Latest Certified Success Dumps Download

CISCO, MICROSOFT, COMPTIA, HP, IBM, ORACLE, VMWARE
SY0-401 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Passguide CompTIA SY0-401 Dumps with VCE and PDF 141-150

September 20, 2017

EnsurePass
2017 Sep CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/SY0-401.html

CompTIA Security Certification

Question No: 141 – (Topic 1)

A company’s legacy server requires administration using Telnet. Which of the following protocols could be used to secure communication by offering encryption at a lower OSI layer? (Select TWO).

  1. IPv6

  2. SFTP

  3. IPSec

  4. SSH

  5. IPv4

Answer: A,C Explanation:

Telnet supports IPv6 connections.

IPv6 is the communications protocol that provides an identification and location system for computers on networks and routes traffic across the Internet. IPsec is a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. IPsec is a compulsory component for IPv6.

IPsec operates at Layer 3 of the OSI model, whereas Telnet operates at Layer 7.

Question No: 142 – (Topic 1)

Matt, the IT Manager, wants to create a new network available to virtual servers on the same hypervisor, and does not want this network to be routable to the firewall. How could this BEST be accomplished?

  1. Create a VLAN without a default gateway.

  2. Remove the network from the routing table.

  3. Create a virtual switch.

  4. Commission a stand-alone switch.

Answer: C Explanation:

A Hyper-V Virtual Switch implements policy enforcement for security, isolation, and service levels.

Question No: 143 – (Topic 1)

An information bank has been established to store contacts, phone numbers and other records. A UNIX application needs to connect to the index server using port 389. Which of the following authentication services should be used on this port by default?

  1. RADIUS

  2. Kerberos

  3. TACACS

  4. LDAP

Answer: D Explanation:

LDAP makes use of port 389.

Question No: 144 – (Topic 1)

An organization does not have adequate resources to administer its large infrastructure. A security administrator wishes to integrate the security controls of some of the network devices in the organization. Which of the following methods would BEST accomplish this goal?

  1. Unified Threat Management

  2. Virtual Private Network

  3. Single sign on

  4. Role-based management

Answer: A Explanation:

Unified Threat Management (UTM) is, basically, the combination of a firewall with other abilities. These abilities include intrusion prevention, antivirus, content filtering, etc.

Advantages of combining everything into one:

You only have one product to learn.

You only have to deal with a single vendor. IT provides reduced complexity.

Question No: 145 – (Topic 1)

A security analyst is reviewing firewall logs while investigating a compromised web server. The following ports appear in the log:

22, 25, 445, 1433, 3128, 3389, 6667

Which of the following protocols was used to access the server remotely?

  1. LDAP

  2. HTTP

  3. RDP

  4. HTTPS

Answer: C Explanation:

RDP uses TCP port 3389.

Question No: 146 – (Topic 1)

According to company policy an administrator must logically keep the Human Resources department separated from the Accounting department. Which of the following would be

the simplest way to accomplish this?

  1. NIDS

  2. DMZ

  3. NAT

  4. VLAN

Answer: D

Explanation: A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches.

Question No: 147 – (Topic 1)

Sara, a security technician, has received notice that a vendor coming in for a presentation will require access to a server outside of the network. Currently, users are only able to access remote sites through a VPN connection. How could Sara BEST accommodate the vendor?

  1. Allow incoming IPSec traffic into the vendor’s IP address.

  2. Set up a VPN account for the vendor, allowing access to the remote site.

  3. Turn off the firewall while the vendor is in the office, allowing access to the remote site.

  4. Write a firewall rule to allow the vendor to have access to the remote site.

Answer: D Explanation:

Firewall rules are used to define what traffic is able pass between the firewall and the internal network. Firewall rules block the connection, allow the connection, or allow the connection only if it is secured. Firewall rules can be applied to inbound traffic or outbound traffic and any type of network.

Question No: 148 – (Topic 1)

Review the following diagram depicting communication between PC1 and PC2 on each side of a router. Analyze the network traffic logs which show communication between the two computers as captured by the computer with IP 10.2.2.10.

DIAGRAM PC1 PC2

[192.168.1.30]—-[INSIDE 192.168.1.1 router OUTSIDE 10.2.2.1]—–[10.2.2.10] LOGS

10:30:22, SRC 10.2.2.1:3030, DST 10.2.2.10:80, SYN

10:30:23, SRC 10.2.2.10:80, DST 10.2.2.1:3030, SYN/ACK

10:30:24, SRC 10.2.2.1:3030, DST 10.2.2.10:80, ACK

Given the above information, which of the following can be inferred about the above environment?

  1. 192.168.1.30 is a web server.

  2. The web server listens on a non-standard port.

  3. The router filters port 80 traffic.

  4. The router implements NAT.

Answer: D Explanation:

Network address translation (NAT) allows you to share a connection to the public Internet via a single interface with a single public IP address. NAT maps the private addresses to the public address. In a typical configuration, a local network uses one of the designated quot;privatequot; IP address subnets. A router on that network has a private address (192.168.1.1) in that address space, and is also connected to the Internet with a quot;publicquot; address (10.2.2.1) assigned by an Internet service provider.

Question No: 149 – (Topic 1)

A technician has just installed a new firewall onto the network. Users are reporting that they cannot reach any website. Upon further investigation, the technician determines that websites can be reached by entering their IP addresses. Which of the following ports may have been closed to cause this issue?

  1. HTTP

  2. DHCP

  3. DNS

  4. NetBIOS

Answer: C Explanation:

DNS links IP addresses and human-friendly fully qualified domain names (FQDNs), which are made up of the Top-level domain (TLD), the registered domain name, and the Subdomain or hostname.

Therefore, if the DNS ports are blocked websites will not be reachable.

Question No: 150 – (Topic 1)

While configuring a new access layer switch, the administrator, Joe, was advised that he needed to make sure that only devices authorized to access the network would be permitted to login and utilize resources. Which of the following should the administrator implement to ensure this happens?

  1. Log Analysis

  2. VLAN Management

  3. Network separation

D. 802.1x

Answer: D Explanation:

802.1x is a port-based authentication mechanism. It’s based on Extensible Authentication Protocol (EAP) and is commonly used in closed-environment wireless networks. 802.1x was initially used to compensate for the weaknesses of Wired Equivalent Privacy (WEP), but today it’s often used as a component in more complex authentication and connection- management systems, including Remote Authentication Dial-In User Service (RADIUS), Diameter, Cisco System’s Terminal Access Controller Access-Control System Plus (TACACS ), and Network Access Control (NAC).

100% Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass SY0-401 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE