★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/SY0-401-dumps.html


CompTIA SY0-401 exam certification is the dream of every one of the IT aspirants. Should you be a work hunter who are also eager to obtain the actual CompTIA CompTIA certificate. Please participate in Testkings on-line course. You will get a substantial mark that guarantee a wonderful success.

2021 Mar SY0-401 exam guide

Q191. Which of the following tools will allow a technician to detect security-related TCP connection anomalies? 

A. Logical token 

B. Performance monitor 

C. Public key infrastructure 

D. Trusted platform module 

Answer:

Explanation: 

Performance Monitor in a Windows system can monitor many different ‘counters’. For TCP network connections, you can monitor specific TCP related counters including the following: Connection Failures Connections Active Connections Established Connections Passive Connections Reset Segments Received/sec Segments Retransmitted/sec Segments Sent/sec Total Segments/sec 

By monitoring the counters listed above, you will be able to detect security-related TCP connection anomalies. 


Q192. The Chief Technology Officer (CTO) wants to improve security surrounding storage of customer passwords. 

The company currently stores passwords as SHA hashes. Which of the following can the CTO implement requiring the LEAST change to existing systems? 

A. Smart cards 

B. TOTP 

C. Key stretching 

D. Asymmetric keys 

Answer:

Explanation: 

Smart cards usually come in two forms. The most common takes the form of a rectangular piece of plastic with an embedded microchip. The second is as a USB token. It contains a built in processor and has the ability to securely store and process information. A "contact" smart card communicates with a PC using a smart card reader whereas a "contactless" card sends encrypted information via radio waves to the PC. Typical scenarios in which smart cards are used include interactive logon, e-mail signing, e-mail decryption and remote access authentication. However, smart cards are programmable and can contain programs and data for many different applications. For example smart cards may be used to store medical histories for use in emergencies, to make electronic cash payments or to verify the identity of a customer to an e-retailer. Microsoft provides two device independent APIs to insulate application developers from differences between current and future implementations: CryptoAPI and Microsoft Win32. SCard APIs. The Cryptography API contains functions that allow applications to encrypt or digitally sign data in a flexible manner, while providing protection for the user's sensitive private key data. All cryptographic operations are performed by independent modules known as cryptographic service providers (CSPs). There are many different cryptographic algorithms and even when implementing the same algorithm there are many choices to make about key sizes and padding for example. For this reason, CSPs are grouped into types, in which each supported CryptoAPI function, by default, performs in a way particular to that type. For example, CSPs in the PROV_DSS provider type support DSS Signatures and MD5 and SHA hashing. 


Q193. Several departments within a company have a business need to send high volumes of confidential information to customers via email. Which of the following is the BEST solution to mitigate unintentional exposure of confidential information? 

A. Employ encryption on all outbound emails containing confidential information. 

B. Employ exact data matching and prevent inbound emails with Data Loss Prevention. 

C. Employ hashing on all outbound emails containing confidential information. 

D. Employ exact data matching and encrypt inbound e-mails with Data Loss Prevention. 

Answer:

Explanation: 

Encryption is used to ensure the confidentiality of information and in this case the outbound email that contains the confidential information should be encrypted. 


Q194. At an organization, unauthorized users have been accessing network resources via unused network wall jacks. Which of the following would be used to stop unauthorized access? 

A. Configure an access list. 

B. Configure spanning tree protocol. 

C. Configure port security. 

D. Configure loop protection. 

Answer:

Explanation: 

Port security in IT can mean several things. It can mean the physical control of all connection points, such as RJ-45 wall jacks or device ports, so that no unauthorized users or unauthorized devices can attempt to connect into an open port. This can be accomplished by locking down the wiring closet and server vaults and then disconnecting the workstation run from the patch panel (or punch-down block) that leads to a room’s wall jack. Any unneeded or unused wall jacks can (and should) be physically disabled in this manner. Another option is to use a smart patch panel that can monitor the MAC address of any device connected to each and every wall port across a building and detect not just when a new device is connected to an empty port, but also when a valid device is disconnected or replaced by an invalid device. 


Q195. Joe, a technician at the local power plant, notices that several turbines had ramp up in cycles during the week. Further investigation by the system engineering team determined that a timed .exe file had been uploaded to the system control console during a visit by international contractors. Which of the following actions should Joe recommend? 

A. Create a VLAN for the SCADA 

B. Enable PKI for the MainFrame 

C. Implement patch management 

D. Implement stronger WPA2 Wireless 

Answer:

Explanation: 

VLANs are used for traffic management. VLANs can be used to isolate traffic between network segments. This can be accomplished by not defining a route between different VLANs or by specifying a deny filter between certain VLANs (or certain members of a VLAN). Any network segment that doesn’t need to communicate with another in order to accomplish a work task/function shouldn’t be able to do so. 


Renew SY0-401 free draindumps:

Q196. Which of the following is an attack vector that can cause extensive physical damage to a datacenter without physical access? 

A. CCTV system access 

B. Dial-up access 

C. Changing environmental controls 

D. Ping of death 

Answer:

Explanation: 

Environmental systems include heating, air conditioning, humidity control, fire suppression, and power systems. All of these functions are critical to a well-designed physical plant. A computer room will typically require full-time environmental control. Changing any of these controls (when it was set to its optimum values) will result in damage. 


Q197. Which of the following would the security engineer set as the subnet mask for the servers below to utilize host addresses on separate broadcast domains? 

Server 1: 192.168.100.6 

Server 2: 192.168.100.9 

Server 3: 192.169.100.20 

A. /24 

B. /27 

C. /28 

D. /29 

E. /30 

Answer:

Explanation: 

Using this option will result in all three servers using host addresses on different broadcast domains. 


Q198. Matt, a forensic analyst, wants to obtain the digital fingerprint for a given message. The message is 160-bits long. Which of the following hashing methods would Matt have to use to obtain this digital fingerprint? 

A. SHA1 

B. MD2 

C. MD4 

D. MD5 

Answer:

Explanation: 

The Secure Hash Algorithm (SHA) was designed to ensure the integrity of a message. SHA is a one-way hash that provides a hash value that can be used with an encryption protocol. This algorithm produces a 160-bit hash value. SHA (1 or 2) is preferred over Message Digest Algorithm. 


Q199. Which of the following devices will help prevent a laptop from being removed from a certain location? 

A. Device encryption 

B. Cable locks 

C. GPS tracking 

D. Remote data wipes 

Answer:

Explanation: 

Cable locks are theft deterrent devices that can be used to tether a device to a fixed point keep smaller devices from being easy to steal. 


Q200. A network engineer is designing a secure tunneled VPN. Which of the following protocols would be the MOST secure? 

A. IPsec 

B. SFTP 

C. BGP 

D. PPTP 

Answer:

Explanation: 

Layer 2 Tunneling Protocol (L2TP) came about through a partnership between Cisco and Microsoft with the intention of providing a more secure VPN protocol. L2TP is considered to be a more secure option than PPTP, as the IPSec protocol which holds more secure encryption algorithms, is utilized in conjunction with it. It also requires a pre-shared certificate or key. L2TP’s strongest level of encryption makes use of 168 bit keys, 3 DES encryption algorithm and requires two levels of authentication. L2TP has a number of advantages in comparison to PPTP in terms of providing data integrity and authentication of origin verification designed to keep hackers from compromising the system. However, the increased overhead required to manage this elevated security means that it performs at a slower pace than PPTP.