★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/SY0-401-dumps.html


There are plenty associated with strengths upon having purchased a persons CompTIA SY0-401 certification. The SY0-401 certification is usually a kind of ensure that youve got the very best amount of understanding regarding the The item team and you can solve most of conditions that the vicinity from it encounters. Additionally, the actual SY0-401 certification as well as improving a persons price during the little brown eyes of the organisations. If you would like to get a employment, the actual SY0-401 certification will encourage you to have the very best employment. If you would like regarding promotion, the actual SY0-401 certification can make this particular straightforward for a person. Furthermore, the actual SY0-401 certification raise your value as part of your company as well.

2021 Apr SY0-401 answers

Q581. A security analyst performs the following activities: monitors security logs, installs surveillance cameras and analyzes trend reports. Which of the following job responsibilities is the analyst performing? (Select TWO). 

A. Detect security incidents 

B. Reduce attack surface of systems 

C. Implement monitoring controls 

D. Hardening network devices 

E. Prevent unauthorized access 

Answer: A,C 

Explanation: 

By monitoring security logs, installing security cameras and analyzing trend reports, the security analyst is implementing monitoring controls. With the monitoring controls in place, by monitoring the security logs, reviewing the footage from the security cameras and analyzing trend reports, the security analyst is able to detect security incidents. 


Q582. After a user performed a war driving attack, the network administrator noticed several similar markings where WiFi was available throughout the enterprise. Which of the following is the term used to describe these markings? 

A. IV attack 

B. War dialing 

C. Rogue access points 

D. War chalking 

Answer:

Explanation: 

War chalking is the act of making chalk marks on outdoor surfaces (walls, sidewalks, buildings, sign posts, trees) to indicate the existence of an open wireless network connection, usually offering an Internet connection so that others can benefit from the free wireless access. The open connections typically come from the access points of wireless networks located within buildings to serve enterprises. The chalk symbols indicate the type of access point that is available at that specific spot. 


Q583. A company administrator has a firewall with an outside interface connected to the Internet and an inside interface connected to the corporate network. Which of the following should the administrator configure to redirect traffic destined for the default HTTP port on the outside interface to an internal server listening on port 8080? 

A. Create a dynamic PAT from port 80 on the outside interface to the internal interface on port 8080 

B. Create a dynamic NAT from port 8080 on the outside interface to the server IP address on port 80 

C. Create a static PAT from port 80 on the outside interface to the internal interface on port 8080 

D. Create a static PAT from port 8080 on the outside interface to the server IP address on port 80 

Answer:

Explanation: 


Q584. Which of the following is used by the recipient of a digitally signed email to verify the identity of the sender? 

A. Recipient’s private key 

B. Sender’s public key 

C. Recipient’s public key 

D. Sender’s private key 

Answer:

Explanation: 

When the sender wants to send a message to the receiver. It’s important that this message not be altered. The sender uses the private key to create a digital signature. The message is, in effect, signed with the private key. The sender then sends the message to the receiver. The recipient uses the public key attached to the message to validate the digital signature. If the values match, the receiver knows the message is authentic. Thus the recipient uses the sender’s public key to verify the sender’s identity. 


Q585. When using PGP, which of the following should the end user protect from compromise? (Select TWO). 

A. Private key 

B. CRL details 

C. Public key 

D. Key password 

E. Key escrow 

F. Recovery agent 

Answer: A,D 

Explanation: 

A: In PGP only the private key belonging to the receiver can decrypt the session key. 

PGP combines symmetric-key encryption and public-key encryption. The message is encrypted 

using a symmetric encryption algorithm, which requires a symmetric key. Each symmetric key is 

used only once and is also called a session key. 

D: PGP uses a passphrase to encrypt your private key on your machine. Your private key is 

encrypted on your disk using a hash of your passphrase as the secret key. You use the 

passphrase to decrypt and use your private key. 


Leading SY0-401 free download:

Q586. A security administrator is concerned about the strength of user’s passwords. The company does not want to implement a password complexity policy. Which of the following can the security Administrator implement to mitigate the risk of an online password attack against users with weak passwords? 

A. Increase the password length requirements 

B. Increase the password history 

C. Shorten the password expiration period 

D. Decrease the account lockout time 

Answer:

Explanation: 

Reducing the password expiration period will require passwords to be changed at the end of that period. A password needs to be changed if it doesn’t meet the compliance requirements of the company’s password policy, or is evidently insecure. It will also need to be changed if it has been reused, or due to possible compromise as a result of a system intrusion. This will give online password attackers less time to crack the weak passwords. 


Q587. When confidentiality is the primary concern, and a secure channel for key exchange is not available, which of the following should be used for transmitting company documents? 

A. Digital Signature 

B. Symmetric 

C. Asymmetric 

D. Hashing 

Answer:

Explanation: 


Q588. The manager has a need to secure physical documents every night, since the company began enforcing the clean desk policy. The BEST solution would include: (Select TWO). 

A. Fire- or water-proof safe. 

B. Department door locks. 

C. Proximity card. 

D. 24-hour security guard. 

E. Locking cabinets and drawers. 

Answer: A,E 

Explanation: 

Using a safe and locking cabinets to protect backup media, documentation, and any other physical artifacts that could do harm if they fell into the wrong hands would form part of keeping employees desks clean as in a clean desk policy. 


Q589. A large corporation has data centers geographically distributed across multiple continents. The company needs to securely transfer large amounts of data between the data center. The data transfer can be accomplished physically or electronically, but must prevent eavesdropping while the data is on transit. Which of the following represents the BEST cryptographic solution? 

A. Driving a van full of Micro SD cards from data center to data center to transfer data 

B. Exchanging VPN keys between each data center via an SSL connection and transferring the data in the VPN 

C. Using a courier to deliver symmetric VPN keys to each data center and transferring data in the VPN 

D. Using PKI to encrypt each file and transferring them via an Internet based FTP or cloud server 

Answer:

Explanation: 

A virtual private network (VPN) is an encrypted communication tunnel that connects two systems over an untrusted network, such as the Internet. They provide security for both authentication and data transmission through a process called encapsulation. Secure Sockets Layer (SSL) can be used to exchange the VPN keys securely. SSL is used to establish secure TCP communication between two machines by encrypting the communication. 


Q590. Which of the following would Pete, a security administrator, do to limit a wireless signal from penetrating the exterior walls? 

A. Implement TKIP encryption 

B. Consider antenna placement 

C. Disable the SSID broadcast 

D. Disable WPA 

Answer:

Explanation: Cinderblock walls, metal cabinets, and other barriers can reduce signal strength significantly. Therefore, antenna placement is critical.