Ensurepass.com : Ensure you pass the IT Exams
2018 Jan CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/SY0-401.html

CompTIA Security Certification

Question No: 161 – (Topic 1)

Joe, a technician at the local power plant, notices that several turbines had ramp up in cycles during the week. Further investigation by the system engineering team determined that a timed .exe file had been uploaded to the system control console during a visit by international contractors. Which of the following actions should Joe recommend?

  1. Create a VLAN for the SCADA

  2. Enable PKI for the MainFrame

  3. Implement patch management

  4. Implement stronger WPA2 Wireless

Answer: A Explanation:

VLANs are used for traffic management. VLANs can be used to isolate traffic between network segments. This can be accomplished by not defining a route between different VLANs or by specifying a deny filter between certain VLANs (or certain members of a VLAN). Any network segment that doesn’t need to communicate with another in order to accomplish a work task/function shouldn’t be able to do so.

Question No: 162 – (Topic 1)

A Windows-based computer is infected with malware and is running too slowly to boot and run a malware scanner. Which of the following is the BEST way to run the malware scanner?

  1. Kill all system processes

  2. Enable the firewall

  3. Boot from CD/USB

  4. Disable the network connection

Answer: C Explanation:

Antivirus companies frequently create boot discs you can use to scan and repair your computer. These tools can be burned to a CD or DVD or installed onto a USB drive. You can then restart your computer and boot from the removable media. A special antivirus environment will load where your computer can be scanned and repaired.

Incorrect Options:

A: Kill all system processes will stop system processes, and could have a negative effect on the system. It is not the BEST way to run the malware scanner

B: The basic purpose of a firewall is to isolate one network from another. It is not the BEST way to run the malware scanner.

D: Disabling the network connection will not allow for the BEST way to run the malware scanner.

Reference:

http://www.howtogeek.com/187037/how-to-scan-and-repair-a-badly-infected-computer- from-outside-windows/

Dulaney, Emmett and Chuck Eastton, CompTIA Security Study Guide, 6th Edition, Sybex, Indianapolis, 2014, p. 342

Question No: 163 – (Topic 1)

A company provides secure wireless Internet access for visitors and vendors working onsite. Some of the vendors using older technology report that they are unable to access the wireless network after entering the correct network information. Which of the following is the MOST likely reason for this issue?

  1. The SSID broadcast is disabled.

  2. The company is using the wrong antenna type.

  3. The MAC filtering is disabled on the access point.

  4. The company is not using strong enough encryption.

Answer: A Explanation:

When the SSID is broadcast, any device with an automatic detect and connect feature is able to see the network and can initiate a connection with it. The fact that they cannot access the network means that they are unable to see it.

Question No: 164 – (Topic 1)

Layer 7 devices used to prevent specific types of html tags are called:

  1. Firewalls

  2. Content filters

  3. Routers

  4. NIDS

Answer: B Explanation:

A content filter is a is a type of software designed to restrict or control the content a reader is authorised to access, particularly when used to limit material delivered over the Internet via the Web, e-mail, or other means. Because the user and the OSI layer interact directly with the content filter, it operates at Layer 7 of the OSI model.

Question No: 165 – (Topic 1)

A security administrator wishes to change their wireless network so that IPSec is built into the protocol and NAT is no longer required for address range extension. Which of the following protocols should be used in this scenario?

  1. WPA2

  2. WPA

  3. IPv6

  4. IPv4

Answer: C Explanation:

IPSec security is built into IPv6.

Question No: 166 – (Topic 1)

A security administrator is segregating all web-facing server traffic from the internal network and restricting it to a single interface on a firewall. Which of the following BEST describes this new network?

  1. VLAN

  2. Subnet

  3. VPN

  4. DMZ

Answer: D Explanation:

A DMZ or demilitarized zone (sometimes referred to as a perimeter network) is a physical or logical subnetwork that contains and exposes an organization#39;s external-facing services to a larger and untrusted network, usually the Internet. The purpose of a DMZ is to add an additional layer of security to an organization#39;s local area network (LAN); an external network node only has direct access to equipment in the DMZ, rather than any other part of the network. The name is derived from the term quot;demilitarized zonequot;, an area between nation states in which military operation is not permitted.

Question No: 167 – (Topic 1)

FTP/S uses which of the following TCP ports by default?

A. 20 and 21

B. 139 and 445

C. 443 and 22

D. 989 and 990

Answer: D

Explanation: FTPS uses ports 989 and 990.

Question No: 168 – (Topic 1)

A recent vulnerability scan found that Telnet is enabled on all network devices. Which of the following protocols should be used instead of Telnet?

  1. SCP

  2. SSH

  3. SFTP

  4. SSL

Answer: B Explanation:

SSH transmits both authentication traffic and data in a secured encrypted form, whereas Telnet transmits both authentication credentials and data in clear text.

Question No: 169 – (Topic 1)

During the analysis of a PCAP file, a security analyst noticed several communications with a remote server on port 53. Which of the following protocol types is observed in this traffic?

  1. FTP

  2. DNS

  3. Email

  4. NetBIOS

Answer: B Explanation:

DNS (Domain Name System) uses port 53.

Question No: 170 – (Topic 1)

A technician wants to securely collect network device configurations and statistics through a scheduled and automated process. Which of the following should be implemented if configuration integrity is most important and a credential compromise should not allow interactive logons?

  1. SNMPv3

  2. TFTP

  3. SSH

  4. TLS

Answer: A Explanation:

SNMPv3 provides the following security features:

Message integrity-Ensures that a packet has not been tampered with in transit. Authentication-Determines that the message is from a valid source.

Encryption-Scrambles the content of a packet to prevent it from being learned by an unauthorized source.

100% Ensurepass Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Ensurepass Free Guaranteed!
Download 2018 EnsurePass SY0-401 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Comments are closed.