SY0-401 Latest Exam (May 2018)

[Free] 2018(May) EnsurePass Pass4sure CompTIA SY0-401 Dumps with VCE and PDF 421-430

May 2, 2018 : Ensure you pass the IT Exams
2018 May CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!

CompTIA Security Certification

Question No: 421 – (Topic 2)

The IT department noticed that there was a significant decrease in network performance during the afternoon hours. The IT department performed analysis of the network and discovered this was due to users accessing and downloading music and video streaming from social sites. The IT department notified corporate of their findings and a memo was sent to all employees addressing the misuse of company resources and requesting adherence to company policy. Which of the following policies is being enforced?

  1. Acceptable use policy

  2. Telecommuting policy

  3. Data ownership policy

  4. Non disclosure policy

Answer: A Explanation:

Acceptable use policy describes how employees are allowed to use company systems and resources, and the consequences of misuse.

Question No: 422 – (Topic 2)

Mandatory vacations are a security control which can be used to uncover which of the following?

  1. Fraud committed by a system administrator

  2. Poor password security among users

  3. The need for additional security staff

  4. Software vulnerabilities in vendor code

Answer: A Explanation:

Mandatory vacations also provide an opportunity to discover fraud apart from the obvious benefits of giving employees a chance to refresh and making sure that others in the company can fill those positions and make the company less dependent on those persons; a sort pf replication and duplication at all levels.

Question No: 423 – (Topic 2)

Which of the following should Jane, a security administrator, perform before a hard drive is analyzed with forensics tools?

  1. Identify user habits

  2. Disconnect system from network

  3. Capture system image

  4. Interview witnesses

Answer: C Explanation:

Capturing an image of the operating system in its exploited state can be helpful in revisiting the issue after the fact to learn more about it. Very much as helpful in same way that a virus sample is kept in laboratories to study later after a breakout. Also you should act in the order of volatility which states that the system image capture is first on the list of a forensic analysis.

Question No: 424 – (Topic 2)

Which of the following has serious security implications for large organizations and can potentially allow an attacker to capture conversations?

  1. Subnetting

  2. NAT

  3. Jabber

  4. DMZ

Answer: C Explanation:

Jabber is a new unified communications application and could possible expose you to attackers that want to capture conversations because Jabber provides a single interface across presence, instant messaging, voice, video messaging, desktop sharing and conferencing.

Question No: 425 – (Topic 2)

Digital certificates can be used to ensure which of the following? (Select TWO).

  1. Availability

  2. Confidentiality

  3. Verification

  4. Authorization

  5. Non-repudiation

Answer: B,E


Digital Signatures is used to validate the integrity of the message and the sender. Digital certificates refer to cryptography which is mainly concerned with Confidentiality, Integrity, Authentication, Nonrepudiation and Access Control. Nonrepudiation prevents one party from denying actions they carried out.

Question No: 426 – (Topic 2)

Ann, a security technician, is reviewing the IDS log files. She notices a large number of alerts for multicast packets from the switches on the network. After investigation, she discovers that this is normal activity for her network. Which of the following BEST describes these results?

  1. True negatives

  2. True positives

  3. False positives

  4. False negatives

Answer: C Explanation:

False positives are essentially events that are mistakenly flagged and are not really events to be concerned about.

Question No: 427 – (Topic 2)

A company is trying to limit the risk associated with the use of unapproved USB devices to copy documents. Which of the following would be the BEST technology control to use in this scenario?

  1. Content filtering

  2. IDS

  3. Audit logs

  4. DLP

Answer: D Explanation:

Data loss prevention (DLP) is a strategy for making sure that end users do not send sensitive or critical information outside the corporate network. The term is also used to describe software products that help a network administrator control what data end users can transfer.

Question No: 428 – (Topic 2)

An organization is recovering data following a datacenter outage and determines that backup copies of files containing personal information were stored in an unsecure location, because the sensitivity was unknown. Which of the following activities should occur to prevent this in the future?

  1. Business continuity planning

  2. Quantitative assessment

  3. Data classification

  4. Qualitative assessment

Answer: C Explanation:

Information classification is done by confidentiality and comprises of three categories, namely: public use, internal use and restricted use. Knowing how to apply these categories and matching it up with the appropriate data handling will address the situation of the data ‘unknown sensitivity’

Question No: 429 – (Topic 2)

Several employees clicked on a link in a malicious message that bypassed the spam filter and their PCs were infected with malware as a result. Which of the following BEST prevents this situation from occurring in the future?

  1. Data loss prevention

  2. Enforcing complex passwords

  3. Security awareness training

  4. Digital signatures

Answer: C


Security awareness and training include explaining policies, procedures, and current threats to both users and management. A security awareness and training program can do much to assist in your efforts to improve and maintain security. Ideally, a security awareness training program for the entire organization should cover the following areas: Importance of security

Responsibilities of people in the organization Policies and procedures

Usage policies

Account and password-selection criteria Social engineering prevention

Question No: 430 – (Topic 2)

After copying a sensitive document from his desktop to a flash drive, Joe, a user, realizes that the document is no longer encrypted. Which of the following can a security technician implement to ensure that documents stored on Joe’s desktop remain encrypted when moved to external media or other network based storage?

  1. Whole disk encryption

  2. Removable disk encryption

  3. Database record level encryption

  4. File level encryption

Answer: D Explanation:

Encryption is used to ensure the confidentiality of information. In this case you should make use of file level encryption. File level encryption is a form of disk encryption where individual files or directories are encrypted by the file system itself. This is in contrast to full disk encryption where the entire partition or disk, in which the file system resides, is encrypted.

100% Ensurepass Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Ensurepass Free Guaranteed!
SY0-401 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No