CompTIA SY0-401 exam braindumps at Testking are updated timely to give you the most traditional practice materials created by Testking?¡¥s certified professors. Testking features a big team regarding certification exam experts. These people always retain in touch together with the changes in the particular CompTIA CompTIA real exam papers. Right now there must be a number of changes in the particular SY0-401 exam syllabus every yr. So all of us should update the particular CompTIA SY0-401 exam demos timely in order to supply our clients the most up-to-date preparatory materials.
2021 Jan SY0-401 real exam
Q201. Which of the following devices is BEST suited to protect an HTTP-based application that is susceptible to injection attacks?
A. Protocol filter
B. Load balancer
C. NIDS
D. Layer 7 firewall
Answer: D
Explanation:
An application-level gateway firewall filters traffic based on user access, group membership, the application or service used, or even the type of resources being transmitted. This type of firewall operates at the Application layer (Layer 7) of the OSI model.
Q202. Which of the following is the BEST reason to provide user awareness and training programs for organizational staff?
A. To ensure proper use of social media
B. To reduce organizational IT risk
C. To detail business impact analyses
D. To train staff on zero-days
Answer: B
Explanation:
Ideally, a security awareness training program for the entire organization should cover the following areas: Importance of security Responsibilities of people in the organization Policies and procedures Usage policies Account and password-selection criteria Social engineering prevention
You can accomplish this training either by using internal staff or by hiring outside trainers. This type of training will significantly reduce the organizational IT risk.
Q203. An administrator notices an unusual spike in network traffic from many sources. The administrator suspects that:
A. it is being caused by the presence of a rogue access point.
B. it is the beginning of a DDoS attack.
C. the IDS has been compromised.
D. the internal DNS tables have been poisoned.
Answer: B
Explanation:
A Distributed Denial of Service (DDoS) attack is an attack from several different computers
targeting a single computer.
One common method of attack involves saturating the target machine with external
communications requests, so much so that it cannot respond to legitimate traffic, or responds so
slowly as to be rendered essentially unavailable. Such attacks usually lead to a server overload.
A distributed denial-of-service (DDoS) attack occurs when multiple systems flood the bandwidth or
resources of a targeted system, usually one or more web servers. Such an attack is often the
result of multiple compromised systems (for example a botnet) flooding the targeted system with
traffic. When a server is overloaded with connections, new connections can no longer be
accepted. The major advantages to an attacker of using a distributed denial-of-service attack are
that multiple machines can generate more attack traffic than one machine, multiple attack
machines are harder to turn off than one attack machine, and that the behavior of each attack
machine can be stealthier, making it harder to track and shut down. These attacker advantages
cause challenges for defense mechanisms. For example, merely purchasing more incoming
bandwidth than the current volume of the attack might not help, because the attacker might be
able to simply add more attack machines. This after all will end up completely crashing a website
for periods of time.
Malware can carry DDoS attack mechanisms; one of the better-known examples of this was
MyDoom. Its DoS mechanism was triggered on a specific date and time. This type of DDoS
involved hardcoding the target IP address prior to release of the malware and no further
interaction was necessary to launch the attack.
Q204. A company wants to ensure that all credentials for various systems are saved within a central database so that users only have to login once for access to all systems. Which of the following would accomplish this?
A. Multi-factor authentication
B. Smart card access
C. Same Sign-On
D. Single Sign-On
Answer: D
Explanation:
Single sign-on means that once a user (or other subject) is authenticated into a realm, re-authentication is not required for access to resources on any realm entity. Single sign-on is able to internally translate and store credentials for the various mechanisms, from the credential used for original authentication.
Q205. Which of the following network design elements allows for many internal devices to share one public IP address?
A. DNAT
B. PAT
C. DNS
D. DMZ
Answer: B
Explanation:
Port Address Translation (PAT), is an extension to network address translation (NAT) that permits multiple devices on a local area network (LAN) to be mapped to a single public IP address. The goal of PAT is to conserve IP addresses.
Most home networks use PAT. In such a scenario, the Internet Service Provider (ISP) assigns a single IP address to the home network's router. When Computer X logs on the Internet, the router assigns the client a port number, which is appended to the internal IP address. This, in effect, gives Computer X a unique address. If Computer Z logs on the Internet at the same time, the router assigns it the same local IP address with a different port number. Although both computers are sharing the same public IP address and accessing the Internet at the same time, the router knows exactly which computer to send specific packets to because each computer has a unique internal address.
Update SY0-401 test engine:
Q206. A security team has identified that the wireless signal is broadcasting into the parking lot. To reduce the risk of an attack against the wireless network from the parking lot, which of the following controls should be used? (Select TWO).
A. Antenna placement
B. Interference
C. Use WEP
D. Single Sign on
E. Disable the SSID
F. Power levels
Answer: A,F
Explanation:
Placing the antenna in the correct position is crucial. You can then adjust the power levels to exclude the parking lot.
Q207. Which of the following protocols encapsulates an IP packet with an additional IP header?
A. SFTP
B. IPSec
C. HTTPS
D. SSL
Answer: B
Explanation:
Authentication Header (AH) is a member of the IPsec protocol suite. AH operates directly on top of IP, using IP protocol number 51.
Q208. A user in the company is in charge of various financial roles but needs to prepare for an upcoming audit. They use the same account to access each financial system. Which of the following security controls will MOST likely be implemented within the company?
A. Account lockout policy
B. Account password enforcement
C. Password complexity enabled
D. Separation of duties
Answer: D
Explanation:
Separation of duties means that users are granted only the permissions they need to do their work and no more. More so it means that there is differentiation between users, employees and duties per se which form part of best practices.
Q209. Key cards at a bank are not tied to individuals, but rather to organizational roles. After a break in, it becomes apparent that extra efforts must be taken to successfully pinpoint who exactly enters secure areas. Which of the following security measures can be put in place to mitigate the issue until a new key card system can be installed?
A. Bollards
B. Video surveillance
C. Proximity readers
D. Fencing
Answer: B
Explanation:
Q210. Pete, the system administrator, wishes to monitor and limit users’ access to external websites.
Which of the following would BEST address this?
A. Block all traffic on port 80.
B. Implement NIDS.
C. Use server load balancers.
D. Install a proxy server.
Answer: D
Explanation:
A proxy is a device that acts on behalf of other(s). In the interest of security, all internal user interaction with the Internet should be controlled through a proxy server. The proxy server should automatically block known malicious sites. The proxy server should cache often-accessed sites to improve performance.