Want to know Testking SY0-401 Exam practice test features? Want to lear more about CompTIA CompTIA Security+ Certification certification experience? Study Accurate CompTIA SY0-401 answers to Renewal SY0-401 questions at Testking. Gat a success with an absolute guarantee to pass CompTIA SY0-401 (CompTIA Security+ Certification) test on your first attempt.

2021 Dec SY0-401 free practice questions

Q471. Several departments within a company have a business need to send high volumes of confidential information to customers via email. Which of the following is the BEST solution to mitigate unintentional exposure of confidential information? 

A. Employ encryption on all outbound emails containing confidential information. 

B. Employ exact data matching and prevent inbound emails with Data Loss Prevention. 

C. Employ hashing on all outbound emails containing confidential information. 

D. Employ exact data matching and encrypt inbound e-mails with Data Loss Prevention. 

Answer:

Explanation: 

Encryption is used to ensure the confidentiality of information and in this case the outbound email that contains the confidential information should be encrypted. 


Q472. A security administrator needs to determine which system a particular user is trying to login to at various times of the day. Which of the following log types would the administrator check? 

A. Firewall 

B. Application 

C. IDS 

D. Security 

Answer:

Explanation: 

The security log records events such as valid and invalid logon attempts, as well as events related to resource use, such as the creating, opening, or deleting of files. For example, when logon auditing is enabled, an event is recorded in the security log each time a user attempts to log on to the computer. You must be logged on as Administrator or as a member of the Administrators group in order to turn on, use, and specify which events are recorded in the security log. 


Q473. Which of the following does full disk encryption prevent? 

A. Client side attacks 

B. Clear text access 

C. Database theft 

D. Network-based attacks 

Answer:

Explanation: 

Full-disk encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should the device be stolen. 


Q474. Sara, a security manager, has decided to force expiration of all company passwords by the close of business day. Which of the following BEST supports this reasoning? 

A. A recent security breach in which passwords were cracked. 

B. Implementation of configuration management processes. 

C. Enforcement of password complexity requirements. 

D. Implementation of account lockout procedures. 

Answer:

Explanation: 

A password only needs to be changed if it doesn’t meet the compliance requirements of the company’s password policy, or is evidently insecure. It will also need to be changed if it has been reused, or due to possible compromise as a result of a system intrusion. 


Q475. Which of the following types of logs could provide clues that someone has been attempting to compromise the SQL Server database? 

A. Event 

B. SQL_LOG 

C. Security 

D. Access 

Answer:

Explanation: 

Event logs include Application logs, such as those where SQL Server would write entries. This is where you would see logs with details of someone trying to access a SQL database. 


Most recent SY0-401 exam:

Q476. Which of the following is an example of multifactor authentication? 

A. Credit card and PIN 

B. Username and password 

C. Password and PIN 

D. Fingerprint and retina scan 

Answer:

Explanation: 

A credit card is a memory card that functions a type of two-factor authentication. The card is something you have, and its PIN is something you know. Multifactor authentication requires a user to provide two or more different types of authentication factors to prove their identity. 


Q477. Developers currently have access to update production servers without going through an approval process. Which of the following strategies would BEST mitigate this risk? 

A. Incident management 

B. Clean desk policy 

C. Routine audits 

D. Change management 

Answer:

Explanation: 

Change Management is a risk mitigation approach and refers to the structured approach that is followed to secure a company’s assets. This structured approach involves policies that should be in place and technological controls that should be enforced. 


Q478. A compromised workstation utilized in a Distributed Denial of Service (DDOS) attack has been removed from the network and an image of the hard drive has been created. However, the system administrator stated that the system was left unattended for several hours before the image was created. In the event of a court case, which of the following is likely to be an issue with this incident? 

A. Eye Witness 

B. Data Analysis of the hard drive 

C. Chain of custody 

D. Expert Witness 

Answer:

Explanation: 

Chain of custody deals with how evidence is secured, where it is stored, and who has access to it. When you begin to collect evidence, you must keep track of that evidence at all times and show who has it, who has seen it, and where it has been. The evidence must always be within your custody, or you’re open to dispute about possible evidence tampering. 


Q479. Ann has recently transferred from the payroll department to engineering. While browsing file shares, Ann notices she can access the payroll status and pay rates of her new coworkers. Which of the following could prevent this scenario from occurring? 

A. Credential management 

B. Continuous monitoring 

C. Separation of duties 

D. User access reviews 

Answer:

Explanation: 


Q480. The server administrator has noted that most servers have a lot of free disk space and low memory utilization. Which of the following statements will be correct if the server administrator migrates to a virtual server environment? 

A. The administrator will need to deploy load balancing and clustering. 

B. The administrator may spend more on licensing but less on hardware and equipment. 

C. The administrator will not be able to add a test virtual environment in the data center. 

D. Servers will encounter latency and lowered throughput issues. 

Answer:

Explanation: 

Migrating to a virtual server environment reduces cost by eliminating the need to purchase, manage, maintain and power physical machines. The fewer physical machines you have, the less money it costs.