Latest Certified Success Dumps Download

SY0-401 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Passguide CompTIA SY0-401 Dumps with VCE and PDF 321-330

September 20, 2017

2017 Sep CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!

CompTIA Security Certification

Question No: 321 – (Topic 2)

Which of the following can result in significant administrative overhead from incorrect reporting?

  1. Job rotation

  2. Acceptable usage policies

  3. False positives

  4. Mandatory vacations

Answer: C Explanation:

False positives are essentially events that are mistakenly flagged and are not really events

to be concerned about. This causes a significant administrative overhead because the reporting is what results in the false positives.

Question No: 322 – (Topic 2)

The Chief Technical Officer (CTO) has been informed of a potential fraud committed by a database administrator performing several other job functions within the company. Which of the following is the BEST method to prevent such activities in the future?

  1. Job rotation

  2. Separation of duties

  3. Mandatory Vacations

  4. Least Privilege

Answer: B Explanation:

Separation of duties means that users are granted only the permissions they need to do their work and no more. More so it means that you are employing best practices. The segregation of duties and separation of environments is a way to reduce the likelihood of misuse of systems or information. A separation of duties policy is designed to reduce the risk of fraud and to prevent other losses in an organization.

Question No: 323 – (Topic 2)

Which of the following could cause a browser to display the message below?

quot;The security certificate presented by this website was issued for a different website’s address.quot;

  1. The website certificate was issued by a different CA than what the browser recognizes in its trusted CAs.

  2. The website is using a wildcard certificate issued for the company’s domain.

  3. HTTPS://127.0.01 was used instead of HTTPS://localhost.

  4. The website is using an expired self signed certificate.

Answer: C


PKI is a two-key, asymmetric system with four main components: certificate authority (CA), registration authority (RA), RSA (the encryption algorithm), and digital certificates. In typical public key infrastructure (PKI) arrangements, a digital signature from a certificate authority (CA) attests that a particular public key certificate is valid (i.e., contains correct information). Users, or their software on their behalf, check that the private key used to sign some certificate matches the public key in the CA#39;s certificate. Since CA certificates are often signed by other, quot;higher-ranking,quot; CAs, there must necessarily be a highest CA, which provides the ultimate in attestation authority in that particular PKI scheme.

Localhost is a hostname that means this computer and may be used to access the computer#39;s own network services via its loopback network interface. Using the loopback interface bypasses local network interface hardware. In this case the HTTPS://127.0.01 was used and not HTTPS//localhost

Question No: 324 – (Topic 2)

A network administrator has purchased two devices that will act as failovers for each other. Which of the following concepts does this BEST illustrate?

  1. Authentication

  2. Integrity

  3. Confidentiality

  4. Availability

Answer: D Explanation:

Failover refers to the process of reconstructing a system or switching over to other systems when a failure is detected. In the case of a server, the server switches to a redundant server when a fault is detected. This strategy allows service to continue uninterrupted until the primary server can be restored. In the case of a network, this means processing switches to another network path in the event of a network failure in the primary path. This means availability.

Question No: 325 – (Topic 2)

A cafe provides laptops for Internet access to their customers. The cafe is located in the center corridor of a busy shopping mall. The company has experienced several laptop

thefts from the cafe during peak shopping hours of the day. Corporate has asked that the IT department provide a solution to eliminate laptop theft. Which of the following would provide the IT department with the BEST solution?

  1. Attach cable locks to each laptop

  2. Require each customer to sign an AUP

  3. Install a GPS tracking device onto each laptop

  4. Install security cameras within the perimeter of the caf茅

Answer: A Explanation:

All laptop cases include a built-in security slot in which a cable lock can be inserted to prevent it from easily being removed from the premises.

Question No: 326 – (Topic 2)

The security administrator is currently unaware of an incident that occurred a week ago. Which of the following will ensure the administrator is notified in a timely manner in the future?

  1. User permissions reviews

  2. Incident response team

  3. Change management

  4. Routine auditing

Answer: D Explanation:

Routine audits are carried out after you have implemented security controls based on risk. These audits include aspects such as user rights and permissions and specific events.

Question No: 327 – (Topic 2)

Pete, the system administrator, is reviewing his disaster recovery plans. He wishes to limit the downtime in the event of a disaster, but does not have the budget approval to implement or maintain an offsite location that ensures 99.99% availability. Which of the following would be Pete’s BEST option?

  1. Use hardware already at an offsite location and configure it to be quickly utilized.

  2. Move the servers and data to another part of the company’s main campus from the server room.

  3. Retain data back-ups on the main campus and establish redundant servers in a virtual environment.

  4. Move the data back-ups to the offsite location, but retain the hardware on the main campus for redundancy.

Answer: A Explanation:

A warm site provides some of the capabilities of a hot site, but it requires the customer to do more work to become operational. Warm sites provide computer systems and compatible media capabilities. If a warm site is used, administrators and other staff will need to install and configure systems to resume operations. For most organizations, a warm site could be a remote office, a leased facility, or another organization with which yours has a reciprocal agreement.

Warm sites may be for your exclusive use, but they don’t have to be. A warm site requires more advanced planning, testing, and access to media for system recovery. Warm sites represent a compromise between a hot site, which is very expensive, and a cold site, which isn’t preconfigured.

Question No: 328 – (Topic 2)

The Chief Information Officer (CIO) is concerned with moving an application to a SaaS cloud provider. Which of the following can be implemented to provide for data confidentiality assurance during and after the migration to the cloud?

  1. HPM technology

  2. Full disk encryption

  3. DLP policy

  4. TPM technology

Answer: C Explanation:

Data loss prevention (DLP) systems monitor the contents of systems (workstations, servers, and networks) to make sure that key content is not deleted or removed. They also monitor who is using the data (looking for unauthorized access) and transmitting the data. The Software as a Service (SaaS) applications are remotely run over the Web and as such requires DLP monitoring.

Question No: 329 – (Topic 2)

A company that has a mandatory vacation policy has implemented which of the following controls?

  1. Risk control

  2. Privacy control

  3. Technical control

  4. Physical control

Answer: A Explanation:

Risk mitigation is done anytime you take steps to reduce risks. Thus mandatory vacation implementation is done as a risk control measure because it is a step that is taken as risk mitigation.

Question No: 330 – (Topic 2)

A company is preparing to decommission an offline, non-networked root certificate server. Before sending the server’s drives to be destroyed by a contracted company, the Chief Security Officer (CSO) wants to be certain that the data will not be accessed. Which of the following, if implemented, would BEST reassure the CSO? (Select TWO).

  1. Disk hashing procedures

  2. Full disk encryption

  3. Data retention policies

  4. Disk wiping procedures

  5. Removable media encryption

Answer: B,D Explanation:

B: Full disk encryption is when the entire volume is encrypted; the data is not accessible to someone who might boot another operating system in an attempt to bypass the computer’s security. Full disk encryption is sometimes referred to as hard drive encryption.

D: Disk wiping is the process of overwriting data on the repeatedly, or using a magnet to

alter the magnetic structure of the disks. This renders the data unreadable.

100% Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass SY0-401 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE