★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/SY0-401-dumps.html
Many IT aspirants are eager to acquire the CompTIA CompTIA certification. It really is a threshold in direction of a well-paid job. If you maintain a CompTIA certification, you may hold the particular advantage over additional candidates in the job market. Nonetheless, passing the CompTIA SY0-401 exam is actually never the easy job without any help. Having advantage of the particular CompTIA CompTIA exam questions and answers which in turn reflect the true exam at Examcollection, you may be set for the CompTIA actual test. It really is a faster and easier approach to prepare for that CompTIA SY0-401 exam by using the Examcollections education course. All of us guarantee your own success from first attempt.
2021 Sep lead2pass sy0-401 vce:
Q121. Which of the following is an attack vector that can cause extensive physical damage to a datacenter without physical access?
A. CCTV system access
B. Dial-up access
C. Changing environmental controls
D. Ping of death
Answer: C
Explanation:
Environmental systems include heating, air conditioning, humidity control, fire suppression, and power systems. All of these functions are critical to a well-designed physical plant. A computer room will typically require full-time environmental control. Changing any of these controls (when it was set to its optimum values) will result in damage.
Q122. Joe, a newly hired employee, has a corporate workstation that has been compromised due to several visits to P2P sites. Joe insisted that he was not aware of any company policy that prohibits the use of such web sites. Which of the following is the BEST method to deter employees from the improper use of the company’s information systems?
A. Acceptable Use Policy
B. Privacy Policy
C. Security Policy
D. Human Resource Policy
Answer: A
Explanation:
Acceptable use policies (AUPs) describe how the employees in an organization can use company systems and resources, both software and hardware.
Q123. After entering the following information into a SOHO wireless router, a mobile device’s user reports being unable to connect to the network:
PERMIT 0A: D1: FA. B1: 03: 37
DENY 01: 33: 7F: AB: 10: AB
Which of the following is preventing the device from connecting?
A. WPA2-PSK requires a supplicant on the mobile device.
B. Hardware address filtering is blocking the device.
C. TCP/IP Port filtering has been implemented on the SOHO router.
D. IP address filtering has disabled the device from connecting.
Answer: B
Explanation:
MAC filtering allows you to include or exclude computers and devices based on their MAC address.
Q124. Joe analyzed the following log and determined the security team should implement which of the following as a mitigation method against further attempts?
Host 192.168.1.123
[00:
00: 01]Successful Login: 015 192.168.1.123 : local
[00:
00: 03]Unsuccessful Login: 022 214.34.56.006 : RDP 192.168.1.124
[00:
00: 04]UnSuccessful Login: 010 214.34.56.006 : RDP 192.168.1.124
[00:
00: 07]UnSuccessful Login: 007 214.34.56.006 : RDP 192.168.1.124
[00:
00: 08]UnSuccessful Login: 003 214.34.56.006 : RDP 192.168.1.124
A.
Reporting
B.
IDS
C.
Monitor system logs
D.
Hardening
Answer: D
Explanation:
We can see a number of unsuccessful login attempts using a Remote Desktop Connection (using the RDP protocol) from a computer with the IP address 192.168.1.124. Someone successfully logged in locally. This is probably an authorized login (for example, Joe logging in). Hardening is the process of securing a system. We can harden (secure) the system by either disallowing remote desktop connections altogether or by restricting which IPs are allowed to initiate remote desktop connections.
Q125. Which of the following BEST describes the type of attack that is occurring? (Select TWO).
A. DNS spoofing
B. Man-in-the-middle
C. Backdoor
D. Replay
E. ARP attack
F. Spear phishing
G. Xmas attack
Answer: A,E
Explanation:
We have a legit bank web site and a hacker bank web site. The hacker has a laptop connected to the network. The hacker is redirecting bank web site users to the hacker bank web site instead of the legit bank web site. This can be done using two methods: DNS Spoofing and ARP Attack (ARP Poisoning).
A: DNS spoofing (or DNS cache poisoning) is a computer hacking attack, whereby data is introduced into a Domain Name System (DNS) resolver's cache, causing the name server to return an incorrect IP address, diverting traffic to the attacker's computer (or any other computer). A domain name system server translates a human-readable domain name (such as example.com) into a numerical IP address that is used to route communications between nodes. Normally if the server doesn't know a requested translation it will ask another server, and the process continues recursively. To increase performance, a server will typically remember (cache) these translations for a certain amount of time, so that, if it receives another request for the same translation, it can reply without having to ask the other server again. When a DNS server has received a false translation and caches it for performance optimization, it is considered poisoned, and it supplies the false data to clients. If a DNS server is poisoned, it may return an incorrect IP address, diverting traffic to another computer (in this case, the hacker bank web site server).
E: Address Resolution Protocol poisoning (ARP poisoning) is a form of attack in which an attacker changes the Media Access Control (MAC) address and attacks an Ethernet LAN by changing the target computer's ARP cache with a forged ARP request and reply packets. This modifies the layer -Ethernet MAC address into the hacker's known MAC address to monitor it. Because the ARP replies are forged, the target computer unintentionally sends the frames to the hacker's computer first instead of sending it to the original destination. As a result, both the user's data and privacy are compromised. An effective ARP poisoning attempt is undetectable to the user. ARP poisoning is also known as ARP cache poisoning or ARP poison routing (APR).
Updated lead2pass sy0-401 vce:
Q126. Sara, a hacker, is completing a website form to request a free coupon. The site has a field that limits the request to 3 or fewer coupons. While submitting the form, Sara runs an application on her machine to intercept the HTTP POST command and change the field from 3 coupons to 30.
Which of the following was used to perform this attack?
A. SQL injection
B. XML injection
C. Packet sniffer
D. Proxy
Answer: B
Explanation:
When a web user takes advantage of a weakness with SQL by entering values that they should not, it is known as a SQL injection attack. Similarly, when the user enters values that query XML (known as XPath) with values that take advantage of exploits, it is known as an XML injection attack. XPath works in a similar manner to SQL, except that it does not have the same levels of access control, and taking advantage of weaknesses within can return entire documents. The best way to prevent XML injection attacks is to filter the user’s input and sanitize it to make certain that it does not cause XPath to return more data than it should.
Q127. Which of the following can be implemented with multiple bit strength?
A. AES
B. DES
C. SHA-1
D. MD5
E. MD4
Answer: A
Explanation:
AES (a symmetric algorithm) uses key sizes of 128, 192, or 256 bits.
Q128. The administrator receives a call from an employee named Joe. Joe says the Internet is down and he is receiving a blank page when typing to connect to a popular sports website. The administrator asks Joe to try visiting a popular search engine site, which Joe reports as successful. Joe then says that he can get to the sports site on this phone. Which of the following might the administrator need to configure?
A. The access rules on the IDS
B. The pop up blocker in the employee’s browser
C. The sensitivity level of the spam filter
D. The default block page on the URL filter
Answer: D
Explanation:
A URL filter is used to block access to a site based on all or part of a URL. There are a number of URL-filtering tools that can acquire updated master URL block lists from vendors, as well as allow administrators to add or remove URLs from a custom list.
Q129. One of the most basic ways to protect the confidentiality of data on a laptop in the event the device is physically stolen is to implement which of the following?
A. File level encryption with alphanumeric passwords
B. Biometric authentication and cloud storage
C. Whole disk encryption with two-factor authentication
D. BIOS passwords and two-factor authentication
Answer: C
Explanation: Whole-disk encryption only provides reasonable protection when the system is fully powered off. to make the most of the defensive strength of whole-disk encryption, a long, complex passphrase should be used to unlock the system on bootup. Combining whole-disk encryption with two factor authentication would further increase protection.
Q130. Joe, a user, reports to the system administrator that he is receiving an error stating his certificate has been revoked. Which of the following is the name of the database repository for these certificates?
A. CSR
B. OCSP
C. CA
D. CRL
Answer: D
Explanation:
A certificate revocation list (CRL) is created and distributed to all CAs to revoke a certificate or key.