Can be CompTIA SY0-401 effective for you? The reply is all depends. It all depends on the places you prefer to use your career. If you want to end up in the web 2 . industry, apply for CISCO plus Comp TA Networking certification. If you want to turn out to be a pro inside a unique spot, you possibly can select the right qualification from the number. Providers get going seeking CompTIA accredited Executives so that you can fill out managerial employment. Providers get going paying higher pays regarding CompTIA accredited Executives. Therefore, the step to the question is, promoted boils down to your career taste.

2021 Mar SY0-401 answers

Q541. Which of the following would BEST be used to calculate the expected loss of an event, if the likelihood of an event occurring is known? (Select TWO). 

A. DAC 

B. ALE 

C. SLE 

D. ARO 

E. ROI 

Answer: B,C 

Explanation: 

ALE (Annual Loss Expectancy) is equal to the SLE (Single Loss Expectancy) times the annualized rate of occurrence. SLE (Single Loss Expectancy) is equal to asset value (AV) times exposure factor (EF). 


Q542. Joe, a technician at the local power plant, notices that several turbines had ramp up in cycles during the week. Further investigation by the system engineering team determined that a timed .exe file had been uploaded to the system control console during a visit by international contractors. Which of the following actions should Joe recommend? 

A. Create a VLAN for the SCADA 

B. Enable PKI for the MainFrame 

C. Implement patch management 

D. Implement stronger WPA2 Wireless 

Answer:

Explanation: 

VLANs are used for traffic management. VLANs can be used to isolate traffic between network segments. This can be accomplished by not defining a route between different VLANs or by specifying a deny filter between certain VLANs (or certain members of a VLAN). Any network segment that doesn’t need to communicate with another in order to accomplish a work task/function shouldn’t be able to do so. 


Q543. A review of the company’s network traffic shows that most of the malware infections are caused by users visiting gambling and gaming websites. The security manager wants to implement a solution that will block these websites, scan all web traffic for signs of malware, and block the malware before it enters the company network. Which of the following is suited for this purpose? 

A. ACL 

B. IDS 

C. UTM 

D. Firewall 

Answer:

Explanation: 

An all-in-one appliance, also known as Unified Threat Management (UTM) and Next Generation Firewall (NGFW), is one that provides a good foundation for security. A variety is available; those that you should be familiar with for the exam fall under the categories of providing URL filtering, content inspection, or malware inspection. 

Malware inspection is the use of a malware scanner to detect unwanted software content in network traffic. If malware is detected, it can be blocked or logged and/or trigger an alert. 


Q544. An administrator needs to secure a wireless network and restrict access based on the hardware address of the device. Which of the following solutions should be implemented? 

A. Use a stateful firewall 

B. Enable MAC filtering 

C. Upgrade to WPA2 encryption 

D. Force the WAP to use channel 1 

Answer:

Explanation: 


Q545. The Chief Information Officer (CIO) is concerned with moving an application to a SaaS cloud provider. Which of the following can be implemented to provide for data confidentiality assurance during and after the migration to the cloud? 

A. HPM technology 

B. Full disk encryption 

C. DLP policy 

D. TPM technology 

Answer:

Explanation: 

Data loss prevention (DLP) systems monitor the contents of systems (workstations, servers, and networks) to make sure that key content is not deleted or removed. They also monitor who is using the data (looking for unauthorized access) and transmitting the data. The Software as a Service (SaaS) applications are remotely run over the Web and as such requires DLP monitoring. 


Regenerate SY0-401 exam fees:

Q546. Which of the following means of wireless authentication is easily vulnerable to spoofing? 

A. MAC Filtering 

B. WPA - LEAP 

C. WPA - PEAP 

D. Enabled SSID 

Answer:

Explanation: 

Each network interface on your computer or any other networked device has a unique MAC address. These MAC addresses are assigned in the factory, but you can easily change, or “spoof,” MAC addresses in software. 

Networks can use MAC address filtering, only allowing devices with specific MAC addresses to connect to a network. This isn’t a great security tool because people can spoof their MAC addresses. 


Q547. An administrator has advised against the use of Bluetooth phones due to bluesnarfing concerns. 

Which of the following is an example of this threat? 

A. An attacker using the phone remotely for spoofing other phone numbers 

B. Unauthorized intrusions into the phone to access data 

C. The Bluetooth enabled phone causing signal interference with the network 

D. An attacker using exploits that allow the phone to be disabled 

Answer:

Explanation: 

Bluesnarfing is the theft of information from a wireless device through a Bluetooth connection. Bluetooth is a high-speed but very short-range wireless technology for exchanging data between desktop and mobile computers, personal digital assistants (PDAs), and other devices. By exploiting a vulnerability in the way Bluetooth is implemented on a mobile phone, an attacker can access information -- such as the user's calendar, contact list and e-mail and text messages --without leaving any evidence of the attack. Other devices that use Bluetooth, such as laptop computers, may also be vulnerable, although to a lesser extent, by virtue of their more complex systems. Operating in invisible mode protects some devices, but others are vulnerable as long as Bluetooth is enabled. 


Q548. A quality assurance analyst is reviewing a new software product for security, and has complete access to the code and data structures used by the developers. This is an example of which of the following types of testing? 

A. Black box 

B. Penetration 

C. Gray box 

D. White box 

Answer:

Explanation: 

White box testing is the process of testing an application when you have detailed knowledge of the inner workings of the application. White-box testing (also known as clear box testing, glass box testing, transparent box testing, and structural testing) is a method of testing software that tests internal structures or workings of an application, as opposed to its functionality (i.e. black-box testing). In white-box testing an internal perspective of the system, as well as programming skills, are used to design test cases. The tester chooses inputs to exercise paths through the code and determine the appropriate outputs. This is analogous to testing nodes in a circuit, e.g. in-circuit testing (ICT). White-box testing can be applied at the unit, integration and system levels of the software testing process. Although traditional testers tended to think of white-box testing as being done at the unit level, it is used for integration and system testing more frequently today. It can test paths within a unit, paths between units during integration, and between subsystems during a system–level test. 


Q549. Which of the following assessments would Pete, the security administrator, use to actively test that an application’s security controls are in place? 

A. Code review 

B. Penetration test 

C. Protocol analyzer 

D. Vulnerability scan 

Answer:

Explanation: 

Penetration testing (also called pen testing) is the practice of testing a computer system, network or Web application to find vulnerabilities that an attacker could exploit. Pen tests can be automated with software applications or they can be performed manually. Either way, the process includes gathering information about the target before the test (reconnaissance), identifying possible entry points, attempting to break in (either virtually or for real) and reporting back the findings. The main objective of penetration testing is to determine security weaknesses. A pen test can also be used to test an organization's security policy compliance, its employees' security awareness and the organization's ability to identify and respond to security incidents. Penetration tests are sometimes called white hat attacks because in a pen test, the good guys are attempting to break in. 

Pen test strategies include: 

Targeted testing Targeted testing is performed by the organization's IT team and the penetration testing team working together. It's sometimes referred to as a "lights-turned-on" approach because everyone can see the test being carried out. 

External testing This type of pen test targets a company's externally visible servers or devices including domain name servers (DNS), e-mail servers, Web servers or firewalls. The objective is to find out if an outside attacker can get in and how far they can get in once they've gained access. 

Internal testing This test mimics an inside attack behind the firewall by an authorized user with standard access privileges. This kind of test is useful for estimating how much damage a disgruntled employee could cause. 

Blind testing A blind test strategy simulates the actions and procedures of a real attacker by severely limiting the information given to the person or team that's performing the test beforehand. Typically, they may only be given the name of the company. Because this type of test can require a considerable amount of time for reconnaissance, it can be expensive. 

Double blind testing Double blind testing takes the blind test and carries it a step further. In this type of pen test, only one or two people within the organization might be aware a test is being conducted. Double-blind tests can be useful for testing an organization's security monitoring and incident identification as well as its response procedures. 


Q550. Which of the following helps to apply the proper security controls to information? 

A. Data classification 

B. Deduplication 

C. Clean desk policy 

D. Encryption 

Answer:

Explanation: 

Information classification is done by confidentiality and comprises of three categories, namely: public use, internal use and restricted use. These categories make applying the appropriate policies and security controls practical.