Latest Certified Success Dumps Download

CISCO, MICROSOFT, COMPTIA, HP, IBM, ORACLE, VMWARE
SY0-401 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Passguide CompTIA SY0-401 Dumps with VCE and PDF 281-290

September 20, 2017

EnsurePass
2017 Sep CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/SY0-401.html

CompTIA Security Certification

Question No: 281 – (Topic 2)

A system administrator is responding to a legal order to turn over all logs from all company servers. The system administrator records the system time of all servers to ensure that:

  1. HDD hashes are accurate.

  2. the NTP server works properly.

  3. chain of custody is preserved.

  4. time offset can be calculated.

Answer: D Explanation:

It is quite common for workstation times to be off slightly from actual time, and that can happen with servers as well. Since a forensic investigation is usually dependent on a step- by-step account of what has happened, being able to follow events in the correct time sequence is critical. Because of this, it is imperative to record the time offset on each affected machine during the investigation. One method of assisting with this is to add an entry to a log file and note the time that this was done and the time associated with it on the system.

Question No: 282 – (Topic 2)

The incident response team has received the following email message.

From: monitor@ext-company.com To: security@company.com Subject: Copyright infringement

A copyright infringement alert was triggered by IP address 13.10.66.5 at 09: 50: 01 GMT.

After reviewing the following web logs for IP 13.10.66.5, the team is unable to correlate and identify the incident.

09: 45: 33 13.10.66.5 http: //remote.site.com/login.asp?user=john

09: 50: 22 13.10.66.5 http: //remote.site.com/logout.asp?user=anne

10: 50: 01 13.10.66.5 http: //remote.site.com/access.asp?file=movie.mov

11: 02: 45 13.10.65.5 http: //remote.site.com/download.asp?movie.mov=ok

Which of the following is the MOST likely reason why the incident response team is unable to identify and correlate the incident?

  1. The logs are corrupt and no longer forensically sound.

  2. Traffic logs for the incident are unavailable.

  3. Chain of custody was not properly maintained.

  4. Incident time offsets were not accounted for.

Answer: D Explanation:

It is quite common for workstation times to be off slightly from actual time, and that can happen with servers as well. Since a forensic investigation is usually dependent on a step- by-step account of what has happened, being able to follow events in the correct time sequence is critical. Because of this, it is imperative to record the time offset on each affected machine during the investigation. One method of assisting with this is to add an entry to a log file and note the time that this was done and the time associated with it on the system.

Question No: 283 – (Topic 2)

Joe, a user, wants to send an encrypted email to Ann. Which of the following will Ann need to use to verify that the email came from Joe and decrypt it? (Select TWO).

  1. The CA’s public key

  2. Ann’s public key

  3. Joe’s private key

  4. Ann’s private key

  5. The CA’s private key

  6. Joe’s public key

Answer: D,F Explanation:

Joe wants to send a message to Ann. It’s important that this message not be altered. Joe will use the private key to create a digital signature. The message is, in effect, signed with the private key. Joe then sends the message to Ann. Ann will use the public key attached to the message to validate the digital signature. If the values match, Ann knows the message is authentic and came from Joe. Ann will use a key provided by Joe-the public key-to decrypt the message. Most digital signature implementations also use a hash to verify that the message has not been altered, intentionally or accidently, in transit. Thus Ann would compare the signature area referred to as a message in the message with the calculated value digest (her private key in this case). If the values match, the message hasn’t been tampered with and the originator is verified as the person they claim to be.

Question No: 284 – (Topic 2)

Ann would like to forward some Personal Identifiable Information to her HR department by email, but she is worried about the confidentiality of the information. Which of the following will accomplish this task securely?

  1. Digital Signatures

  2. Hashing

  3. Secret Key

  4. Encryption

Answer: D Explanation:

Encryption is used to prevent unauthorized users from accessing data. Data encryption will support the confidentiality of the email.

Question No: 285 – (Topic 2)

Several departments in a corporation have a critical need for routinely moving data from one system to another using removable storage devices. Senior management is concerned with data loss and the introduction of malware on the network. Which of the following choices BEST mitigates the range of risks associated with the continued use of removable storage devices?

  1. Remote wiping enabled for all removable storage devices

  2. Full-disk encryption enabled for all removable storage devices

  3. A well defined acceptable use policy

  4. A policy which details controls on removable storage use

Answer: D Explanation:

Removable storage is both a benefit and a risk and since not all mobile devices support removable storage, the company has to has a comprehensive policy which details the controls of the use of removable s to mitigate the range of risks that are associated with the use of these devices.

Question No: 286 – (Topic 2)

A computer security officer has investigated a possible data breach and has found it credible. The officer notifies the data center manager and the Chief Information Security Officer (CISO). This is an example of:

  1. escalation and notification.

  2. first responder.

  3. incident identification.

  4. incident mitigation.

Answer: A Explanation:

Escalation and notification is a response strategy that outlines a staged procedure of escalation and notification that is to be followed in the event of a security incident. Only those in specific positions of authority or responsibility must receive notification of the security breach.

Question No: 287 – (Topic 2)

Sara, an employee, tethers her smartphone to her work PC to bypass the corporate web security gateway while connected to the LAN. While Sara is out at lunch her PC is compromised via the tethered connection and corporate data is stolen. Which of the following would BEST prevent this from occurring again?

  1. Disable the wireless access and implement strict router ACLs.

  2. Reduce restrictions on the corporate web security gateway.

  3. Security policy and threat awareness training.

  4. Perform user rights and permissions reviews.

Answer: C Explanation:

BYOD (In this case Sara’s smart phone) involves the possibility of a personal device that is infected with malware introducing that malware to the network and security awareness training will address the issue of the company’s security policy with regard to BYOD.

Question No: 288 – (Topic 2)

In which of the following categories would creating a corporate privacy policy, drafting acceptable use policies, and group based access control be classified?

  1. Security control frameworks

  2. Best practice

  3. Access control methodologies

  4. Compliance activity

Answer: B Explanation:

Best practices are based on what is known in the industry and those methods that have consistently shown superior results over those achieved by other means. Furthermore best practices are applied to all aspects in the work environment.

Question No: 289 – (Topic 2)

Which of the following helps to apply the proper security controls to information?

  1. Data classification

  2. Deduplication

  3. Clean desk policy

  4. Encryption

Answer: A Explanation:

Information classification is done by confidentiality and comprises of three categories, namely: public use, internal use and restricted use. These categories make applying the appropriate policies and security controls practical.

Question No: 290 – (Topic 2)

Results from a vulnerability analysis indicate that all enabled virtual terminals on a router can be accessed using the same password. The company’s network device security policy mandates that at least one virtual terminal have a different password than the other virtual terminals. Which of the following sets of commands would meet this requirement?

  1. line vty 0 6 P@s5W0Rd password line vty 7 Qwer !Y password

  2. line console 0 password password line vty 0 4 password P@s5W0Rd

  3. line vty 0 3 password Qwer !Y line vty 4 password P@s5W0Rd

  4. line vty 0 3 password Qwer !Y line console 0 password P@s5W0Rd

Answer: C Explanation:

The VTY lines are the Virtual Terminal lines of the router, used solely to control inbound Telnet connections. They are virtual, in the sense that they are a function of software – there is no hardware associated with them.

Two numbers follow the keyword VTY because there is more than one VTY line for router access. The default number of lines is five on many Cisco routers. Here, I’m configuring one password for all terminal (VTY) lines. I can specify the actual terminal or VTY line numbers as a range. The syntax that you’ll see most often, vty 0 4, covers all five terminal access lines.

100% Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass SY0-401 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE