SY0-401 Latest Exam (May 2018)

[Free] 2018(May) EnsurePass Pass4sure CompTIA SY0-401 Dumps with VCE and PDF 271-280

May 2, 2018 : Ensure you pass the IT Exams
2018 May CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!

CompTIA Security Certification

Question No: 271 – (Topic 2)

Which of the following would a security administrator use to verify the integrity of a file?

  1. Time stamp

  2. MAC times

  3. File descriptor

  4. Hash

Answer: D Explanation:

Hashing refers to the hash algorithms used in cryptography. It is used to store data, such as hash tables and it is a one-way transformation in order to validate the integrity of data.

Question No: 272 – (Topic 2)

Jane has implemented an array of four servers to accomplish one specific task. This is BEST known as which of the following?

  1. Clustering

  2. RAID

  3. Load balancing

  4. Virtualization

Answer: A Explanation:

Anytime you connect multiple computers to work/act together as a single server, it is known as clustering. Clustered systems utilize parallel processing (improving performance and availability) and add redundancy (but also add costs).

Question No: 273 – (Topic 2)

Which of the following is a security benefit of providing additional HVAC capacity or increased tonnage in a datacenter?

  1. Increased availability of network services due to higher throughput

  2. Longer MTBF of hardware due to lower operating temperatures

  3. Higher data integrity due to more efficient SSD cooling

  4. Longer UPS run time due to increased airflow

Answer: B Explanation:

The mean time between failures (MTBF) is the measure of the anticipated incidence of failure for a system or component. This measurement determines the component’s anticipated lifetime. If the MTBF of a cooling system is one year, you can anticipate that the system will last for a one-year period; this means that you should be prepared to replace or rebuild the system once a year. If the system lasts longer than the MTBF, your organization receives a bonus. MTBF is helpful in evaluating a system’s reliability and life expectancy.

Thus longer MTBF due to lower operating temperatures is a definite advantage

Question No: 274 – (Topic 2)

A customer service department has a business need to send high volumes of confidential information to customers electronically. All emails go through a DLP scanner. Which of the following is the BEST solution to meet the business needs and protect confidential information?

  1. Automatically encrypt impacted outgoing emails

  2. Automatically encrypt impacted incoming emails

  3. Monitor impacted outgoing emails

  4. Prevent impacted outgoing emails

Answer: A Explanation:

Encryption is done to protect confidentiality and integrity of data. It also provides authentication, nonrepudiation and access control to the data. Since all emails go through a DLP scanner and it is outgoing main that requires protection then the best option is to put a system in place that will encrypt the outgoing emails automatically.

Question No: 275 – (Topic 2)

To help prevent unauthorized access to PCs, a security administrator implements screen savers that lock the PC after five minutes of inactivity. Which of the following controls is

being described in this situation?

  1. Management

  2. Administrative

  3. Technical

  4. Operational

Answer: C Explanation:

controls such as preventing unauthorized access to PC’s and applying screensavers that lock the PC after five minutes of inactivity is a technical control type, the same as Identification and Authentication, Access Control, Audit and Accountability as well as System and Communication Protection.

Question No: 276 – (Topic 2)

Pete, the system administrator, has blocked users from accessing social media web sites. In addition to protecting company information from being accidentally leaked, which additional security benefit does this provide?

  1. No competition with the company’s official social presence

  2. Protection against malware introduced by banner ads

  3. Increased user productivity based upon fewer distractions

  4. Elimination of risks caused by unauthorized P2P file sharing

Answer: B Explanation:

Banner, or header information messages sent with data to find out about the system(s) does happen. Banners often identify the host, the operating system running on it, and other information that can be useful if you are going to attempt to later breach the security of it.

Question No: 277 – (Topic 2)

In which of the following steps of incident response does a team analyse the incident and determine steps to prevent a future occurrence?

  1. Mitigation

  2. Identification

  3. Preparation

  4. Lessons learned

Answer: D Explanation:

Incident response procedures involves in chronological order: Preparation; Incident identification; Escalation and notification; Mitigation steps; Lessons learned; Reporting; Recover/reconstitution procedures; First responder; Incident isolation (Quarantine; Device removal); Data breach; Damage and loss control. Thus lessons are only learned after the mitigation occurred. For only then can you ‘step back’ and analyze the incident to prevent the same occurrence in future.

Question No: 278 – (Topic 2)

Which of the following is used by the recipient of a digitally signed email to verify the identity of the sender?

  1. Recipient’s private key

  2. Sender’s public key

  3. Recipient’s public key

  4. Sender’s private key

Answer: B Explanation:

When the sender wants to send a message to the receiver. It’s important that this message not be altered. The sender uses the private key to create a digital signature. The message is, in effect, signed with the private key. The sender then sends the message to the receiver. The recipient uses the public key attached to the message to validate the digital signature. If the values match, the receiver knows the message is authentic. Thus the recipient uses the sender’s public key to verify the sender’s identity.

Question No: 279 – (Topic 2)

After a company has standardized to a single operating system, not all servers are immune

to a well-known OS vulnerability. Which of the following solutions would mitigate this issue?

  1. Host based firewall

  2. Initial baseline configurations

  3. Discretionary access control

  4. Patch management system

Answer: D Explanation:

A patch is an update to a system. Sometimes a patch adds new functionality; in other cases, it corrects a bug in the software. Patch Management can thus be used to fix security problems discovered within the OS thus negating a known OS vulnerability.

Question No: 280 – (Topic 2)

Sara, a security analyst, is trying to prove to management what costs they could incur if their customer database was breached. This database contains 250 records with PII. Studies show that the cost per record for a breach is $300. The likelihood that their database would be breached in the next year is only 5%. Which of the following is the ALE that Sara should report to management for a security breach?

A. $1,500 B. $3,750 C. $15,000 D. $75,000

Answer: B Explanation:

SLE 脳 ARO = ALE, where SLE is equal to asset value (AV) times exposure factor (EF); and ARO is the annualized rate of occurrence.

SLE = 250 x $300; ARO = 5%

$75000 x 0.05 = $3750

100% Ensurepass Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Ensurepass Free Guaranteed!
SY0-401 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No