Ensurepass.com : Ensure you pass the IT Exams
2018 Jan CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/SY0-401.html

CompTIA Security Certification

Question No: 201 – (Topic 1)

While previously recommended as a security measure, disabling SSID broadcast is not effective against most attackers because network SSIDs are:

  1. no longer used to authenticate to most wireless networks.

  2. contained in certain wireless packets in plaintext.

  3. contained in all wireless broadcast packets by default.

  4. no longer supported in 802.11 protocols.

Answer: B Explanation:

The SSID is still required for directing packets to and from the base station, so it can be discovered using a wireless packet sniffer.

Question No: 202 – (Topic 1)

An organization does not have adequate resources to administer its large infrastructure. A security administrator wishes to combine the security controls of some of the network devices in the organization. Which of the following methods would BEST accomplish this goal?

  1. Unified Threat Management

  2. Virtual Private Network

  3. Single sign on

  4. Role-based management

Answer: A Explanation:

When you combine a firewall with other abilities (intrusion prevention, antivirus, content filtering, etc.), what used to be called an all-in-one appliance is now known as a unified threat management (UTM) system. The advantages of combining everything into one include a reduced learning curve (you only have one product to learn), a single vendor to deal with, and-typically-reduced complexity.

Question No: 203 – (Topic 1)

A retail store uses a wireless network for its employees to access inventory from anywhere in the store. Due to concerns regarding the aging wireless network, the store manager has brought in a consultant to harden the network. During the site survey, the consultant discovers that the network was using WEP encryption. Which of the following would be the BEST course of action for the consultant to recommend?

  1. Replace the unidirectional antenna at the front of the store with an omni-directional antenna.

  2. Change the encryption used so that the encryption protocol is CCMP-based.

  3. Disable the network#39;s SSID and configure the router to only access store devices based on MAC addresses.

  4. Increase the access point#39;s encryption from WEP to WPA TKIP.

Answer: B

Explanation:

CCMP is the standard encryption protocol for use with the WPA2 standard and is much more secure than the WEP protocol and TKIP protocol of WPA. CCMP provides the following security services:

Data confidentiality; ensures only authorized parties can access the information Authentication; provides proof of genuineness of the user

Access control in conjunction with layer management

Incorrect Options:

A: The antenna type deals with signal strength and direction. It will not have a bearing on whether technology is older.

C: This option would “cloak” the network, not harden the network.

D: WPA2, which uses CCMP as its standard encryption protocol, more secure than WPA- TKIP.

Reference: http://en.wikipedia.org/wiki/CCMP

http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access

Stewart, James Michael, CompTIA Security Review Guide, Sybex, Indianapolis, 2014, pp. 61, 63

Topic 2, Compliance and Operational Security

Question No: 204 – (Topic 2)

A user in the company is in charge of various financial roles but needs to prepare for an upcoming audit. They use the same account to access each financial system. Which of the following security controls will MOST likely be implemented within the company?

  1. Account lockout policy

  2. Account password enforcement

  3. Password complexity enabled

  4. Separation of duties

Answer: D Explanation:

Separation of duties means that users are granted only the permissions they need to do their work and no more. More so it means that there is differentiation between users, employees and duties per se which form part of best practices.

Question No: 205 – (Topic 2)

Which of the following describes the purpose of an MOU?

  1. Define interoperability requirements

  2. Define data backup process

  3. Define onboard/offboard procedure

  4. Define responsibilities of each party

Answer: D Explanation:

MOU or Memorandum of Understanding is a document outlining which party is responsible for what portion of the work.

Question No: 206 – (Topic 2)

Requiring technicians to report spyware infections is a step in which of the following?

  1. Routine audits

  2. Change management

  3. Incident management

  4. Clean desk policy

Answer: C Explanation:

Incident management refers to the steps followed when events occur (making sure controls are in place to prevent unauthorized access to, and changes of, all IT assets).

Question No: 207 – (Topic 2)

The helpdesk reports increased calls from clients reporting spikes in malware infections on their systems. Which of the following phases of incident response is MOST appropriate as a FIRST response?

  1. Recovery

  2. Follow-up

  3. Validation

  4. Identification

  5. Eradication

  6. Containment

Answer: D Explanation:

To be able to respond to the incident of malware infection you need to know what type of malware was used since there are many types of malware around. This makes identification critical in this case.

Question No: 208 – (Topic 2)

Which of the following concepts defines the requirement for data availability?

  1. Authentication to RADIUS

  2. Non-repudiation of email messages

  3. Disaster recovery planning

  4. Encryption of email messages

Answer: C Explanation:

A disaster-recovery plan, or scheme, helps an organization respond effectively when a disaster occurs. Disasters may include system failure, network failure, infrastructure failure, and natural disaster. The primary emphasis of such a plan is reestablishing services and minimizing losses.

Question No: 209 – (Topic 2)

Pete, an IT Administrator, needs to secure his server room. Which of the following mitigation methods would provide the MOST physical protection?

  1. Sign in and sign out logs

  2. Mantrap

  3. Video surveillance

  4. HVAC

Answer: B Explanation:

Mantraps are designed to contain an unauthorized, potentially hostile person/individual physically until authorities arrive. Mantraps are typically manufactured with bulletproof glass, high-strength doors, and locks and to allow the minimal amount of individuals depending on its size. Some mantraps even include scales that will weigh the person. The doors are designed in such a way as to open only when the mantrap is occupied or empty and not in-between. This means that the backdoor must first close before the front door will open. Mantraps are in most cases also combined with guards. This is the most physical protection any one measure will provide.

Question No: 210 – (Topic 2)

A recent intrusion has resulted in the need to perform incident response procedures. The incident response team has identified audit logs throughout the network and organizational systems which hold details of the security breach. Prior to this incident, a security consultant informed the company that they needed to implement an NTP server on the network. Which of the following is a problem that the incident response team will likely encounter during their assessment?

  1. Chain of custody

  2. Tracking man hours

  3. Record time offset

  4. Capture video traffic

Answer: C Explanation:

It is quite common for workstation as well as server times to be off slightly from actual time. Since a forensic investigation is usually dependent on a step-by-step account of what has happened, being able to follow events in the correct time sequence is critical. Because of this, it is imperative to record the time offset on each affected machine during the investigation. One method of assisting with this is to add an entry to a log file and note the time that this was done and the time associated with it on the system. There is no mention that this was done by the incident response team.

100% Ensurepass Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Ensurepass Free Guaranteed!
Download 2018 EnsurePass SY0-401 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Comments are closed.