Pass4sure offers free demo for sy0 401 practice test exam. "CompTIA Security+ Certification", also known as sy0 401 dump exam, is a CompTIA Certification. This set of posts, Passing the CompTIA comptia security+ sy0 401 exam, will help you answer those questions. The comptia security+ study guide sy0 401 Questions & Answers covers all the knowledge points of the real exam. 100% real CompTIA sy0 401 dump exams and revised by experts!


♥♥ 2021 NEW RECOMMEND ♥♥

Free VCE & PDF File for CompTIA SY0-401 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/SY0-401-exam-dumps.html

Q491. Which of the following should Matt, a security administrator, include when encrypting smartphones? (Select TWO). 

A. Steganography images 

B. Internal memory 

C. Master boot records 

D. Removable memory cards 

E. Public keys 

Answer: B,D 

Explanation: 

All useable data on the device should be encrypted. This data can be located on the hard drive, or removable drives, such as USB devices and memory cards, and on internal memory. 


Q492. An administrator wants to minimize the amount of time needed to perform backups during the week. It is also acceptable to the administrator for restoration to take an extended time frame. 

Which of the following strategies would the administrator MOST likely implement? 

A. Full backups on the weekend and incremental during the week 

B. Full backups on the weekend and full backups every day 

C. Incremental backups on the weekend and differential backups every day 

D. Differential backups on the weekend and full backups every day 

Answer:

Explanation: 

A full backup is a complete, comprehensive backup of all fi les on a disk or server. The full backup is current only at the time it’s performed. Once a full backup is made, you have a complete archive of the system at that point in time. A system shouldn’t be in use while it undergoes a full backup because some fi les may not get backed up. Once the system goes back into operation, the backup is no longer current. A full backup can be a time-consuming process on a large system. An incremental backup is a partial backup that stores only the information that has been changed since the last full or the last incremental backup. If a full backup were performed on a Sunday night, an incremental backup done on Monday night would contain only the information that changed since Sunday night. Such a backup is typically considerably smaller than a full backup. Each incremental backup must be retained until a full backup can be performed. Incremental backups are usually the fastest backups to perform on most systems, and each incremental backup tape is relatively small. 


Q493. Joe, an administrator, installs a web server on the Internet that performs credit card transactions for customer payments. Joe also sets up a second web server that looks like the first web server. 

However, the second server contains fabricated files and folders made to look like payments were processed on this server but really were not. Which of the following is the second server? 

A. DMZ 

B. Honeynet 

C. VLAN 

D. Honeypot 

Answer:

Explanation: 

In this scenario, the second web server is a ‘fake’ webserver designed to attract attacks. We can then monitor the second server to view the attacks and then ensure that the ‘real’ web server is secure against such attacks. The second web server is a honeypot. 

A honeypot is a system whose purpose it is to be attacked. An administrator can watch and study the attack to research current attack methodologies. 

According to the Wepopedia.com, a Honeypot luring a hacker into a system has several main purposes: 

The administrator can watch the hacker exploit the vulnerabilities of the system, thereby learning 

where the system has weaknesses that need to be redesigned. 

The hacker can be caught and stopped while trying to obtain root access to the system. 

By studying the activities of hackers, designers can better create more secure systems that are 

potentially invulnerable to future hackers. 

There are two main types of honeypots: 

Production - A production honeypot is one used within an organization's environment to help 

mitigate risk. 

Research – A research honeypot add value to research in computer security by providing a 

platform to study the threat. 


Q494. A software company has completed a security assessment. The assessment states that the company should implement fencing and lighting around the property. Additionally, the assessment states that production releases of their software should be digitally signed. Given the recommendations, the company was deficient in which of the following core security areas? (Select TWO). 

A. Fault tolerance 

B. Encryption 

C. Availability 

D. Integrity 

E. Safety 

F. Confidentiality 

Answer: D,E 

Explanation: 

Aspects such as fencing, proper lighting, locks, CCTV, Escape plans Drills, escape routes and 

testing controls form part of safety controls. 

Integrity refers to aspects such as hashing, digital signatures, certificates and non-repudiation – all 

of which has to do with data integrity. 


Q495. During a security assessment, an administrator wishes to see which services are running on a remote server. Which of the following should the administrator use? 

A. Port scanner 

B. Network sniffer 

C. Protocol analyzer 

D. Process list 

Answer:

Explanation: 

Different services use different ports. When a service is enabled on a computer, a network port is opened for that service. For example, enabling the HTTP service on a web server will open port 80 on the server. By determining which ports are open on a remote server, we can determine which services are running on that server. A port scanner is a software application designed to probe a server or host for open ports. This is often used by administrators to verify security policies of their networks and by attackers to identify running services on a host with the view to compromise it. A port scan or portscan can be defined as a process that sends client requests to a range of server port addresses on a host, with the goal of finding an active port. While not a nefarious process in and of itself, it is one used by hackers to probe target machine services with the aim of exploiting a known vulnerability of that service. However the majority of uses of a port scan are not attacks and are simple probes to determine services available on a remote machine. 


Q496. In the case of a major outage or business interruption, the security office has documented the expected loss of earnings, potential fines and potential consequence to customer service. Which of the following would include the MOST detail on these objectives? 

A. Business Impact Analysis 

B. IT Contingency Plan 

C. Disaster Recovery Plan 

D. Continuity of Operations 

Answer:

Explanation: 

Business impact analysis (BIA) is the process of evaluating all of the critical systems in an organization to define impact and recovery plans. BIA isn’t concerned with external threats or vulnerabilities; the analysis focuses on the impact a loss would have on the organization. A BIA comprises the following: identifying critical functions, prioritizing critical business functions, calculating a timeframe for critical systems loss, and estimating the tangible impact on the organization. 


Q497. A recent review of accounts on various systems has found that after employees' passwords are required to change they are recycling the same password as before. Which of the following policies should be enforced to prevent this from happening? (Select TWO). 

A. Reverse encryption 

B. Minimum password age 

C. Password complexity 

D. Account lockouts 

E. Password history 

F. Password expiration 

Answer: B,E 

Explanation: 


Q498. The administrator receives a call from an employee named Joe. Joe says the Internet is down and he is receiving a blank page when typing to connect to a popular sports website. The administrator asks Joe to try visiting a popular search engine site, which Joe reports as successful. Joe then says that he can get to the sports site on this phone. Which of the following might the administrator need to configure? 

A. The access rules on the IDS 

B. The pop up blocker in the employee’s browser 

C. The sensitivity level of the spam filter 

D. The default block page on the URL filter 

Answer:

Explanation: 

A URL filter is used to block access to a site based on all or part of a URL. There are a number of URL-filtering tools that can acquire updated master URL block lists from vendors, as well as allow administrators to add or remove URLs from a custom list. 


Q499. Which of the following types of trust models is used by a PKI? 

A. Transitive 

B. Open source 

C. Decentralized 

D. Centralized 

Answer:

Explanation: 

PKI uses a centralized trust model. In a simple PKI a single centralized certification authority (CA). 

In a hierarchical trust model the root CA is the center of the model, with subordinate CAs lower in 

the hierarchy. 

Note: A public key infrastructure (PKI) is a set of hardware, software, people, policies, and 

procedures needed to create, manage, distribute, use, store, and revoke digital certificates. 

A trust Model is collection of rules that informs application on how to decide the legitimacy of a 

Digital Certificate. 

Topic 7 


Q500. Which of the following is a security concern regarding users bringing personally-owned devices that they connect to the corporate network? 

A. Cross-platform compatibility issues between personal devices and server-based applications 

B. Lack of controls in place to ensure that the devices have the latest system patches and signature files 

C. Non-corporate devices are more difficult to locate when a user is terminated 

D. Non-purchased or leased equipment may cause failure during the audits of company-owned assets 

Answer:

Explanation: 

With employees who want to bring their own devices you will have to make them understand why they cannot. You do not want them plugging in a flash drive, let alone a camera, smartphone, tablet computer, or other device, on which company fi les could get intermingled with personal files. Allowing this to happen can create situations where data can leave the building that shouldn’t as well as introduce malware to the system. Employees should not sync unauthorized smartphones to their work systems. Some smartphones use multiple wireless spectrums and unwittingly open up the possibility for an attacker in the parking lot to gain access through the phone to the internal network. Thus if you do not have controls in place then your network is definitely at risk.