Latest Certified Success Dumps Download

CISCO, MICROSOFT, COMPTIA, HP, IBM, ORACLE, VMWARE
SY0-401 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Passguide CompTIA SY0-401 Dumps with VCE and PDF 211-220

September 20, 2017

EnsurePass
2017 Sep CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/SY0-401.html

CompTIA Security Certification

Question No: 211 – (Topic 2)

Various network outages have occurred recently due to unapproved changes to network and security devices. All changes were made using various system credentials. The security analyst has been tasked to update the security policy. Which of the following risk mitigation strategies would also need to be implemented to reduce the number of network outages due to unauthorized changes?

  1. User rights and permissions review

  2. Configuration management

  3. Incident management

  4. Implement security controls on Layer 3 devices

Answer: A Explanation:

Reviewing user rights and permissions can be used to determine that all groups, users, and other accounts have the appropriate privileges assigned according to the policies of the corporation and their job descriptions. Also reviewing user rights and permissions will afford the security analyst the opportunity to put the principle of least privilege in practice as well as update the security policy

Question No: 212 – (Topic 2)

A company is trying to implement physical deterrent controls to improve the overall security posture of their data center. Which of the following BEST meets their goal?

  1. Visitor logs

  2. Firewall

  3. Hardware locks

  4. Environmental monitoring

Answer: C Explanation:

Hardware security involves applying physical security modifications to secure the system(s) and preventing them from leaving the facility. Don’t spend all of your time worrying about intruders coming through the network wire while overlooking the obvious need for physical

security. Hardware security involves the use of locks to prevent someone from picking up and carrying out your equipment.

Question No: 213 – (Topic 2)

A vulnerability scan is reporting that patches are missing on a server. After a review, it is determined that the application requiring the patch does not exist on the operating system.

Which of the following describes this cause?

  1. Application hardening

  2. False positive

  3. Baseline code review

  4. False negative

Answer: B Explanation:

False positives are essentially events that are mistakenly flagged and are not really events to be concerned about.

Question No: 214 – (Topic 2)

Joe, a security administrator, is concerned with users tailgating into the restricted areas. Given a limited budget, which of the following would BEST assist Joe with detecting this activity?

  1. Place a full-time guard at the entrance to confirm user identity.

  2. Install a camera and DVR at the entrance to monitor access.

  3. Revoke all proximity badge access to make users justify access.

  4. Install a motion detector near the entrance.

Answer: B Explanation:

Tailgating is a favorite method of gaining entry to electronically locked systems by following someone through the door they just unlocked. With a limited budget installing a camera and DVR at the entrance to monitor access to the restricted areas is the most feasible

solution. The benefit of a camera (also known as closed-circuit television, or CCTV) is that it is always running and can record everything it sees, creating evidence that can be admissible in court if necessary.

Question No: 215 – (Topic 2)

A security administrator is auditing a database server to ensure the correct security measures are in place to protect the data. Some of the fields consist of people#39;s first name, last name, home address, date of birth and mothers last name. Which of the following describes this type of data?

  1. PII

  2. PCI

  3. Low

  4. Public

Answer: A Explanation:

PII is any type of information/data and portion of data that can be used to trace back to a person and is usually data like personally identifiable information such as first names, last names, home address, date of birth, etc.

Question No: 216 – (Topic 2)

A business has set up a Customer Service kiosk within a shopping mall. The location will be staffed by an employee using a laptop during the mall business hours, but there are still concerns regarding the physical safety of the equipment while it is not in use. Which of the following controls would BEST address this security concern?

  1. Host-based firewall

  2. Cable locks

  3. Locking cabinets

  4. Surveillance video

Answer: C Explanation:

Locking cabinets can be used to protect backup media, documentation and other physical artefacts. In this case a locking cabinet will keep the company’s Customer Service kiosk under lock and key when not in use.

Question No: 217 – (Topic 2)

A security administrator is tasked with calculating the total ALE on servers. In a two year period of time, a company has to replace five servers. Each server replacement has cost the company $4,000 with downtime costing $3,000. Which of the following is the ALE for the company?

A. $7,000 B. $10,000 C. $17,500 D. $35,000

Answer: C Explanation:

SLE 脳 ARO = ALE, where SLE is equal to asset value (AV) times exposure factor (EF); and ARO is the annualized rate of occurrence.

SLE =($4000 $3000) x 5 = $35000

ARO = 2 years Thus per year it would be 50% = 0,5 The ALE is thus $35000 x 0.5 = $17500

Question No: 218 – (Topic 2)

An advantage of virtualizing servers, databases, and office applications is:

  1. Centralized management.

  2. Providing greater resources to users.

  3. Stronger access control.

  4. Decentralized management.

Answer: A Explanation:

Virtualization consists of allowing one set of hardware to host multiple virtual Machines and

in the case of software and applications; one host is all that is required. This makes centralized management a better prospect.

Question No: 219 – (Topic 2)

Certificates are used for: (Select TWO).

  1. Client authentication.

  2. WEP encryption.

  3. Access control lists.

  4. Code signing.

  5. Password hashing.

Answer: A,D Explanation:

Certificates are used in PKI to digitally sign data, information, files, email, code, etc. Certificates are also used in PKI for client authentication.

Question No: 220 – (Topic 2)

A software developer is responsible for writing the code on an accounting application. Another software developer is responsible for developing code on a system in human resources. Once a year they have to switch roles for several weeks.

Which of the following practices is being implemented?

  1. Mandatory vacations

  2. Job rotation

  3. Least privilege

  4. Separation of duties

Answer: B Explanation:

A job rotation policy defines intervals at which employees must rotate through positions.

100% Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass SY0-401 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE