Ensurepass

 

QUESTION 481

Which of the following is the BEST reason to provide user awareness and training programs for organizational staff?

 

A.

To ensure proper use of social media

B.

To reduce organizational IT risk

C.

To detail business impact analyses

D.

To train staff on zero-days

 

Correct Answer: B

 

 

 

 

 

 

 

QUESTION 482

A firewall technician has been instructed to disable all non-secure ports on a corporate firewall. The technician has blocked traffic on port 21, 69, 80, and 137-139. The technician has allowed traffic on ports 22 and 443. Which of the following correctly lists the protocols blocked and allowed?

 

A.

Blocked: TFTP, HTTP, NetBIOS; Allowed: HTTPS, FTP

B.

Blocked: FTP, TFTP, HTTP, NetBIOS; Allowed: SFTP, SSH, SCP, HTTPS

C.

Blocked: SFTP, TFTP, HTTP, NetBIOS; Allowed: SSH, SCP, HTTPS

D.

Blocked: FTP, HTTP, HTTPS; Allowed: SFTP, SSH, SCP, NetBIOS

 

Correct Answer: B

 

 

QUESTION 483

A security administrator is responsible for performing periodic reviews of user permission settings due to high turnover and internal transfers at a corporation. Which of the following BEST describes the procedure and security rationale for performing such reviews?

 

A.

Review all user permissions and group memberships to ensure only the minimum set of permissions required to perform a job is assigned.

B.

Review the permissions of all transferred users to ensure new permissions are granted so the employee can work effectively.

C.

Ensure all users have adequate permissions and appropriate group memberships, so the volume of help desk calls is reduced.

D.

Ensure former employee accounts have no permissions so that they cannot access any network file stores and resources.

 

Correct Answer: A

 

 

QUESTION 484

A system administrator is responding to a legal order to turn over all logs from all company servers. The system administrator records the system time of all servers to ensure that:

 

A.

HDD hashes are accurate.

B.

the NTP server works properly.

C.

chain of custody is preserved.

D.

time offset can be calculated.

 

Correct Answer: D

 

 

QUESTION 485

While rarely enforced, mandatory vacation policies are effective at uncovering:

 

A.

Help desk technicians with oversight by multiple supervisors and detailed quality control systems.

B.

Collusion between two employees who perform the same business function.

C.

Acts of incompetence by a systems engineer designing complex architectures as a member of a team.

D.

Acts of gross negligence on the part of system administrators with unfettered access to system and no oversight.

 

Correct Answer: D

 

 

QUESTION 486

< span style="font-family: ; mso-font-kerning: 0pt; mso-no-proof: yes" lang="EN-US">A company hires outside security experts to evaluate the security status of the corporate network. All of the company’s IT resources are outdated and prone to crashing. The company requests that all testing be performed in a way which minimizes the risk of system failures. Which of the following types of testing does the company want performed?

 

A.

Penetration testing

B.

WAF testing

C.

Vulnerability scanning

D.

White box testing

 

Correct Answer: C

 

 

QUESTION 487

A security administrator notices that a specific network administrator is making unauthorized changes to the firewall every Saturday morning. Which of the following would be used to mitigate this issue so that only security administrators can make changes to the firewall?

 

A.

Mandatory vacations

B.

Job rotation

C.

Least privilege

D.

Time of day restrictions

 

Correct Answer: C

 

 

QUESTION 488

A security administrator notices large amounts of traffic within the network heading out to an external website. The website seems to be a fake bank site with a phone number that when called, asks for sensitive information. After further investigation, the security administrator notices that a fake link was sent to several users. This is an example of which of the following attacks?

 

A.

Vishing

B.

Phishing

C.

Whaling

D.

SPAM

E.

SPIM

 

Correct Answer: B

 

 

QUESTION 489

After a user performed a war driving attack, the network administrator noticed several similar markings where WiFi was available throughout the enterprise. Which of the following is the term used to describe these markings?

 

A.

IV attack

B.

War dialing

C.

Rogue access points

D.

War chalking

 

Correct Answer: D

 

 

QUESTION 490

The system administrator notices that their application is no longer able to keep up with the large amounts of traffic their server is receiving daily. Several packets are dropped and sometimes the server is taken offline. Which of the following would be a possible solution to look into to ensure their application remains secure and available?

 

A.

Cloud computing

B.

Full disk encryption

C.

Data Loss Prevention

D.

HSM

 

Correct Answer: A

Free VCE & PDF File for CompTIA SY0-401 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.