SY0-401 Questions Answers - PowerPoint PPT Presentation

About This Presentation
Title:

SY0-401 Questions Answers

Description:

Practice Test Testinside CompTIA SY0-401 is the only source to pass the exam within 24 hours. We offer CompTIA SY0-401 practice exam dumps with the insurance money. We provide these questions SY0-401 practice test questions and answers in PDF format. – PowerPoint PPT presentation

Number of Views:22

less

Transcript and Presenter's Notes

Title: SY0-401 Questions Answers


1
CompTIA SY0-401 - CompTIA Security
Certification Pass CompTIA SY0-401 - CompTIA
Security Certification exam in just 24 HOURS
With 100 Guarantee Top 100 REAL EXAM QUESTIONS
ANSWERS Get All PDF With Complete Questions
Answers File from http//www.testinsideusa.com/SY
0-401-practice-test.html 100 Exam Passing
Guarantee Money Back Assurance
2
  • Sample Questions
  • Question 1
  • A corporate wireless guest network uses an open
    SSID with a captive portal to authenticate guest
    users. Guests can obtain their portal password at
    the service desk. A security consultant alerts
    the administrator that the captive portal is
    easily bypassed, as long as one other wireless
    guest user is on the network. Which of the
    following attacks did the security consultant
    use?
  • ARP poisoning
  • DNS cache poisoning
  • MAC spoofing
  • Rouge DHCP server
  • Answer C
  • Question 2
  • The security administrator receives a service
    ticket saying a host based firewall is
    interfering with the operation of a new
    application that is being tested in development.
    The administrator asks for clarification on which
    ports need to be open. The software vendor
    replies that it could use up to 20 ports and many
    customers have disabled the host based firewall.
    After examining the system the administrator
    sees several ports that are open for database and
    application servers that only used locally. The
    vendor continues to recommend disabling the host
    based firewall. Which of the following is the
    best course of action for the administrator to
    take?
  • A. Allow ports used by the application through
    the network firewall

3
  • Allow ports used externally through the host
    firewall
  • Follow the vendor recommendations and disable the
    host firewall
  • Allow ports used locally through the host
    firewall
  • Answer D
  • Question 3
  • A chief information officer (CIO) is concerned
    about PII contained in the organization's
    various data warehouse platforms. Since not all
    of the PII transferred to the organization is
    required for proper operation of the data
    warehouse application, the CIO requests the in
    needed PII data be parsed and securely
    discarded. Which of the following controls would
    be MOST appropriate in this scenario?
  • Execution of PII data identification assessments
  • Implementation of data sanitization routines
  • Encryption of data-at-rest
  • Introduction of education programs and awareness
    training
  • Creation of policies and procedures
  • Answer E Question 4
  • An employee finds an usb drive in the employee
    lunch room and plugs the drive into a shared
    workstation to determine who owns the drive. When
    the drive is inserted, a command prompt opens
    and a script begins to run. The employee
    notifies a technician who determines that data on
    a server have been compromised. This is an
    example of

4
  • Spear phishing
  • A spoofing attack
  • A spam campaign
  • Answer D Question 6

Requirements for the confidentiality of its data
on organization decides to allow BYOD, but
requires participate agree to the
following specific device
end user devices. The that users wishing to
configurations camera
  • disablement, password enforcement, and
    application white listing. The organization must
    be able to support a device portfolio of
    differing mobile operating systems. Which of the
    following represents the MOST relevant technical
    security criteria for the MDM?
  • Breadth of support for device manufacturers'
    security configuration APIS
  • Ability to extend the enterprise password polices
    to the chosen MDM
  • Features to support the backup and recovery of
    the stored corporate data
  • Capability to require the users to accept an AUP
    prior to device on boarding
  • Answer B Question 7
  • Joe has hired several new security administrators
    and have been explaining the4 design of the
    company's network. He has described the position
    and descriptions of the company's firewalls, IDS
    sensors, antivirus server, DMZs, and HIPS. Which
    of the following best describes the incorporation
    of these elements?
  • Load balancers
  • Defense in depth
  • Network segmentation
  • UTM security appliance
  • Answer B Question 8
  • A company is deploying an new video conferencing
    system to be used by the executive team for
    board meetings. The security engineer has been
    asked to choose the strongest available
    asymmetric cipher to be used for encryption of
    board papers, and chose the strongest available
    stream cipher to be configured for video
    streaming. Which of the following ciphers should
    be chosen? (Select two)

5
  • RSA
  • RC4
  • 3DES
  • HMAC
  • SJA-256
  • Answer A, B Question 9
  • In performing an authorized penetration test of
    an organization's system security, a penetration
    tester collects information pertaining to the
    application versions that reside on a server.
    Which of the following is the best way to collect
    this type of information?
  • Protocol analyzer
  • Banner grabbing
  • Port scanning
  • Code review
  • Answer B
  • Question 10
  • Client computers login at specified times to
    check and update antivirus definitions using a
    dedicated account configured by the
    administrator. One day the clients are unable to
    login with the account, but the server still
    responds to ping requests. The administrator has
    not made any changed. Which of the following most
    likely happened?

6
http//www.testinsideusa.com/SY0-401-practice-test
.html
Write a Comment
User Comments (0)
About PowerShow.com