Ensurepass

QUESTION 961

After a new firewall has been installed, devices cannot obtain a new IP address. Which of the following ports should Matt, the security administrator, open on the firewall?

 

A.

25

B.

68

C.

80

D.

443

 

Correct Answer: B

 

 

QUESTION 962

A system administrator has noticed that users change their password many times to cycle back t
o the original password when their passwords expire. Which of the following would BEST prevent this behavior?

 

A.

Assign users passwords based upon job role.

B.

Enforce a minimum password age policy.

C.

Prevent users from choosing their own passwords.

D.

Increase the password expiration time frame.

 

Correct Answer: B

 

 

QUESTION 963

The systems administrator notices that many employees are using passwords that can be easily guessed or are susceptible to brute force attacks. Which of the following would BEST mitigate this risk?

 

A.

Enforce password rules requiring complexity.

B.

Shorten the maximum life of account passwords.

C.

Increase the minimum password length.

D.

Enforce account lockout policies.

 

Correct Answer: A

 

 

 

 

QUESTION 964

Pete, a security analyst, has been tasked with explaining the different types of malware to his colleagues. The two malware types that the group seems to be most interested in are botnets and viruses. Which of the following explains the difference between these two types of malware?

 

A.

Viruses are a subset of botnets which are used as part of SYN attacks.

B.

Botnets are a subset of malware which are used as part of DDoS attacks.

C.

Viruses are a class of malware which create hidden openings within an OS.

D.

Botnets are used within DR to ensure network uptime and viruses are not.

 

Correct Answer: B

 

 

QUESTION 965

A security analyst implemented group-based privileges within the company active directory. Which of the following account management techniques should be undertaken regularly to ensure least privilege principles?

 

A.

Leverage role-based access controls.

B.

Perform user group clean-up.

C.

Verify smart card access controls.

D.

Verify SHA-256 for password hashes.

 

Correct Answer: B

 

 

QUESTION 966

A technician has just installed a new firewall onto the network. Users are reporting that they cannot reach any website. Upon further investigation, the technician determines that websites can be reached by entering their IP addresses. Which of the following ports may have been closed to cause this issue?

 

A.

HTTP

B.

DHCP

C.

DNS

D.

NetBIOS

 

Correct Answer: C

 

 

QUESTION 967

The system administrator has been notified that many users are having difficulty connecting to the company’s wireless network. They take a new laptop and physically go to the access point and connect with no problems. Which of the following would be the MOST likely cause?

 

A.

The certificate used to authenticate users has been compromised and revoked.

B.

Multiple war drivers in the parking lot have exhausted all available IPs from the pool to deny access.

C.

An attacker has gained access to the access point and has changed the encryption keys.

D.

An unauthorized access point has been configured to operate on the same channel.

 

Correct Answer: D

 

QUESTION 968

The systems administrator wishes to implement a hardware-based encryption method that could also be used to sign code. They can achieve this by:

 

A.

Utilizing the already present TPM.

B.

Configuring secure application sandboxes.

C.

Enforcing whole disk encryption.

D.

Moving data and applications into the cloud.

 

Correct Answer: A

 

 

QUESTION 969

The Chief Information Security Officer (CISO) has mandated that all IT systems with credit card data be segregated from the main corporate network to prevent unauthorized access and that access to the IT systems should be logged. Which of the following would BEST meet the CISO’s requirements?

 

A.

Sniffers

B.

NIDS

C.

Firewalls

D.

Web proxies

E.

Layer 2 switches

 

Correct Answer: C

 

 

QUESTION 970

One of the servers on the network stops responding due to lack of available memory. Server administrators did not have a clear definition of what action should have taken place based on the available memory. Which of the following would have BEST kept this incident from occurring?

 

A.

Set up a protocol analyzer

B.

Set up a performance baseline

C.

Review the systems monitor on a monthly basis

D.

Review the performance monitor on a monthly basis

 

Correct Answer: B

 

Free VCE & PDF File for CompTIA SY0-401 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.