High-quality CompTIA SY0-401 exam questions with correct answers verified by Exambible This experts who care about your success involving CompTIA SY0-401 exam. Our CompTIA SY0-401 practice questions are usually constantly revised and also updated by Exambible professionals. Many of us supervise your review status and also progress of CompTIA SY0-401 exam; and also make alterations and changes accordingly. The up-to-date CompTIA CompTIA SY0-401 exam questions and also answers keep free for 120 days.

2021 Jan SY0-401 exam prep

Q461. Physical documents must be incinerated after a set retention period is reached. Which of the following attacks does this action remediate? 

A. Shoulder Surfing 

B. Dumpster Diving 

C. Phishing 

D. Impersonation 

Answer:

Explanation: 

Incinerating documents (or shredding documents) instead of throwing them into a bin will prevent people being able to read the documents to view sensitive information. Dumpster diving is looking for treasure in someone else's trash. (A dumpster is a large trash container.) In the world of information technology, dumpster diving is a technique used to retrieve information that could be used to carry out an attack on a computer network. Dumpster diving isn't limited to searching through the trash for obvious treasures like access codes or passwords written down on sticky notes. Seemingly innocent information like a phone list, calendar, or organizational chart can be used to assist an attacker using social engineering techniques to gain access to the network. To prevent dumpster divers from learning anything valuable from your trash, experts recommend that your company establish a disposal policy where all paper, including print-outs, is shredded in a cross-cut shredder before being recycled, all storage media is erased, and all staff is educated about the danger of untracked trash. 


Q462. A security engineer is given new application extensions each month that need to be secured prior to implementation. They do not want the new extensions to invalidate or interfere with existing application security. Additionally, the engineer wants to ensure that the new requirements are approved by the appropriate personnel. Which of the following should be in place to meet these two goals? (Select TWO). 

A. Patch Audit Policy 

B. Change Control Policy 

C. Incident Management Policy 

D. Regression Testing Policy 

E. Escalation Policy 

F. Application Audit Policy 

Answer: B,D 

Explanation: 

A backout (regression testing) is a reversion from a change that had negative consequences. It could be, for example, that everything was working fi ne until you installed a service pack on a production machine, and then services that were normally available were no longer accessible. The backout, in this instance, would revert the system to the state that it was in before the service pack was applied. Backout plans can include uninstalling service packs, hotfi xes, and patches, but they can also include reversing a migration and using previous firmware. A key component to creating such a plan is identifying what events will trigger your implementing the backout. A change control policy refers to the structured approach that is followed to secure a company’s assets in the event of changes occurring. 


Q463. Visitors entering a building are required to close the back door before the front door of the same entry room is open. Which of the following is being described? 

A. Tailgating 

B. Fencing 

C. Screening 

D. Mantrap 

Answer:

Explanation: 

Mantraps are designed to contain an unauthorized, potentially hostile person/individual physically until authorities arrive. Mantraps are typically manufactured with bulletproof glass, high-strength doors, and locks and to allow the minimal amount of individuals depending on its size. Some mantraps even include scales that will weigh the person. The doors are designed in such a way as to open only when the mantrap is occupied or empty and not in-between. This means that the backdoor must first close before the front door will open; exactly what is required in this scenario. 


Q464. A security analyst performs the following activities: monitors security logs, installs surveillance cameras and analyzes trend reports. Which of the following job responsibilities is the analyst performing? (Select TWO). 

A. Detect security incidents 

B. Reduce attack surface of systems 

C. Implement monitoring controls 

D. Hardening network devices 

E. Prevent unauthorized access 

Answer: A,C 

Explanation: 

By monitoring security logs, installing security cameras and analyzing trend reports, the security analyst is implementing monitoring controls. With the monitoring controls in place, by monitoring the security logs, reviewing the footage from the security cameras and analyzing trend reports, the security analyst is able to detect security incidents. 


Q465. Users report that they are unable to access network printing services. The security technician checks the router access list and sees that web, email, and secure shell are allowed. Which of the following is blocking network printing? 

A. Port security 

B. Flood guards 

C. Loop protection 

D. Implicit deny 

Answer:

Explanation: 

Implicit deny says that if you aren’t explicitly granted access or privileges for a resource, you’re denied access by default. The scenario does not state that network printing is allowed in the router access list, therefore, it must be denied by default. 


Most recent SY0-401 free practice test:

Q466. A security administrator is notified that users attached to a particular switch are having intermittent connectivity issues. Upon further research, the administrator finds evidence of an ARP spoofing attack. Which of the following could be utilized to provide protection from this type of attack? 

A. Configure MAC filtering on the switch. 

B. Configure loop protection on the switch. 

C. Configure flood guards on the switch. 

D. Configure 802.1x authentication on the switch. 

Answer:

Explanation: 


Q467. Configuring the mode, encryption methods, and security associations are part of which of the following? 

A. IPSec 

B. Full disk encryption 

C. 802.1x 

D. PKI 

Answer:

Explanation: 

IPSec can operate in tunnel mode or transport mode. It uses symmetric cryptography to provide encryption security. Furthermore, it makes use of Internet Security Association and Key Management Protocol (ISAKMP). 


Q468. Which of the following would a security administrator implement in order to identify a problem between two systems that are not communicating properly? 

A. Protocol analyzer 

B. Baseline report 

C. Risk assessment 

D. Vulnerability scan 

Answer:

Explanation: 

A Protocol Analyzer is a hardware device or more commonly a software program used to capture 

network data communications sent between devices on a network. Capturing and analyzing the 

packets sent from two systems that are not communicating properly could help determine the 

cause of the issue. 

Well known software protocol analyzers include Message Analyzer (formerly Network Monitor) 

from Microsoft and Wireshark (formerly Ethereal). 


Q469. Users are unable to connect to the web server at IP 192.168.0.20. Which of the following can be inferred of a firewall that is configured ONLY with the following ACL? 

PERMIT TCP ANY HOST 192.168.0.10 EQ 80 

PERMIT TCP ANY HOST 192.168.0.10 EQ 443 

A. It implements stateful packet filtering. 

B. It implements bottom-up processing. 

C. It failed closed. 

D. It implements an implicit deny. 

Answer:

Explanation: 

Implicit deny is the default security stance that says if you aren’t specifically granted access or privileges for a resource, you’re denied access by default. Implicit deny is the default response when an explicit allow or deny isn’t present. 


Q470. The concept of rendering data passing between two points over an IP based network impervious to all but the most sophisticated advanced persistent threats is BEST categorized as which of the following? 

A. Stream ciphers 

B. Transport encryption 

C. Key escrow 

D. Block ciphers 

Answer:

Explanation: 

Transport encryption is the process of encrypting data ready to be transmitted over an insecure network. A common example of this would be online banking or online purchases where sensitive information such as account numbers or credit card numbers is transmitted. 

Transport Layer Security (TLS) is a protocol that ensures privacy between communicating applications and their users on the Internet. When a server and client communicate, TLS ensures that no third party may eavesdrop or tamper with any message. TLS is the successor to the Secure Sockets Layer (SSL).