Latest Certified Success Dumps Download

CISCO, MICROSOFT, COMPTIA, HP, IBM, ORACLE, VMWARE
SY0-401 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Passguide CompTIA SY0-401 Dumps with VCE and PDF 241-250

September 20, 2017

EnsurePass
2017 Sep CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/SY0-401.html

CompTIA Security Certification

Question No: 241 – (Topic 2)

In order to prevent and detect fraud, which of the following should be implemented?

  1. Job rotation

  2. Risk analysis

  3. Incident management

  4. Employee evaluations

Answer: A Explanation:

A job rotation policy defines intervals at which employees must rotate through positions. Similar in purpose to mandatory vacations, it helps to ensure that the company does not become too dependent on one person and it does afford the company with the opportunity to place another person in that same job and in this way the company can potentially uncover any fraud perhaps committed by the incumbent.

Question No: 242 – (Topic 2)

Who should be contacted FIRST in the event of a security breach?

  1. Forensics analysis team

  2. Internal auditors

  3. Incident response team

  4. Software vendors

Answer: C Explanation:

A security breach is an incident and requires a response. The incident response team would be better equipped to deal with any incident insofar as all their procedures are concerned. Their procedures in addressing incidents are: Preparation; Incident identification; Escalation and notification; Mitigation steps; Lessons learned; Reporting; Recover/reconstitution procedures; First responder; Incident isolation (Quarantine; Device removal); Data breach; Damage and loss control.

Question No: 243 – (Topic 2)

Sara, a security administrator, manually hashes all network device configuration files daily and compares them to the previous days’ hashes. Which of the following security concepts is Sara using?

  1. Confidentiality

  2. Compliance

  3. Integrity

  4. Availability

Answer: C Explanation:

Integrity means the message can’t be altered without detection.

Question No: 244 – (Topic 2)

Which of the following should be considered to mitigate data theft when using CAT5 wiring?

  1. CCTV

  2. Environmental monitoring

  3. Multimode fiber

  4. EMI shielding

Answer: D Explanation:

EMI Shielding refers to the process of preventing electronic emissions from your computer systems from being used to gather intelligence and preventing outside electronic emissions from disrupting your information-processing abilities. Thus all wiring should be shielded to mitigate data theft.

Question No: 245 – (Topic 2)

Which of the following policies is implemented in order to minimize data loss or theft?

  1. PII handling

  2. Password policy

  3. Chain of custody

  4. Zero day exploits

Answer: A Explanation:

Although the concept of PII is old, it has become much more important as information technology and the Internet have made it easier to collect PII through breaches of internet security, network security and web browser security, leading to a profitable market in collecting and reselling PII. PII can also be exploited by criminals to stalk or steal the

identity of a person, or to aid in the planning of criminal acts.

Personally identifiable information (PII) is a catchall for any data that can be used to uniquely identify an individual. This data can be anything from the person’s name to a fingerprint (think biometrics), credit card number, or patient record.

Thus a PII handling policy can be used to protect data.

Question No: 246 – (Topic 2)

Which of the following security account management techniques should a security analyst implement to prevent staff, who has switched company roles, from exceeding privileges?

  1. Internal account audits

  2. Account disablement

  3. Time of day restriction

  4. Password complexity

Answer: A Explanation:

Internal account auditing will allow you to switch the appropriate users to the proper accounts required after the switching of roles occurred and thus check that the principle of least privilege is followed.

Question No: 247 – (Topic 2)

Although a vulnerability scan report shows no vulnerabilities have been discovered, a subsequent penetration test reveals vulnerabilities on the network. Which of the following has been reported by the vulnerability scan?

  1. Passive scan

  2. Active scan

  3. False positive

  4. False negative

Answer: D Explanation:

With a false negative, you are not alerted to a situation when you should be alerted. A

False negative is exactly the opposite of a false positive.

Question No: 248 – (Topic 2)

The use of social networking sites introduces the risk of:

  1. Disclosure of proprietary information

  2. Data classification issues

  3. Data availability issues

  4. Broken chain of custody

Answer: A Explanation:

People and processes must be in place to prevent the unauthorized disclosure or proprietary information and sensitive information s these pose a security risk to companies. With social networking your company can be exposed to as many threats as the amount of users that make use of social networking and are not advised on security policy regarding the use of social networking.

Question No: 249 – (Topic 2)

The security officer is preparing a read-only USB stick with a document of important personal phone numbers, vendor contacts, an MD5 program, and other tools to provide to employees. At which of the following points in an incident should the officer instruct employees to use this information?

  1. Business Impact Analysis

  2. First Responder

  3. Damage and Loss Control

  4. Contingency Planning

Answer: B Explanation:

Incident response procedures involves: Preparation; Incident identification; Escalation and notification; Mitigation steps; Lessons learned; Reporting; Recover/reconstitution procedures; First responder; Incident isolation (Quarantine; Device removal); Data breach;

Damage and loss control. In this scenario the security officer is carrying out an incident response measure that will address and be of benefit to those in the vanguard, i.e. the employees and they are the first responders.

Question No: 250 – (Topic 2)

When a new network drop was installed, the cable was run across several fluorescent lights. The users of the new network drop experience intermittent connectivity. Which of the following environmental controls was MOST likely overlooked during installation?

  1. Humidity sensors

  2. EMI shielding

  3. Channel interference

  4. Cable kinking

Answer: B Explanation:

Shielding refers to the process of preventing electronic emissions from your computer systems from being used to gather intelligence and preventing outside electronic emissions from disrupting your information-processing abilities. In this case you are experiencing intermittent connectivity since Electro Magnetic Interference (EMI) was not taken into account when running the cables over fluorescent lighting.

100% Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass SY0-401 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE