[Free] 2018(June) Dumps4cert CompTIA SY0-401 Dumps with VCE and PDF Download 111-120

Posted on by

Dumps4cert.com : Latest Dumps with PDF and VCE Files
2018 May CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!

CompTIA Security Certification

Question No: 111 – (Topic 1)

A network administrator has been tasked with securing the WLAN. Which of the following cryptographic products would be used to provide the MOST secure environment for the WLAN?

  1. WPA2 CCMP

  2. WPA

  3. WPA with MAC filtering

  4. WPA2 TKIP

Answer: A Explanation:

CCMP is the standard encryption protocol for use with the WPA2 standard and is much more secure than the WEP protocol and TKIP protocol of WPA. CCMP provides the following security services:

Data confidentiality; ensures only authorized parties can access the information Authentication; provides proof of genuineness of the user

Access control in conjunction with layer management

Because CCMP is a block cipher mode using a 128-bit key, it is secure against attacks to the 264 steps of operation.

Question No: 112 – (Topic 1)

Which of the following offerings typically allows the customer to apply operating system patches?

  1. Software as a service

  2. Public Clouds

  3. Cloud Based Storage

  4. Infrastructure as a service

Answer: D Explanation:

Cloud users install operating-system images and their application software on the cloud infrastructure to deploy their applications. In this model, the cloud user patches and maintains the operating systems and the application software.

Question No: 113 – (Topic 1)

A security team has identified that the wireless signal is broadcasting into the parking lot. To reduce the risk of an attack against the wireless network from the parking lot, which of the following controls should be used? (Select TWO).

  1. Antenna placement

  2. Interference

  3. Use WEP

  4. Single Sign on

  5. Disable the SSID

  6. Power levels

Answer: A,F Explanation:

Placing the antenna in the correct position is crucial. You can then adjust the power levels to exclude the parking lot.

Question No: 114 – (Topic 1)

In intrusion detection system vernacular, which account is responsible for setting the security policy for an organization?

  1. Supervisor

  2. Administrator

  3. Root

  4. Director

Answer: B Explanation:

The administrator is the person responsible for setting the security policy for an organization and is responsible for making decisions about the deployment and configuration of the IDS.

Question No: 115 – (Topic 1)

An administrator needs to connect a router in one building to a router in another using Ethernet. Each router is connected to a managed switch and the switches are connected to each other via a fiber line. Which of the following should be configured to prevent unauthorized devices from connecting to the network?

  1. Configure each port on the switches to use the same VLAN other than the default one

  2. Enable VTP on both switches and set to the same domain

  3. Configure only one of the routers to run DHCP services

  4. Implement port security on the switches

Answer: D Explanation:

Port security in IT can mean several things:

The physical control of all connection points, such as RJ-45 wall jacks or device ports, so that no unauthorized users or unauthorized devices can attempt to connect into an open port.

The management of TCP and User Datagram Protocol (UDP) ports. If a service is active and assigned to a port, then that port is open. All the other 65,535 ports (of TCP or UDP) are closed if a service isn’t actively using them.

Port knocking is a security system in which all ports on a system appear closed. However, if the client sends packets to a specific set of ports in a certain order, a bit like a secret knock, then the desired service port becomes open and allows the client software to connect to the service.

Question No: 116 – (Topic 1)

Matt, an administrator, notices a flood fragmented packet and retransmits from an email server.

After disabling the TCP offload setting on the NIC, Matt sees normal traffic with packets flowing in sequence again. Which of the following utilities was he MOST likely using to view this issue?

  1. Spam filter

  2. Protocol analyzer

  3. Web application firewall

  4. Load balancer

Answer: B Explanation:

A protocol analyzer is a tool used to examine the contents of network traffic. Commonly known as a sniffer, a protocol analyzer can be a dedicated hardware device or software installed onto a typical host system. In either case, a protocol analyzer is first a packet capturing tool that can collect network traffic and store it in memory or onto a storage device. Once a packet is captured, it can be analyzed either with complex automated tools and scripts or manually.

Question No: 117 – (Topic 1)

Which of the following should be performed to increase the availability of IP telephony by prioritizing traffic?

  1. Subnetting

  2. NAT

  3. Quality of service

  4. NAC

Answer: C Explanation:

Quality of Service (QoS) facilitates the deployment of media-rich applications, such as

video conferencing and Internet Protocol (IP) telephony, without adversely affecting network throughput.

Question No: 118 – (Topic 1)

A network administrator needs to provide daily network usage reports on all layer 3 devices without compromising any data while gathering the information. Which of the following would be configured to provide these reports?

  1. SNMP

  2. SNMPv3

  3. ICMP

  4. SSH

Answer: B Explanation:

Currently, SNMP is predominantly used for monitoring and performance management. SNMPv3 defines a secure version of SNMP and also facilitates remote configuration of the SNMP entities.

Question No: 119 – (Topic 1)

While securing a network it is decided to allow active FTP connections into the network. Which of the following ports MUST be configured to allow active FTP connections? (Select TWO).

  1. 20

  2. 21

  3. 22

  4. 68

  5. 69

Answer: A,B Explanation:

FTP (File Transfer Protocol) makes use of ports 20 and 21

Question No: 120 – (Topic 1)

An achievement in providing worldwide Internet security was the signing of certificates associated with which of the following protocols?

  1. TCP/IP

  2. SSL

  3. SCP

  4. SSH

Answer: B Explanation:

SSL (Secure Sockets Layer) is used for establishing an encrypted link between two computers, typically a web server and a browser. SSL is used to enable sensitive information such as login credentials and credit card numbers to be transmitted securely.

100% Dumps4cert Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Dumps4cert Pass Guaranteed!
SY0-401 Dumps

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Comments are closed.