The real importance of gaining the particular CompTIA qualification is usually improved option. To comprehend option appear profession expansion and fork out. The actual CompTIA SY0-401 provide Engineering experts having minimal CompTIA expertise obtain the awareness and also ability necessary to break into the particular extremely profitable and also challenging CompTIA vocation. It is required to carry this kind of CompTIA qualification earlier than trying out a reality of CompTIA.
2021 Dec SY0-401 free question
Q451. Who should be contacted FIRST in the event of a security breach?
A. Forensics analysis team
B. Internal auditors
C. Incident response team
D. Software vendors
Answer: C
Explanation:
A security breach is an incident and requires a response. The incident response team would be better equipped to deal with any incident insofar as all their procedures are concerned. Their procedures in addressing incidents are: Preparation; Incident identification; Escalation and notification; Mitigation steps; Lessons learned; Reporting; Recover/reconstitution procedures; First responder; Incident isolation (Quarantine; Device removal); Data breach; Damage and loss control.
Q452. The Chief Information Officer (CIO) has mandated web based Customer Relationship Management (CRM) business functions be moved offshore to reduce cost, reduce IT overheads, and improve availability. The Chief Risk Officer (CRO) has agreed with the CIO’s direction but has mandated that key authentication systems be run within the organization’s network. Which of the following would BEST meet the CIO and CRO’s requirements?
A. Software as a Service
B. Infrastructure as a Service
C. Platform as a Service
D. Hosted virtualization service
Answer: A
Explanation:
Software as a Service (SaaS) is a software distribution model in which applications are hosted by a vendor or service provider and made available to customers over a network, typically the Internet.
Q453. A security administrator must implement a network that is immune to ARP spoofing attacks. Which of the following should be implemented to ensure that a malicious insider will not be able to successfully use ARP spoofing techniques?
A. UDP
B. IPv6
C. IPSec
D. VPN
Answer: B
Explanation:
Q454. A technician is unable to manage a remote server. Which of the following ports should be opened on the firewall for remote server management? (Select TWO).
A. 22
B. 135
C. 137
D. 143
E. 443
F. 3389
Answer: A,F
Explanation:
A secure remote administration solution and Remote Desktop protocol is required.
Secure Shell (SSH) is a secure remote administration solution and makes use of TCP port 22.
Remote Desktop Protocol (RDP) uses TCP port 3389.
Q455. Joe must send Ann a message and provide Ann with assurance that he was the actual sender. Which of the following will Joe need to use to BEST accomplish the objective?
A. A pre-shared private key
B. His private key
C. Ann's public key
D. His public key
Answer: B
Explanation:
Down to date SY0-401 exam question:
Q456. A network administrator has a separate user account with rights to the domain administrator group. However, they cannot remember the password to this account and are not able to login to the server when needed. Which of the following is MOST accurate in describing the type of issue the administrator is experiencing?
A. Single sign-on
B. Authorization
C. Access control
D. Authentication
Answer: D
Explanation:
Authentication generally requires one or more of the following:
.
Something you know: a password, code, PIN, combination, or secret phrase.
.
Something you have: a smart card, token device, or key.
.
Something you are: a fingerprint, a retina scan, or voice recognition; often referred to as biometrics, discussed later in this chapter.
.
Somewhere you are: a physical or logical location.
.
Something you do: typing rhythm, a secret handshake, or a private knock.
Q457. Which of the following controls would allow a company to reduce the exposure of sensitive systems from unmanaged devices on internal networks?
A. 802.1x
B. Data encryption
C. Password strength
D. BGP
Answer: A
Explanation:
IEEE 802.1X (also known as Dot1x) is an IEEE Standard for Port-based Network Access Control (PNAC). It is part of the IEEE 802.1 group of networking protocols. It provides an authentication mechanism to devices wishing to attach to a LAN or WLAN.
802.1X authentication involves three parties: a supplicant, an authenticator, and an authentication server. The supplicant is a client device (such as a laptop) that wishes to attach to the LAN/WLAN
-though the term 'supplicant' is also used interchangeably to refer to the software running on the client that provides credentials to the authenticator. The authenticator is a network device, such as an Ethernet switch or wireless access point; and the authentication server is typically a host running software supporting the RADIUS and EAP protocols. The authenticator acts like a security guard to a protected network. The supplicant (i.e., client device) is not allowed access through the authenticator to the protected side of the network until the supplicant’s identity has been validated and authorized. An analogy to this is providing a valid visa at the airport's arrival immigration before being allowed to enter the country. With 802.1X port-based authentication, the supplicant provides credentials, such as user name/password or digital certificate, to the authenticator, and the authenticator forwards the credentials to the authentication server for verification. If the authentication server determines the credentials are valid, the supplicant (client device) is allowed to access resources located on the protected side of the network.
Q458. Which of the following describes a type of malware which is difficult to reverse engineer in a virtual lab?
A. Armored virus
B. Polymorphic malware
C. Logic bomb
D. Rootkit
Answer: A
Explanation:
An armored virus is a type of virus that has been designed to thwart attempts by analysts from examining its code by using various methods to make tracing, disassembling and reverse engineering more difficult. An Armored Virus may also protect itself from antivirus programs, making it more difficult to trace. To do this, the Armored Virus attempts to trick the antivirus program into believing its location is somewhere other than where it really is on the system.
Q459. A system security analyst using an enterprise monitoring tool notices an unknown internal host exfiltrating files to several foreign IP addresses. Which of the following would be an appropriate mitigation technique?
A. Disabling unnecessary accounts
B. Rogue machine detection
C. Encrypting sensitive files
D. Implementing antivirus
Answer: B
Explanation:
Rogue machine detection is the process of detecting devices on the network that should not be there. If a user brings in a laptop and plugs it into the network, the laptop is a “rogue machine”. The laptop could cause problems on the network. Any device on the network that should not be there is classed as rogue.
Q460. Which of the following represents a cryptographic solution where the encrypted stream cannot be captured by a sniffer without the integrity of the stream being compromised?
A. Elliptic curve cryptography.
B. Perfect forward secrecy.
C. Steganography.
D. Quantum cryptography.
Answer: D
Explanation: