Ucertify Exam Engine Capabilities: 1. CompTIA CompTIA SY0-401 exam features questions and answers within details. A couple of. Take a CompTIA prep test before you buy the idea. 3. Promptly update the actual CompTIA SY0-401 exam dump. 4. Nearly 100% guarantee towards the CompTIA exam questions and answers. A few. The CompTIA certification stimulation exam is analogous to the actual CompTIA exam.

2021 Dec SY0-401 practice

Q251. A small company can only afford to buy an all-in-one wireless router/switch. The company has 3 wireless BYOD users and 2 web servers without wireless access. Which of the following should the company configure to protect the servers from the user devices? (Select TWO). 

A. Deny incoming connections to the outside router interface. 

B. Change the default HTTP port 

C. Implement EAP-TLS to establish mutual authentication 

D. Disable the physical switch ports 

E. Create a server VLAN 

F. Create an ACL to access the server 

Answer: E,F 

Explanation: 

We can protect the servers from the user devices by separating them into separate VLANs (virtual local area networks). 

The network device in the question is a router/switch. We can use the router to allow access from devices in one VLAN to the servers in the other VLAN. We can configure an ACL (Access Control List) on the router to determine who is able to access the server. 

In computer networking, a single layer-2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them via one or more routers; such a domain is referred to as a virtual local area network, virtual LAN or VLAN. This is usually achieved on switch or router devices. Simpler devices only support partitioning on a port level (if at all), so sharing VLANs across devices requires running dedicated cabling for each VLAN. More sophisticated devices can mark packets through tagging, so that a single interconnect (trunk) may be used to transport data for multiple VLANs. Grouping hosts with a common set of requirements regardless of their physical location by VLAN can greatly simplify network design. A VLAN has the same attributes as a physical local area network (LAN), but it allows for end stations to be grouped together more easily even if they are not on the same network switch. The network described in this question is a DMZ, not a VLAN. 


Q252. Which of the following would Pete, a security administrator, do to limit a wireless signal from penetrating the exterior walls? 

A. Implement TKIP encryption 

B. Consider antenna placement 

C. Disable the SSID broadcast 

D. Disable WPA 

Answer:

Explanation: Cinderblock walls, metal cabinets, and other barriers can reduce signal strength significantly. Therefore, antenna placement is critical. 


Q253. The Chief Information Officer (CIO) wants to implement a redundant server location to which the production server images can be moved within 48 hours and services can be quickly restored, in case of a catastrophic failure of the primary datacenter’s HVAC. Which of the following can be implemented? 

A. Cold site 

B. Load balancing 

C. Warm site 

D. Hot site 

Answer:

Explanation: 

Warm sites provide computer systems and compatible media capabilities. If a warm site is used, administrators and other staff will need to install and configure systems to resume operations. For most organizations, a warm site could be a remote office, a leased facility, or another organization with which yours has a reciprocal agreement. 


Q254. Which of the following should Matt, a security administrator, include when encrypting smartphones? (Select TWO). 

A. Steganography images 

B. Internal memory 

C. Master boot records 

D. Removable memory cards 

E. Public keys 

Answer: B,D 

Explanation: 

All useable data on the device should be encrypted. This data can be located on the hard drive, or removable drives, such as USB devices and memory cards, and on internal memory. 


Q255. In intrusion detection system vernacular, which account is responsible for setting the security policy for an organization? 

A. Supervisor 

B. Administrator 

C. Root 

D. Director 

Answer:

Explanation: 

The administrator is the person responsible for setting the security policy for an organization and is responsible for making decisions about the deployment and configuration of the IDS. 


Renew SY0-401 exam:

Q256. Joe, a user, wants to protect sensitive information stored on his hard drive. He uses a program that encrypted the whole hard drive. Once the hard drive is fully encrypted, he uses the same program to create a hidden volume within the encrypted hard drive and stores the sensitive information within the hidden volume. This is an example of which of the following? (Select TWO). 

A. Multi-pass encryption 

B. Transport encryption 

C. Plausible deniability 

D. Steganography 

E. Transitive encryption 

F. Trust models 

Answer: C,D 

Explanation: 


Q257. A vulnerability scan is reporting that patches are missing on a server. After a review, it is determined that the application requiring the patch does not exist on the operating system. 

Which of the following describes this cause? 

A. Application hardening 

B. False positive 

C. Baseline code review 

D. False negative 

Answer:

Explanation: 

False positives are essentially events that are mistakenly flagged and are not really events to be concerned about. 


Q258. Which of the following should be enabled in a laptop’s BIOS prior to full disk encryption? 

A. USB 

B. HSM 

C. RAID 

D. TPM 

Answer:

Explanation: 

Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores cryptographic keys, passwords, or certificates. 


Q259. The data security manager is notified that a client will be sending encrypted information on optical discs for import into the company database. Once imported, the information is backed up and the discs are no longer needed. Following the import, which of the following is the BEST action for the manager to take? 

A. Wipe the discs and place into inventory for future use 

B. Send the discs back to the client 

C. Contract with a third party to shred the discs 

D. Instruct employees to store the discs in a secure area 

Answer:

Explanation: 


Q260. After Matt, a user enters his username and password at the login screen of a web enabled portal, the following appears on his screen: 

`Please only use letters and numbers on these fields’ 

Which of the following is this an example of? 

A. Proper error handling 

B. Proper input validation 

C. Improper input validation 

D. Improper error handling 

Answer:

Explanation: 

Input validation is an aspect of secure coding and is intended to mitigate against possible user input attacks, such as buffer overflows and fuzzing. Input validation checks every user input submitted to the application before processing that input. The check could be a length, a character type, a language type, or a domain.