Latest Certified Success Dumps Download

SY0-401 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Passguide CompTIA SY0-401 Dumps with VCE and PDF 481-490

September 20, 2017

2017 Sep CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!

CompTIA Security Certification

Question No: 481 – (Topic 2)

Which of the following are examples of detective controls?

  1. Biometrics, motion sensors and mantraps.

  2. Audit, firewall, anti-virus and biometrics.

  3. Motion sensors, intruder alarm and audit.

  4. Intruder alarm, mantraps and firewall.

Answer: C Explanation:

Detective controls are those that operate afterward so as to discover that has happened. Detective controls include security guards, motion detectors, recording and reviewing of events captured by security cameras or CCTV, job rotation, mandatory vacations, audit trails, honeypots or honeynets, IDSs, violation reports, supervision and reviews of users, and incident investigations.

Question No: 482 – (Topic 2)

Sara, a company’s security officer, often receives reports of unauthorized personnel having access codes to the cipher locks of secure areas in the building. Sara should immediately implement which of the following?

  1. Acceptable Use Policy

  2. Physical security controls

  3. Technical controls

  4. Security awareness training

Answer: D Explanation:

Security awareness and training include explaining policies, procedures, and current threats to both users and management. A security awareness and training program can do much to assist in your efforts to improve and maintain security. A good security awareness training program for the entire organization should cover the following areas: Importance of security; Responsibilities of people in the organization; Policies and procedures; Usage policies; Account and password-selection criteria as well as Social engineering prevention.

Question No: 483 – (Topic 2)

The system administrator notices that their application is no longer able to keep up with the large amounts of traffic their server is receiving daily. Several packets are dropped and sometimes the server is taken offline. Which of the following would be a possible solution to look into to ensure their application remains secure and available?

  1. Cloud computing

  2. Full disk encryption

  3. Data Loss Prevention

  4. HSM

Answer: A Explanation:

Cloud computing means hosting services and data on the Internet instead of hosting it locally. There is thus no issue when the company’s server is taken offline.

Question No: 484 – (Topic 2)

Which of the following assets is MOST likely considered for DLP?

  1. Application server content

  2. USB mass storage devices

  3. Reverse proxy

  4. Print server

Answer: B Explanation:

Data loss prevention (DLP) systems monitor the contents of systems (workstations, servers, and networks) to make sure that key content is not deleted or removed. They also monitor who is using the data (looking for unauthorized access) and transmitting the data. A USB presents the most likely device to be used to steal data because of its physical size.

Question No: 485 – (Topic 2)

A company hosts its public websites internally. The administrator would like to make some changes to the architecture.

The three goals are:

reduce the number of public IP addresses in use by the web servers drive all the web traffic through a central point of control

mitigate automated attacks that are based on IP address scanning Which of the following would meet all three goals?

  1. Firewall

  2. Load balancer

  3. URL filter

  4. Reverse proxy

Answer: D Explanation:

The purpose of a proxy server is to serve as a proxy or middle man between clients and servers. Using a reverse proxy you will be able to meet the three stated goals.

Question No: 486 – (Topic 2)

An administrator has successfully implemented SSL on using wildcard certificate *, and now wishes to implement SSL on Which of the following files should be copied from srv4 to accomplish this?

  1. certificate, private key, and intermediate certificate chain

  2. certificate, intermediate certificate chain, and root certificate

  3. certificate, root certificate, and certificate signing request

  4. certificate, public key, and certificate signing request

Answer: A Explanation:

a wildcard certificate is a public key certificate which can be used with multiple subdomains of a domain. In public-key cryptography, the receiver has a private key known only to them; a public key corresponds to it, which they make known to others. The public key can be sent to all other parties; the private key is never divulged. A symmetric algorithm requires that receivers of the message use the same private key. Thus you should copy the certificate, the private key and the intermediate certificate chain from srv4 to srv5.

Question No: 487 – (Topic 2)

Which of the following results in datacenters with failed humidity controls? (Select TWO).

  1. Excessive EMI

  2. Electrostatic charge

  3. Improper ventilation

  4. Condensation

  5. Irregular temperature

Answer: B,D Explanation:

Humidity control prevents the buildup of static electricity in the environment. If the humidity drops much below 50 percent, electronic components are extremely vulnerable to damage from electrostatic shock. Most environmental systems also regulate humidity; however, a malfunctioning system can cause the humidity to be almost entirely extracted from a room. Make sure that environmental systems are regularly serviced. Electrostatic damage can occur when humidity levels get too low. Condensation is a direct result from failed humidity levels.

Question No: 488 – (Topic 2)

Which of the following risk mitigation strategies will allow Ann, a security analyst, to enforce least privilege principles?

  1. User rights reviews

  2. Incident management

  3. Risk based controls

  4. Annual loss expectancy

Answer: A Explanation:

A least privilege policy should be used when assigning permissions. Give users only the permissions and rights that they need to do their work and no more.

Question No: 489 – (Topic 2)

Which of the following is an example of a false negative?

  1. The IDS does not identify a buffer overflow.

  2. Anti-virus identifies a benign application as malware.

  3. Anti-virus protection interferes with the normal operation of an application.

  4. A user account is locked out after the user mistypes the password too many times.

Answer: A Explanation:

With a false negative, you are not alerted to a situation when you should be alerted.

Question No: 490 – (Topic 2)

Which of the following is being tested when a company’s payroll server is powered off for eight hours?

  1. Succession plan

  2. Business impact document

  3. Continuity of operations plan

  4. Risk assessment plan

Answer: C Explanation:

Continuity of operations plan is the effort to ensure the continued performance of critical business functions during a wide range of potential emergencies.

100% Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass SY0-401 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE