★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW SY0-401 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/SY0-401-dumps.html


Q391. A network administrator uses an RFID card to enter the datacenter, a key to open the server rack, and a username and password to logon to a server. These are examples of which of the following? 

A. Multifactor authentication 

B. Single factor authentication 

C. Separation of duties 

D. Identification 

Answer:

Explanation: 

Single-factor authentication (SFA) is a process for securing access to a given system by identifying the party requesting access via a single category of credentials. In this case, the network administrator makes use of an RFID card to access the datacenter, a key to access the server rack, and a username and password to access a server. 


Q392. Jane has implemented an array of four servers to accomplish one specific task. This is BEST known as which of the following? 

A. Clustering 

B. RAID 

C. Load balancing 

D. Virtualization 

Answer:

Explanation: 

Anytime you connect multiple computers to work/act together as a single server, it is known as clustering. Clustered systems utilize parallel processing (improving performance and availability) and add redundancy (but also add costs). 


Q393. Which of the following file systems is from Microsoft and was included with their earliest operating systems? 

A. NTFS 

B. UFS 

C. MTFS 

D. FAT 

Answer:

Explanation: 

File Allocation Table (FAT) is a file system created by Microsoft and used for its earliest DOS operating systems. 


Q394. A security engineer is given new application extensions each month that need to be secured prior to implementation. They do not want the new extensions to invalidate or interfere with existing application security. Additionally, the engineer wants to ensure that the new requirements are approved by the appropriate personnel. Which of the following should be in place to meet these two goals? (Select TWO). 

A. Patch Audit Policy 

B. Change Control Policy 

C. Incident Management Policy 

D. Regression Testing Policy 

E. Escalation Policy 

F. Application Audit Policy 

Answer: B,D 

Explanation: 

A backout (regression testing) is a reversion from a change that had negative consequences. It could be, for example, that everything was working fi ne until you installed a service pack on a production machine, and then services that were normally available were no longer accessible. The backout, in this instance, would revert the system to the state that it was in before the service pack was applied. Backout plans can include uninstalling service packs, hotfi xes, and patches, but they can also include reversing a migration and using previous firmware. A key component to creating such a plan is identifying what events will trigger your implementing the backout. A change control policy refers to the structured approach that is followed to secure a company’s assets in the event of changes occurring. 


Q395. A hacker has discovered a simple way to disrupt business for the day in a small company which relies on staff working remotely. In a matter of minutes the hacker was able to deny remotely working staff access to company systems with a script. Which of the following security controls is the hacker exploiting? 

A. DoS 

B. Account lockout 

C. Password recovery 

D. Password complexity 

Answer:

Explanation: 

B: Account lockout automatically disables an account due to repeated failed log on attempts. The hacker must have executed a script to repeatedly try logging on to the remote accounts, forcing the account lockout policy to activate. 


Q396. Which of the following types of application attacks would be used to identify malware causing security breaches that have NOT yet been identified by any trusted sources? 

A. Zero-day 

B. LDAP injection 

C. XML injection 

D. Directory traversal 

Answer:

Explanation: 

The security breaches have NOT yet been identified. This is zero day vulnerability. A zero day vulnerability refers to a hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it—this exploit is called a zero day attack. Uses of zero day attacks can include infiltrating malware, spyware or allowing unwanted access to user information. The term “zero day” refers to the unknown nature of the hole to those outside of the hackers, specifically, the developers. Once the vulnerability becomes known, a race begins for the developer, who must protect users. 


Q397. Which of the following is described as an attack against an application using a malicious file? 

A. Client side attack 

B. Spam 

C. Impersonation attack 

D. Phishing attack 

Answer:

Explanation: 

In this question, a malicious file is used to attack an application. If the application is running on a 

client computer, this would be a client side attack. Attacking a service or application on a server 

would be a server side attack. 

Client-side attacks target vulnerabilities in client applications interacting with a malicious data. The 

difference is the client is the one initiating the bad connection. 

Client-side attacks are becoming more popular. This is because server side attacks are not as 

easy as they once were according to apache.org. 

Attackers are finding success going after weaknesses in desktop applications such as browsers, 

media players, common office applications and e-mail clients. 

To defend against client-side attacks keep-up the most current application patch levels, keep 

antivirus software updated and keep authorized software to a minimum. 


Q398. Which of the following should be used to authenticate and log connections from wireless users connecting with EAP-TLS? 

A. Kerberos 

B. LDAP 

C. SAML 

D. RADIUS 

Answer:

Explanation: 


Q399. Which of the following is built into the hardware of most laptops but is not setup for centralized management by default? 

A. Whole disk encryption 

B. TPM encryption 

C. USB encryption 

D. Individual file encryption 

Answer:

Explanation: 

Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores cryptographic keys, passwords, or certificates. 


Q400. Which of the following is BEST at blocking attacks and providing security at layer 7 of the OSI model? 

A. WAF 

B. NIDS 

C. Routers 

D. Switches 

Answer:

Explanation: 

A web application firewall (WAF) is an appliance, server plugin, or filter that applies a set of rules to an HTTP conversation. Generally, these rules cover common attacks such as cross-site scripting (XSS) and SQL injection. By customizing the rules to your application, many attacks can be identified and blocked. The effort to perform this customization can be significant and needs to be maintained as the application is modified. 

As the protocols used to access a web server (typically HTTP and HTTPS) run in layer 7 of the OSI model, then web application firewall (WAF) is the correct answer.