2018 Jan CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!

CompTIA Security Certification

Question No: 351 – (Topic 2)

Computer evidence at a crime is preserved by making an exact copy of the hard disk. Which of the following does this illustrate?

  1. Taking screenshots

  2. System image capture

  3. Chain of custody

  4. Order of volatility

Answer: B Explanation:

A system image would be a snapshot of what exists at the moment. Thus capturing an image of the operating system in its exploited state can be helpful in revisiting the issue after the fact to learn more about it.

Question No: 352 – (Topic 2)

Which of the following is the MOST specific plan for various problems that can arise within a system?

  1. Business Continuity Plan

  2. Continuity of Operation Plan

  3. Disaster Recovery Plan

  4. IT Contingency Plan

Answer: D Explanation:

An IT contingency plan would focus on the IT aspect in particular to ensure business continuity.

Question No: 353 – (Topic 2)

A security administrator plans on replacing a critical business application in five years. Recently, there was a security flaw discovered in the application that will cause the IT department to manually re-enable user accounts each month at a cost of $2,000. Patching the application today would cost $140,000 and take two months to implement. Which of the following should the security administrator do in regards to the application?

  1. Avoid the risk to the user base allowing them to re-enable their own accounts

  2. Mitigate the risk by patching the application to increase security and saving money

  3. Transfer the risk replacing the application now instead of in five years

  4. Accept the risk and continue to enable the accounts each month saving money

Answer: D Explanation:

This is a risk acceptance measure that has to be implemented since the cost of patching would be too high compared to the cost to keep the system going as is. Risk acceptance is often the choice you must make when the cost of implementing any of the other four choices (i.e. risk deterrence, mitigation, transference or avoidance) exceeds the value of the harm that would occur if the risk came to fruition.

Question No: 354 – (Topic 2)

Two members of the finance department have access to sensitive information. The company is concerned they may work together to steal information. Which of the following controls could be implemented to discover if they are working together?

  1. Least privilege access

  2. Separation of duties

  3. Mandatory access control

  4. Mandatory vacations

Answer: D Explanation:

A mandatory vacation policy requires all users to take time away from work to refresh. Mandatory vacation give the employee a chance to refresh, but it also gives the company a

chance to make sure that others can fill in any gaps in skills and satisfies the need to have replication or duplication at all levels. Mandatory vacations also provide an opportunity to discover fraud. In this case mandatory vacations can prevent the two members from colluding to steal the information that they have access to.

Question No: 355 – (Topic 2)

A forensic analyst is reviewing electronic evidence after a robbery. Security cameras installed at the site were facing the wrong direction to capture the incident. The analyst ensures the cameras are turned to face the proper direction. Which of the following types of controls is being used?

  1. Detective

  2. Deterrent

  3. Corrective

  4. Preventive

Answer: C Explanation:

A corrective control would be any corrective action taken to correct any existing control that were faulty or wrongly installed – as in this case the cameras were already there, it just had to be adjusted to perform its function as intended.

Question No: 356 – (Topic 2)

Joe, the system administrator, is performing an overnight system refresh of hundreds of user computers. The refresh has a strict timeframe and must have zero downtime during business hours. Which of the following should Joe take into consideration?

  1. A disk-based image of every computer as they are being replaced.

  2. A plan that skips every other replaced computer to limit the area of affected users.

  3. An offsite contingency server farm that can act as a warm site should any issues appear.

  4. A back-out strategy planned out anticipating any unforeseen problems that may arise.

Answer: D


A backout is a reversion from a change that had negative consequences. It could be, for example, that everything was working fine until you installed a service pack on a production machine, and then services that were normally available were no longer accessible. The backout, in this instance, would revert the system to the state that it was in before the service pack was applied.

Backout plans can include uninstalling service packs, hotfixes, and patches, but they can also include reversing a migration and using previous firmware. A key component to creating such a plan is identifying what events will trigger your implementing the backout.

Question No: 357 – (Topic 2)

A company replaces a number of devices with a mobile appliance, combining several functions.

Which of the following descriptions fits this new implementation? (Select TWO).

  1. Cloud computing

  2. Virtualization

  3. All-in-one device

  4. Load balancing

  5. Single point of failure

Answer: C,E Explanation:

The disadvantages of combining everything into one include a potential single point of failure, and the dependence on the one vendor. The all -in-one device represents a single point of failure risk being taken on.

Question No: 358 – (Topic 2)

Elastic cloud computing environments often reuse the same physical hardware for multiple customers over time as virtual machines are instantiated and deleted. This has important implications for which of the following data security concerns?

  1. Hardware integrity

  2. Data confidentiality

  3. Availability of servers

  4. Integrity of data

Answer: B Explanation:

Data that is not kept separate or segregated will impact on that data’s confidentiality maybe being compromised. Be aware of the fact that your data is only as safe as the data with which it is integrated. For example, assume that your client database is hosted on a server that another company is also using to test an application that they are creating. If their application obtains root-level access at some point (such as to change passwords) and crashes at that point, then the user running the application could be left with root permissions and conceivably be to access data on the server for which they are not authorized, such as your client database. Data segregation is crucial; keep your data on secure servers.

Question No: 359 – (Topic 2)

A software firm posts patches and updates to a publicly accessible FTP site. The software firm also posts digitally signed checksums of all patches and updates. The firm does this to address:

  1. Integrity of downloaded software.

  2. Availability of the FTP site.

  3. Confidentiality of downloaded software.

  4. Integrity of the server logs.

Answer: A Explanation:

Digital Signatures is used to validate the integrity of the message and the sender. In this case the software firm that posted the patches and updates digitally signed the checksums of all patches and updates.

Question No: 360 – (Topic 2)

A major security risk with co-mingling of hosts with different security requirements is:

  1. Security policy violations.

  2. Zombie attacks.

  3. Password compromises.

  4. Privilege creep.

Answer: A Explanation:

The entire network is only as strong as the weakest host. Thus with the co-mingling of hosts with different security requirements would be risking security policy violations.

100% Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Pass Guaranteed!
Download 2018 EnsurePass SY0-401 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2018 EnsurePass IT Certification PDF and VCE

Comments are closed.