Latest Certified Success Dumps Download

CISCO, MICROSOFT, COMPTIA, HP, IBM, ORACLE, VMWARE
SY0-401 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Passguide CompTIA SY0-401 Dumps with VCE and PDF 471-480

September 20, 2017

EnsurePass
2017 Sep CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/SY0-401.html

CompTIA Security Certification

Question No: 471 – (Topic 2)

Which of the following mitigation strategies is established to reduce risk when performing updates to business critical systems?

  1. Incident management

  2. Server clustering

  3. Change management

  4. Forensic analysis

Answer: C Explanation:

Change Management is a risk mitigation approach and refers to the structured approach that is followed to secure a company’s assets. In this case ‘performing updates to business critical systems.

Question No: 472 – (Topic 2)

An administrator wants to minimize the amount of time needed to perform backups during the week. It is also acceptable to the administrator for restoration to take an extended time frame.

Which of the following strategies would the administrator MOST likely implement?

  1. Full backups on the weekend and incremental during the week

  2. Full backups on the weekend and full backups every day

  3. Incremental backups on the weekend and differential backups every day

  4. Differential backups on the weekend and full backups every day

Answer: A Explanation:

A full backup is a complete, comprehensive backup of all fi les on a disk or server. The full backup is current only at the time it’s performed. Once a full backup is made, you have a complete archive of the system at that point in time. A system shouldn’t be in use while it undergoes a full backup because some fi les may not get backed up. Once the system goes back into operation, the backup is no longer current. A full backup can be a time- consuming process on a large system.

An incremental backup is a partial backup that stores only the information that has been changed since the last full or the last incremental backup. If a full backup were performed

on a Sunday night, an incremental backup done on Monday night would contain only the information that changed since Sunday night. Such a backup is typically considerably smaller than a full backup. Each incremental backup must be retained until a full backup can be performed. Incremental backups are usually the fastest backups to perform on most systems, and each incremental backup tape is relatively small.

Question No: 473 – (Topic 2)

Developers currently have access to update production servers without going through an approval process. Which of the following strategies would BEST mitigate this risk?

  1. Incident management

  2. Clean desk policy

  3. Routine audits

  4. Change management

Answer: D Explanation:

Change Management is a risk mitigation approach and refers to the structured approach that is followed to secure a company’s assets. This structured approach involves policies that should be in place and technological controls that should be enforced.

Question No: 474 – (Topic 2)

Which of the following is a Data Loss Prevention (DLP) strategy and is MOST useful for securing data in use?

  1. Email scanning

  2. Content discovery

  3. Database fingerprinting

  4. Endpoint protection

Answer: D Explanation:

Data loss prevention (DLP) systems monitor the contents of systems (workstations, servers, and networks) to make sure that key content is not deleted or removed. They also

monitor who is using the data (looking for unauthorized access) and transmitting the data. DLP systems share commonality with network intrusion prevention systems. Endpoint protection provides security and management over both physical and virtual environments.

Question No: 475 – (Topic 2)

Company A submitted a bid on a contract to do work for Company B via email. Company B was insistent that the bid did not come from Company A. Which of the following would have assured that the bid was submitted by Company A?

  1. Steganography

  2. Hashing

  3. Encryption

  4. Digital Signatures

Answer: D Explanation:

A digital signature is similar in function to a standard signature on a document. It validates the integrity of the message and the sender. The message is encrypted using the encryption system, and a second piece of information, the digital signature, is added to the message.

Question No: 476 – (Topic 2)

After an assessment, auditors recommended that an application hosting company should contract with additional data providers for redundant high speed Internet connections.

Which of the following is MOST likely the reason for this recommendation? (Select TWO).

  1. To allow load balancing for cloud support

  2. To allow for business continuity if one provider goes out of business

  3. To eliminate a single point of failure

  4. To allow for a hot site in case of disaster

  5. To improve intranet communication speeds

Answer: B,C Explanation:

A high-speed internet connection to a second data provider could be used to keep an up- to-date replicate of the main site. In case of problem on the first site, operation can quickly switch to the second site. This eliminates the single point of failure and allows the business to continue uninterrupted on the second site.

Note: Recovery Time Objective

The recovery time objective (RTO) is the maximum amount of time that a process or service is allowed to be down and the consequences still be considered acceptable. Beyond this time, the break in business continuity is considered to affect the business negatively. The RTO is agreed on during BIA creation.

Question No: 477 – (Topic 2)

In the initial stages of an incident response, Matt, the security administrator, was provided the hard drives in question from the incident manager. Which of the following incident response procedures would he need to perform in order to begin the analysis? (Select TWO).

  1. Take hashes

  2. Begin the chain of custody paperwork

  3. Take screen shots

  4. Capture the system image

  5. Decompile suspicious files

Answer: A,D Explanation:

A: Take Hashes. NIST (the National Institute of Standards and Technology) maintains a National Software Reference Library (NSRL). One of the purposes of the NSRL is to collect “known, traceable software applications” through their hash values and store them in a Reference Data Set (RDS). The RDS can then be used by law enforcement, government agencies, and businesses to determine which fi les are important as evidence in criminal investigations.

D: A system image is a snapshot of what exists. Capturing an image of the operating system in its exploited state can be helpful in revisiting the issue after the fact to learn more about it.

Question No: 478 – (Topic 2)

Which of the following is a security risk regarding the use of public P2P as a method of collaboration?

  1. Data integrity is susceptible to being compromised.

  2. Monitoring data changes induces a higher cost.

  3. Users are not responsible for data usage tracking.

  4. Limiting the amount of necessary space for data storage.

Answer: A Explanation:

Peer-to-peer (P2P) networking is commonly used to share files such as movies and music, but you must not allow users to bring in devices and create their own little networks. All networking must be done through administrators and not on a P2P basis. Data integrity can easily be compromised when using public P2P networking.

Question No: 479 – (Topic 2)

Which of the following MOST specifically defines the procedures to follow when scheduled system patching fails resulting in system outages?

  1. Risk transference

  2. Change management

  3. Configuration management

  4. Access control revalidation

Answer: B Explanation:

Change Management is a risk mitigation approach and refers to the structured approach that is followed to secure a company’s assets. In this case ‘scheduled system patching’.

Question No: 480 – (Topic 2)

The security administrator is implementing a malware storage system to archive all malware seen by the company into a central database. The malware must be categorized and stored based on similarities in the code. Which of the following should the security administrator use to identify similar malware?

  1. TwoFish

  2. SHA-512

  3. Fuzzy hashes

  4. HMAC

Answer: C Explanation:

Hashing is used to ensure that a message has not been altered. It can be useful for positively identifying malware when a suspected file has the same hash value as a known piece of malware. However, modifying a single bit of a malicious file will alter its hash value. To counter this, a continuous stream of hash values is generated for rolling block of code. This can be used to determine the similarity between a suspected file and known pieces of malware.

100% Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass SY0-401 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE