You will discover numerous with positive aspects after getting bought your CompTIA SY0-401 official certifications. A SY0-401 official certifications is often a way of assurance that youve the highest volume of knowledge about the That department and that you will be able to resolve nearly all of conditions the place from it confronts. Also, this SY0-401 official certifications as well as increasing your worthy of while in the face of your employers. If you would like for any task, this SY0-401 official certifications will let you attain the finest task. If you would like regarding campaign, this SY0-401 official certifications will help make that entirely possible that a person. On top of that, this SY0-401 official certifications increase your importance as part of your provider too.

2021 Apr SY0-401 braindumps

Q51. Pete, a security administrator, has observed repeated attempts to break into the network. Which of the following is designed to stop an intrusion on the network? 

A. NIPS 

B. HIDS 

C. HIPS 

D. NIDS 

Answer:

Explanation: 

Network-based intrusion prevention system (NIPS) monitors the entire network for suspicious traffic by analyzing protocol activity. The main functions of intrusion prevention systems are to identify malicious activity, log information about this activity, attempt to block/stop it, and report it 


Q52. The data security manager is notified that a client will be sending encrypted information on optical discs for import into the company database. Once imported, the information is backed up and the discs are no longer needed. Following the import, which of the following is the BEST action for the manager to take? 

A. Wipe the discs and place into inventory for future use 

B. Send the discs back to the client 

C. Contract with a third party to shred the discs 

D. Instruct employees to store the discs in a secure area 

Answer:

Explanation: 


Q53. Which of the following can use RC4 for encryption? (Select TWO). 

A. CHAP 

B. SSL 

C. WEP 

D. AES 

E. 3DES 

Answer: B,C 

Explanation: B: In cryptography, RC4 (Rivest Cipher 4 also known as ARC4 or ARCFOUR meaning Alleged RC4) is the most widely used software stream cipher and is used in popular Internet protocols such as Secure Sockets Layer (SSL) and Transport Layer Security (TLS). 

C: WEP also uses RC4, however WEP is still unsecure. 


Q54. The public key is used to perform which of the following? (Select THREE). 

A. Validate the CRL 

B. Validate the identity of an email sender 

C. Encrypt messages 

D. Perform key recovery 

E. Decrypt messages 

F. Perform key escrow 

Answer: B,C,E 

Explanation: 

B: The sender uses the private key to create a digital signature. The message is, in effect, signed 

with the private key. The sender then sends the message to the receiver. The receiver uses the 

public key attached to the message to validate the digital signature. If the values match, the 

receiver knows the message is authentic. 

C: The sender uses the public key to encrypt a message, and the receiver uses the private key to 

decrypt the message. 

E: You encrypt data with the private key and decrypt with the public key, though the opposite is 

much more frequent. 

Public-key cryptography, also known as asymmetric cryptography, is a class of cryptographic 

protocols based on algorithms that require two separate keys, one of which is secret (or private) 

and one of which is public. Although different, the two parts of this key pair are mathematically 

linked. 


Q55. Jane has implemented an array of four servers to accomplish one specific task. This is BEST known as which of the following? 

A. Clustering 

B. RAID 

C. Load balancing 

D. Virtualization 

Answer:

Explanation: 

Anytime you connect multiple computers to work/act together as a single server, it is known as clustering. Clustered systems utilize parallel processing (improving performance and availability) and add redundancy (but also add costs). 


Up to the minute SY0-401 exam cost:

Q56. A security analyst has been tasked with securing a guest wireless network. They recommend the company use an authentication server but are told the funds are not available to set this up. 

Which of the following BEST allows the analyst to restrict user access to approved devices? 

A. Antenna placement 

B. Power level adjustment 

C. Disable SSID broadcasting 

D. MAC filtering 

Answer:

Explanation: 

A MAC filter is a list of authorized wireless client interface MAC addresses that is used by a WAP to block access to all unauthorized devices. 


Q57. A user commuting to work via public transport received an offensive image on their smart phone from another commuter. Which of the following attacks MOST likely took place? 

A. War chalking 

B. Bluejacking 

C. War driving 

D. Bluesnarfing 

Answer:

Explanation: 

The question states that the ‘attack’ took place on public transport and was received on a smartphone. Therefore, it is most likely that the image was sent using Bluetooth. Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs or laptop computers, sending a vCard which typically contains a message in the name field (i.e., for bluedating or bluechat) to another Bluetooth-enabled device via the OBEX protocol. Bluetooth has a very limited range, usually around 10 metres (32.8 ft) on mobile phones, but laptops can reach up to 100 metres (328 ft) with powerful (Class 1) transmitters. Bluejacking is usually harmless, but because bluejacked people generally don't know what has happened, they may think that their phone is malfunctioning. Usually, a bluejacker will only send a text message, but with modern phones it's possible to send images or sounds as well. Bluejacking has been used in guerrilla marketing campaigns to promote advergames. 


Q58. Sara, a security architect, has developed a framework in which several authentication servers work together to increase processing power for an application. Which of the following does this represent? 

A. Warm site 

B. Load balancing 

C. Clustering 

D. RAID 

Answer:

Explanation: 

Anytime you connect multiple computers to work/act together as a single server, it is known as 

clustering. Clustered systems utilize parallel processing (improving performance and availability) 

and add redundancy. 

Server clustering is used to provide failover capabilities / redundancy in addition to scalability as 

demand increases. 


Q59. Ann is starting a disaster recovery program. She has gathered specifics and team members for a meeting on site. Which of the following types of tests is this? 

A. Structured walkthrough 

B. Full Interruption test 

C. Checklist test 

D. Tabletop exercise 

Answer:

Explanation: 

A structured walkthrough test of a recovery plan involves representatives from each of the functional areas coming together to review the plan to determine if the plan pertaining to their area is accurate and complete and can be implemented when required. 


Q60. A security technician has been asked to recommend an authentication mechanism that will allow users to authenticate using a password that will only be valid for a predefined time interval. Which of the following should the security technician recommend? 

A. CHAP 

B. TOTP 

C. HOTP 

D. PAP 

Answer:

Explanation: Time-based one-time password (TOTP) tokens are devices or applications that generate passwords at fixed time intervals. Therefore, the password will only be valid for a predefined time interval.