CompTIA qualifications, that has largest importance there employment market, could protect against "pirate talent" using its high priced charge and also rigid enrolling technique, particularly the lessons designed for perform, support the trainees to understand something should have had and also hold this is first "solid characteristic." This strictness regarding CompTIA qualifications is usually world-famous and also all those who have purchased any official document obtained gotten about 3-4 times exercising. These days, you can find continue to zero any history any particular one whos approved any qualifications examine just is usually qualified at least.
2021 Jan SY0-401 exam
Q341. A security administrator implements access controls based on the security classification of the data and need-to-know information. Which of the following BEST describes this level of access control?
A. Implicit deny
B. Role-based Access Control
C. Mandatory Access Controls
D. Least privilege
Answer: C
Explanation:
Mandatory Access Control allows access to be granted or restricted based on the rules of classification. MAC also includes the use of need to know. Need to know is a security restriction where some objects are restricted unless the subject has a need to know them.
Q342. An organization has three divisions: Accounting, Sales, and Human Resources. Users in the Accounting division require access to a server in the Sales division, but no users in the Human Resources division should have access to resources in any other division, nor should any users in the Sales division have access to resources in the Accounting division. Which of the following network segmentation schemas would BEST meet this objective?
A. Create two VLANS, one for Accounting and Sales, and one for Human Resources.
B. Create one VLAN for the entire organization.
C. Create two VLANs, one for Sales and Human Resources, and one for Accounting.
D. Create three separate VLANS, one for each division.
Answer: D
Explanation:
Q343. An email client says a digital signature is invalid and the sender cannot be verified. The recipient is concerned with which of the following concepts?
A. Integrity
B. Availability
C. Confidentiality
D. Remediation
Answer: A
Explanation:
A digital signature is similar in function to a standard signature on a document. It validates the integrity of the message and the sender. The message is encrypted using the encryption system, and a second piece of information, the digital signature, is added to the message. Digital Signatures is used to validate the integrity of the message and the sender. Integrity means the message can’t be altered without detection.
Q344. Which of the following is built into the hardware of most laptops but is not setup for centralized management by default?
A. Whole disk encryption
B. TPM encryption
C. USB encryption
D. Individual file encryption
Answer: B
Explanation:
Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores cryptographic keys, passwords, or certificates.
Q345. Access mechanisms to data on encrypted USB hard drives must be implemented correctly otherwise:
A. user accounts may be inadvertently locked out.
B. data on the USB drive could be corrupted.
C. data on the hard drive will be vulnerable to log analysis.
D. the security controls on the USB drive can be bypassed.
Answer: D
Explanation:
A common access mechanism to data on encrypted USB hard drives is a password. If a weak password is used, someone could guess the password and bypass the security controls on the USB drive to access the data.
Most recent SY0-401 dumps:
Q346. In order to prevent and detect fraud, which of the following should be implemented?
A. Job rotation
B. Risk analysis
C. Incident management
D. Employee evaluations
Answer: A
Explanation:
A job rotation policy defines intervals at which employees must rotate through positions. Similar in purpose to mandatory vacations, it helps to ensure that the company does not become too dependent on one person and it does afford the company with the opportunity to place another person in that same job and in this way the company can potentially uncover any fraud perhaps committed by the incumbent.
Q347. Which of the following is a common coding error in which boundary checking is not performed?
A. Input validation
B. Fuzzing
C. Secure coding
D. Cross-site scripting
Answer: A
Explanation:
Input validation is a defensive technique intended to mitigate against possible user input attacks, such as buffer overflows and fuzzing. Input validation checks every user input submitted to the application before processing that input. The check could be a length, a character type, a language type, or a domain.
Q348. An advantage of virtualizing servers, databases, and office applications is:
A. Centralized management.
B. Providing greater resources to users.
C. Stronger access control.
D. Decentralized management.
Answer: A
Explanation:
Virtualization consists of allowing one set of hardware to host multiple virtual Machines and in the case of software and applications; one host is all that is required. This makes centralized management a better prospect.
Q349. Which of the following can be used to mitigate risk if a mobile device is lost?
A. Cable lock
B. Transport encryption
C. Voice encryption
D. Strong passwords
Answer: D
Explanation:
Passwords are the most likely mechanism that can be used to mitigate risk when a mobile device is lost. A strong password would be more difficult to crack.
Q350. Which of the following offerings typically allows the customer to apply operating system patches?
A. Software as a service
B. Public Clouds
C. Cloud Based Storage
D. Infrastructure as a service
Answer: D
Explanation:
Cloud users install operating-system images and their application software on the cloud infrastructure to deploy their applications. In this model, the cloud user patches and maintains the operating systems and the application software.