Dumps4cert.com : Latest Dumps with PDF and VCE Files
2018 May CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!
CompTIA Security Certification
Question No: 111 – (Topic 1)
A network administrator has been tasked with securing the WLAN. Which of the following cryptographic products would be used to provide the MOST secure environment for the WLAN?
-
WPA2 CCMP
-
WPA
-
WPA with MAC filtering
-
WPA2 TKIP
Answer: A Explanation:
CCMP is the standard encryption protocol for use with the WPA2 standard and is much more secure than the WEP protocol and TKIP protocol of WPA. CCMP provides the following security services:
Data confidentiality; ensures only authorized parties can access the information Authentication; provides proof of genuineness of the user
Access control in conjunction with layer management
Because CCMP is a block cipher mode using a 128-bit key, it is secure against attacks to the 264 steps of operation.
Question No: 112 – (Topic 1)
Which of the following offerings typically allows the customer to apply operating system patches?
-
Software as a service
-
Public Clouds
-
Cloud Based Storage
-
Infrastructure as a service
Answer: D Explanation:
Cloud users install operating-system images and their application software on the cloud infrastructure to deploy their applications. In this model, the cloud user patches and maintains the operating systems and the application software.
Question No: 113 – (Topic 1)
A security team has identified that the wireless signal is broadcasting into the parking lot. To reduce the risk of an attack against the wireless network from the parking lot, which of the following controls should be used? (Select TWO).
-
Antenna placement
-
Interference
-
Use WEP
-
Single Sign on
-
Disable the SSID
-
Power levels
Answer: A,F Explanation:
Placing the antenna in the correct position is crucial. You can then adjust the power levels to exclude the parking lot.
Question No: 114 – (Topic 1)
In intrusion detection system vernacular, which account is responsible for setting the security policy for an organization?
-
Supervisor
-
Administrator
-
Root
-
Director
Answer: B Explanation:
The administrator is the person responsible for setting the security policy for an organization and is responsible for making decisions about the deployment and configuration of the IDS.
Question No: 115 – (Topic 1)
An administrator needs to connect a router in one building to a router in another using Ethernet. Each router is connected to a managed switch and the switches are connected to each other via a fiber line. Which of the following should be configured to prevent unauthorized devices from connecting to the network?
-
Configure each port on the switches to use the same VLAN other than the default one
-
Enable VTP on both switches and set to the same domain
-
Configure only one of the routers to run DHCP services
-
Implement port security on the switches
Answer: D Explanation:
Port security in IT can mean several things:
The physical control of all connection points, such as RJ-45 wall jacks or device ports, so that no unauthorized users or unauthorized devices can attempt to connect into an open port.
The management of TCP and User Datagram Protocol (UDP) ports. If a service is active and assigned to a port, then that port is open. All the other 65,535 ports (of TCP or UDP) are closed if a service isn’t actively using them.
Port knocking is a security system in which all ports on a system appear closed. However, if the client sends packets to a specific set of ports in a certain order, a bit like a secret knock, then the desired service port becomes open and allows the client software to connect to the service.
Question No: 116 – (Topic 1)
Matt, an administrator, notices a flood fragmented packet and retransmits from an email server.
After disabling the TCP offload setting on the NIC, Matt sees normal traffic with packets flowing in sequence again. Which of the following utilities was he MOST likely using to view this issue?
-
Spam filter
-
Protocol analyzer
-
Web application firewall
-
Load balancer
Answer: B Explanation:
A protocol analyzer is a tool used to examine the contents of network traffic. Commonly known as a sniffer, a protocol analyzer can be a dedicated hardware device or software installed onto a typical host system. In either case, a protocol analyzer is first a packet capturing tool that can collect network traffic and store it in memory or onto a storage device. Once a packet is captured, it can be analyzed either with complex automated tools and scripts or manually.
Question No: 117 – (Topic 1)
Which of the following should be performed to increase the availability of IP telephony by prioritizing traffic?
-
Subnetting
-
NAT
-
Quality of service
-
NAC
Answer: C Explanation:
Quality of Service (QoS) facilitates the deployment of media-rich applications, such as
video conferencing and Internet Protocol (IP) telephony, without adversely affecting network throughput.
Question No: 118 – (Topic 1)
A network administrator needs to provide daily network usage reports on all layer 3 devices without compromising any data while gathering the information. Which of the following would be configured to provide these reports?
-
SNMP
-
SNMPv3
-
ICMP
-
SSH
Answer: B Explanation:
Currently, SNMP is predominantly used for monitoring and performance management. SNMPv3 defines a secure version of SNMP and also facilitates remote configuration of the SNMP entities.
Question No: 119 – (Topic 1)
While securing a network it is decided to allow active FTP connections into the network. Which of the following ports MUST be configured to allow active FTP connections? (Select TWO).
-
20
-
21
-
22
-
68
-
69
Answer: A,B Explanation:
FTP (File Transfer Protocol) makes use of ports 20 and 21
Question No: 120 – (Topic 1)
An achievement in providing worldwide Internet security was the signing of certificates associated with which of the following protocols?
-
TCP/IP
-
SSL
-
SCP
-
SSH
Answer: B Explanation:
SSL (Secure Sockets Layer) is used for establishing an encrypted link between two computers, typically a web server and a browser. SSL is used to enable sensitive information such as login credentials and credit card numbers to be transmitted securely.
100% Dumps4cert Free Download!
–Download Free Demo:SY0-401 Demo PDF
100% Dumps4cert Pass Guaranteed!
–SY0-401 Dumps
Dumps4cert | ExamCollection | Testking | |
---|---|---|---|
Lowest Price Guarantee | Yes | No | No |
Up-to-Dated | Yes | No | No |
Real Questions | Yes | No | No |
Explanation | Yes | No | No |
PDF VCE | Yes | No | No |
Free VCE Simulator | Yes | No | No |
Instant Download | Yes | No | No |