SY0-401 Latest Exam (May 2018)

[Free] 2018(May) EnsurePass Pass4sure CompTIA SY0-401 Dumps with VCE and PDF 431-440

May 2, 2018 : Ensure you pass the IT Exams
2018 May CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!

CompTIA Security Certification

Question No: 431 – (Topic 2)

An incident response team member needs to perform a forensics examination but does not have the required hardware. Which of the following will allow the team member to perform

the examination with minimal impact to the potential evidence?

  1. Using a software file recovery disc

  2. Mounting the drive in read-only mode

  3. Imaging based on order of volatility

  4. Hashing the image after capture

Answer: B Explanation:

Mounting the drive in read-only mode will prevent any executable commands from being executed. This is turn will have the least impact on potential evidence using the drive in question.

Question No: 432 – (Topic 2)

Which of the following may significantly reduce data loss if multiple drives fail at the same time?

  1. Virtualization

  2. RAID

  3. Load balancing

  4. Server clustering

Answer: B Explanation:

RAID, or redundant array of independent disks (RAID). RAID allows your existing servers to have more than one hard drive so that if the main hard drive fails, the system keeps functioning.

Question No: 433 – (Topic 2)

A security administrator needs to image a large hard drive for forensic analysis. Which of the following will allow for faster imaging to a second hard drive?

  1. cp /dev/sda /dev/sdb bs=8k

  2. tail -f /dev/sda gt; /dev/sdb bs=8k

  3. dd in=/dev/sda out=/dev/sdb bs=4k

  4. locate /dev/sda /dev/sdb bs=4k

Answer: C Explanation:

dd is a command-line utility for Unix and Unix-like operating systems whose primary purpose is to convert and copy files. dd can duplicate data across files, devices, partitions and volumes

On Unix, device drivers for hardware (such as hard disks) and special device files (such as

/dev/zero and /dev/random) appear in the file system just like normal files; dd can also read and/or write from/to these files, provided that function is implemented in their respective driver. As a result, dd can be used for tasks such as backing up the boot sector of a hard drive, and obtaining a fixed amount of random data. The dd program can also perform conversions on the data as it is copied, including byte order swapping and conversion to and from the ASCII and EBCDIC text encodings.

An attempt to copy the entire disk using cp may omit the final block if it is of an unexpected length; whereas dd may succeed. The source and destination disks should have the same size.

Question No: 434 – (Topic 2)

A company executive#39;s laptop was compromised, leading to a security breach. The laptop was placed into storage by a junior system administrator and was subsequently wiped and re-imaged. When it was determined that the authorities would need to be involved, there was little evidence to present to the investigators. Which of the following procedures could have been implemented to aid the authorities in their investigation?

  1. A comparison should have been created from the original system#39;s file hashes

  2. Witness testimony should have been taken by the administrator

  3. The company should have established a chain of custody tracking the laptop

  4. A system image should have been created and stored

Answer: D Explanation:

A system image is a snapshot of what it and if a system image of the compromised system was created and stored, it is a useful tool when the authorities want to revisit the issue to investigate the incident.

Question No: 435 – (Topic 2)

Which of the following is an effective way to ensure the BEST temperature for all equipment within a datacenter?

  1. Fire suppression

  2. Raised floor implementation

  3. EMI shielding

  4. Hot or cool aisle containment

Answer: D Explanation:

There are often multiple rows of servers located in racks in server rooms. The rows of servers are known as aisles, and they can be cooled as hot aisles and cold aisles. With a hot aisle, hot air outlets are used to cool the equipment, whereas with cold aisles, cold air intake is used to cool the equipment. Combining the two, you have cold air intake from below the aisle and hot air outtake above it, providing constant circulation. This is a more effective way of controlling temperature to safeguard your equipment in a data center.

Question No: 436 – (Topic 2)

Which of the following can Pete, a security administrator, use to distribute the processing effort when generating hashes for a password cracking program?

  1. RAID

  2. Clustering

  3. Redundancy

  4. Virtualization

Answer: B Explanation:

Anytime you connect multiple computers to work/act together as a single server, it is known as clustering. Clustered systems utilize parallel processing (improving performance and availability) and add redundancy.

Server clustering is used to provide failover capabilities / redundancy in addition to scalability as demand increases.

Question No: 437 – (Topic 2)

Users can authenticate to a company’s web applications using their credentials from a popular social media site. Which of the following poses the greatest risk with this integration?

  1. Malicious users can exploit local corporate credentials with their social media credentials

  2. Changes to passwords on the social media site can be delayed from replicating to the company

  3. Data loss from the corporate servers can create legal liabilities with the social media site

  4. Password breaches to the social media site affect the company application as well

Answer: D Explanation:

Social networking and having you company’s application authentication ‘linked’ to users’ credential that they use on social media sites exposes your company’s application exponentially more than is necessary. You should strive to practice risk avoidance.

Question No: 438 – (Topic 2)

Computer evidence at a crime scene is documented with a tag stating who had possession of the evidence at a given time.

Which of the following does this illustrate?

  1. System image capture

  2. Record time offset

  3. Order of volatility

  4. Chain of custody

Answer: D Explanation:

Chain of custody deals with how evidence is secured, where it is stored, and who has access to it. When you begin to collect evidence, you must keep track of that evidence at all times and show who has it, who has seen it, and where it has been.

Question No: 439 – (Topic 2)

After a recent security breach, the network administrator has been tasked to update and backup all router and switch configurations. The security administrator has been tasked to enforce stricter security policies. All users were forced to undergo additional user awareness training. All of these actions are due to which of the following types of risk mitigation strategies?

  1. Change management

  2. Implementing policies to prevent data loss

  3. User rights and permissions review

  4. Lessons learned

Answer: D Explanation:

Incident response procedures involves: Preparation; Incident identification; Escalation and notification; Mitigation steps; Lessons learned; Reporting; Recover/reconstitution procedures; First responder; Incident isolation (Quarantine; Device removal); Data breach; Damage and loss control. Described in the question is a situation where a security breach had occurred and its response which shows that lessons have been learned and used to put in place measures that will prevent any future security breaches of the same kind.

Question No: 440 – (Topic 2)

A company has recently allowed employees to take advantage of BYOD by installing WAPs throughout the corporate office. An employee, Joe, has recently begun to view inappropriate material at work using his personal laptop. When confronted, Joe indicated that he was never told that he could not view that type of material on his personal laptop. Which of the following should the company have employees acknowledge before allowing them to access the corporate WLAN with their personal devices?

  1. Privacy Policy

  2. Security Policy

  3. Consent to Monitoring Policy

  4. Acceptable Use Policy

Answer: D Explanation:

Acceptable use policies (AUPs) describe how the employees in an organization can use company systems and resources, both software and hardware.

100% Ensurepass Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Ensurepass Free Guaranteed!
SY0-401 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No