SY0-401 Latest Exam (May 2018)

[Free] 2018(May) EnsurePass Pass4sure CompTIA SY0-401 Dumps with VCE and PDF 451-460

May 2, 2018 : Ensure you pass the IT Exams
2018 May CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!

CompTIA Security Certification

Question No: 451 – (Topic 2)

During which of the following phases of the Incident Response process should a security administrator define and implement general defense against malware?

  1. Lessons Learned

  2. Preparation

  3. Eradication

  4. Identification

Answer: B Explanation:

Incident response procedures involves: Preparation; Incident identification; Escalation and

notification; Mitigation steps; Lessons learned; Reporting; Recover/reconstitution procedures; First responder; Incident isolation (Quarantine; Device removal); Data breach; Damage and loss control. It is important to stop malware before it ever gets hold of a system -thus you should know which malware is out there and take defensive measures – this means preparation to guard against malware infection should be done.

Question No: 452 – (Topic 2)

A system administrator has concerns regarding their users accessing systems and secured areas using others’ credentials. Which of the following can BEST address this concern?

  1. Create conduct policies prohibiting sharing credentials.

  2. Enforce a policy shortening the credential expiration timeframe.

  3. Implement biometric readers on laptops and restricted areas.

  4. Install security cameras in areas containing sensitive systems.

Answer: C Explanation:

Biometrics is an authentication process that makes use of physical characteristics to establish identification. This will prevent users making use of others credentials.

Question No: 453 – (Topic 2)

Ann, the Chief Technology Officer (CTO), has agreed to allow users to bring their own device (BYOD) in order to leverage mobile technology without providing every user with a company owned device. She is concerned that users may not understand the company#39;s rules, and she wants to limit potential legal concerns. Which of the following is the CTO concerned with?

  1. Data ownership

  2. Device access control

  3. Support ownership

  4. Acceptable use

Answer: A Explanation:

Issues of limiting potential legal concerns regarding company rules where users are allowed to bring their own devices is the premise of data ownership. When a third party (in this case the user’s own device) is involves in a data exchange when clear rules and restrictions should be applied regarding data ownership.

Question No: 454 – (Topic 2)

Which of the following is a management control?

  1. Logon banners

  2. Written security policy

  3. SYN attack prevention

  4. Access Control List (ACL)

Answer: B Explanation:

Management control types include risk assessment, planning, systems and Services Acquisition as well as Certification, Accreditation and Security Assessment; and written security policy falls in this category.

Question No: 455 – (Topic 2)

Pete, a security analyst, has been informed that the development team has plans to develop an application which does not meet the company’s password policy. Which of the following should Pete do NEXT?

  1. Contact the Chief Information Officer and ask them to change the company password policy so that the application is made compliant.

  2. Tell the application development manager to code the application to adhere to the company’s password policy.

  3. Ask the application development manager to submit a risk acceptance memo so that the issue can be documented.

  4. Inform the Chief Information Officer of non-adherence to the security policy so that the developers can be reprimanded.

Answer: B


Since the application is violating the security policy it should be coded differently to comply with the password policy.

Question No: 456 – (Topic 2)

The datacenter manager is reviewing a problem with a humidity factor that is too low. Which of the following environmental problems may occur?

  1. EMI emanations

  2. Static electricity

  3. Condensation

  4. Dry-pipe fire suppression

Answer: B Explanation:

Humidity control prevents the buildup of static electricity in the environment. If the humidity drops much below 50 percent, electronic components are extremely vulnerable to damage from electrostatic shock.

Question No: 457 – (Topic 2)

Matt, a forensic analyst, wants to obtain the digital fingerprint for a given message. The message is 160-bits long. Which of the following hashing methods would Matt have to use to obtain this digital fingerprint?

  1. SHA1

  2. MD2

  3. MD4

  4. MD5

Answer: A Explanation:

The Secure Hash Algorithm (SHA) was designed to ensure the integrity of a message. SHA is a one-way hash that provides a hash value that can be used with an encryption protocol. This algorithm produces a 160-bit hash value. SHA (1 or 2) is preferred over

Message Digest Algorithm.

Question No: 458 – (Topic 2)

A security analyst has been notified that trade secrets are being leaked from one of the executives in the corporation. When reviewing this executive’s laptop they notice several pictures of the employee’s pets are on the hard drive and on a cloud storage network.

When the analyst hashes the images on the hard drive against the hashes on the cloud network they do not match.

Which of the following describes how the employee is leaking these secrets?

  1. Social engineering

  2. Steganography

  3. Hashing

  4. Digital signatures

Answer: B Explanation:

Steganography is the process of hiding one message in another. Steganography may also be referred to as electronic watermarking. It is also the process of hiding a message in a medium such as a digital image, audio fi le, or other fi le. In theory, doing this prevents analysts from detecting the real message. You could encode your message in another file or message and use that file to hide your message.

Question No: 459 – (Topic 2)

Sara, the Chief Security Officer (CSO), has had four security breaches during the past two years.

Each breach has cost the company $3,000. A third party vendor has offered to repair the security hole in the system for $25,000. The breached system is scheduled to be replaced in five years.

Which of the following should Sara do to address the risk?

  1. Accept the risk saving $10,000.

  2. Ignore the risk saving $5,000.

  3. Mitigate the risk saving $10,000.

  4. Transfer the risk saving $5,000.

Answer: D Explanation:

Risk transference involves sharing some of the risk burden with someone else, such as an insurance company. The cost of the security breach over a period of 5 years would amount to $30,000 and it is better to save $5,000.

Question No: 460 CORRECT TEXT – (Topic 2)

A security administrator discovers that an attack has been completed against a node on the corporate network. All available logs were collected and stored.

You must review all network logs to discover the scope of the attack, check the box of the node(s) that have been compromised and drag and drop the appropriate actions to complete the incident response on the network. The environment is a critical production environment; perform the LEAST disruptive actions on the network, while still performing the appropriate incident responses.

Instructions: The web server, database server, IDS, and User PC are clickable. Check the box of the node(s) that have been compromised and drag and drop the appropriate actions to complete the incident response on the network. Not all actions may be used, and order is not important. If at anytime you would like to bring back the initial state of the simulation, please select the Reset button. When you have completed the simulation, please select the Done button to submit. Once the simulation is submitted, please select the Next button to continue.

Ensurepass 2018 PDF and VCE

Answer: Database server was attacked; actions should be to capture network traffic and Chain of Custody.


(The database server logs shows the Audit Failure and Audit Success attempts)It is only logical that all the logs will be stored on the database server and the least disruption action on the network to take as a response to the incident would be to check the logs (since these are already collected and stored) and maintain a chain of custody of those logs.

Ensurepass 2018 PDF and VCE

Ensurepass 2018 PDF and VCE

Ensurepass 2018 PDF and VCE

Macintosh HD:Users:danielkeller:Desktop:Screen Shot 2015-07-28 at 3.10.42 PM.png IDS Server Log:

Macintosh HD:Users:danielkeller:Desktop:Screen Shot 2015-07-28 at 3.03.47 PM.png

Web Server Log:

Ensurepass 2018 PDF and VCE

Macintosh HD:Users:danielkeller:Desktop:Screen Shot 2015-07-28 at 3.06.10 PM.png

Ensurepass 2018 PDF and VCE

Macintosh HD:Users:danielkeller:Desktop:Screen Shot 2015-07-28 at 3.06.30 PM.png

Database Server Log:

Ensurepass 2018 PDF and VCE

Macintosh HD:Users:danielkeller:Desktop:Screen Shot 2015-07-28 at 3.00.56 PM.png Users PC Log:

Ensurepass 2018 PDF and VCE

Macintosh HD:Users:danielkeller:Desktop:Screen Shot 2015-07-28 at 3.08.02 PM.png

100% Ensurepass Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Ensurepass Free Guaranteed!
SY0-401 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No