SY0-401 Latest Exam (May 2018)

[Free] 2018(May) EnsurePass Pass4sure CompTIA SY0-401 Dumps with VCE and PDF 301-310

May 2, 2018 : Ensure you pass the IT Exams
2018 May CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!

CompTIA Security Certification

Question No: 301 – (Topic 2)

Which of the following concepts describes the use of a one way transformation in order to validate the integrity of a program?

  1. Hashing

  2. Key escrow

  3. Non-repudiation

  4. Steganography

Answer: A Explanation:

Hashing refers to the hash algorithms used in cryptography. It is used to store data, such as hash tables and its main characteristics are:

It must be one-way – it is not reversible.

Variable-length input produces fixed-length output – whether you have two characters or 2 million, the hash size is the same.

The algorithm must have few or no collisions – in hashing two different inputs does not give the same output.

Question No: 302 – (Topic 2)

Visitors entering a building are required to close the back door before the front door of the same entry room is open. Which of the following is being described?

  1. Tailgating

  2. Fencing

  3. Screening

  4. Mantrap

Answer: D Explanation:

Mantraps are designed to contain an unauthorized, potentially hostile person/individual physically until authorities arrive. Mantraps are typically manufactured with bulletproof glass, high-strength doors, and locks and to allow the minimal amount of individuals depending on its size. Some mantraps even include scales that will weigh the person. The doors are designed in such a way as to open only when the mantrap is occupied or empty and not in-between. This means that the backdoor must first close before the front door will open; exactly what is required in this scenario.

Question No: 303 – (Topic 2)

Which of the following disaster recovery strategies has the highest cost and shortest recovery time?

  1. Warm site

  2. Hot site

  3. Cold site

  4. Co-location site

Answer: B Explanation:

A hot site is a location that can provide operations within hours of a failure. This type of site would have servers, networks, and telecommunications equipment in place to reestablish service in a short time. Hot sites provide network connectivity, systems, and preconfigured software to meet the needs of an organization. Databases can be kept up-to-date using network connections. These types of facilities are expensive, and they’re primarily suitable for short-term situations.

Question No: 304 – (Topic 2)

Which of the following functions provides an output which cannot be reversed and converts data into a string of characters?

  1. Hashing

  2. Stream ciphers

  3. Steganography

  4. Block ciphers

Answer: A Explanation:

Hashing refers to the hash algorithms used in cryptography. It is used to store data, such as hash tables one of its characteristics is that it must be one-way – it is not reversible.

Question No: 305 – (Topic 2)

Environmental control measures include which of the following?

  1. Access list

  2. Lighting

  3. Motion detection

  4. EMI shielding

Answer: D Explanation:

Environmental controls include HVAC, Fire Suppression, EMI Shielding, Hot and Cold Aisles, Environmental monitoring as well as Temperature and Humidity controls.

Question No: 306 – (Topic 2)

While rarely enforced, mandatory vacation policies are effective at uncovering:

  1. Help desk technicians with oversight by multiple supervisors and detailed quality control systems.

  2. Collusion between two employees who perform the same business function.

  3. Acts of incompetence by a systems engineer designing complex architectures as a member of a team.

  4. Acts of gross negligence on the part of system administrators with unfettered access to system and no oversight.

Answer: D Explanation:

Least privilege (privilege reviews) and job rotation is done when mandatory vacations are implemented. Then it will uncover areas where the system administrators neglected to check all users’ privileges since the other users must fill in their positions when they are on their mandatory vacation.

Question No: 307 – (Topic 2)

Which of the following technical controls is BEST used to define which applications a user can install and run on a company issued mobile device?

  1. Authentication

  2. Blacklisting

  3. Whitelisting

  4. Acceptable use policy

Answer: C


White lists are closely related to ACLs and essentially, a white list is a list of items that are allowed.

Question No: 308 – (Topic 2)

A software company has completed a security assessment. The assessment states that the company should implement fencing and lighting around the property. Additionally, the assessment states that production releases of their software should be digitally signed.

Given the recommendations, the company was deficient in which of the following core security areas? (Select TWO).

  1. Fault tolerance

  2. Encryption

  3. Availability

  4. Integrity

  5. Safety

  6. Confidentiality

Answer: D,E Explanation:

Aspects such as fencing, proper lighting, locks, CCTV, Escape plans Drills, escape routes and testing controls form part of safety controls.

Integrity refers to aspects such as hashing, digital signatures, certificates and non- repudiation – all of which has to do with data integrity.

Question No: 309 – (Topic 2)

Ann is starting a disaster recovery program. She has gathered specifics and team members for a meeting on site. Which of the following types of tests is this?

  1. Structured walkthrough

  2. Full Interruption test

  3. Checklist test

  4. Tabletop exercise

Answer: A


A structured walkthrough test of a recovery plan involves representatives from each of the functional areas coming together to review the plan to determine if the plan pertaining to their area is accurate and complete and can be implemented when required.

Question No: 310 – (Topic 2)

An online store wants to protect user credentials and credit card information so that customers can store their credit card information and use their card for multiple separate transactions.

Which of the following database designs provides the BEST security for the online store?

  1. Use encryption for the credential fields and hash the credit card field

  2. Encrypt the username and hash the password

  3. Hash the credential fields and use encryption for the credit card field

  4. Hash both the credential fields and the credit card field

Answer: C Explanation:

Hashing refers to the hash algorithms used in cryptography. It is used to store data, such as hash tables. One main characteristic of hashing is that the algorithm must have few or no collisions – in hashing two different inputs does not give the same output. Thus the credential fields should be hashed because anyone customer will have a unique credit card number/identity and since they will use their credit cards for many different transactions, the credit card field should be encrypted only, not hashed.

100% Ensurepass Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Ensurepass Free Guaranteed!
SY0-401 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No