give the employee a chance to refresh, but it also gives the company a chance to make sure that others can fill in any gaps in skills and satisfies the need to have replication or duplication at all levels as well as an opportunity to discover fraud. 


Q424. A financial company requires a new private network link with a business partner to cater for realtime and batched data flows. 

Which of the following activities should be performed by the IT security staff member prior to establishing the link? 

A. Baseline reporting 

B. Design review 

C. Code review 

D. SLA reporting 

Answer:

Explanation: 

This question is asking about a new private network link (a VPN) with a business partner. This will 

provide access to the local network from the business partner. 

When implementing a VPN, an important step is the design of the VPN. The VPN should be 

designed to ensure that the security of the network and local systems is not compromised. 

The design review assessment examines the ports and protocols used, the rules, segmentation, 

and access control in the systems or applications. A design review is basically a check to ensure 

that the design of the system meets the security requirements. 


Q425. An internal auditing team would like to strengthen the password policy to support special characters. Which of the following types of password controls would achieve this goal? 

A. Add reverse encryption 

B. Password complexity 

C. Increase password length 

D. Allow single sign on 

Answer:

Explanation: 

Generally, the minimum password length is considered to be 8 upper and lowercase characters. The use of at least one non-alpha character like punctuation, special characters, or numbers, combined with the password length produces strong passwords. Strong passwords are produced by the combination of a password’s length and complexity. 


Q426. Which of the following should Jane, a security administrator, perform before a hard drive is analyzed with forensics tools? 

A. Identify user habits 

B. Disconnect system from network 

C. Capture system image 

D. Interview witnesses 

Answer:

Explanation: 

Capturing an image of the operating system in its exploited state can be helpful in revisiting the issue after the fact to learn more about it. Very much as helpful in same way that a virus sample is kept in laboratories to study later after a breakout. Also you should act in the order of volatility which states that the system image capture is first on the list of a forensic analysis. 


Q427. A malicious program modified entries in the LMHOSTS file of an infected system. Which of the following protocols would have been affected by this? 

A. ICMP 

B. BGP 

C. NetBIOS 

D. DNS 

Answer:

Explanation: 

The LMHOSTS file provides a NetBIOS name resolution method that can be used for small networks that do not use a WINS server. NetBIOS has been adapted to run on top of TCP/IP, and is still extensively used for name resolution and registration in Windows-based environments. 


Q428. The act of magnetically erasing all of the data on a disk is known as: 

A. Wiping 

B. Dissolution 

C. Scrubbing 

D. Degaussing 

Answer:

Explanation: 

Degaussing is a form a data wiping that entails the use of magnets to alter the magnetic structure of the storage medium. 


Q429. A system administrator needs to ensure that certain departments have more restrictive controls to their shared folders than other departments. Which of the following security controls would be implemented to restrict those departments? 

A. User assigned privileges 

B. Password disablement 

C. Multiple account creation 

D. Group based privileges 

Answer:

Explanation: 

Group-based privileges assign privileges or access to a resource to all members of a group. Group-based access control grants every member of the group the same level of access to a specific object. 


Q430. Which of the following policies is implemented in order to minimize data loss or theft? 

A. PII handling 

B. Password policy 

C. Chain of custody 

D. Zero day exploits 

Answer:

Explanation: 

Although the concept of PII is old, it has become much more important as information technology and the Internet have made it easier to collect PII through breaches of internet security, network security and web browser security, leading to a profitable market in collecting and reselling PII. PII can also be exploited by criminals to stalk or steal the identity of a person, or to aid in the planning of criminal acts. Personally identifiable information (PII) is a catchall for any data that can be used to uniquely identify an individual. This data can be anything from the person’s name to a fingerprint (think biometrics), credit card number, or patient record. Thus a PII handling policy can be used to protect data.