Just click the mouse from Actualtests and our own workers confirm your payment, you will get the instant access to the whole CompTIA SY0-401 training materials. Help make full use of the free of charge Pdf demos. Download the test engine software on your own PC and practice the test daily. Make paperwork on the problems and pay more attention in them. All of us promise that you simply will get a high passing level based on our own updated CompTIA CompTIA exam braindumps.
2021 Mar SY0-401 exam cost
Q201. Which of the following is BEST used to break a group of IP addresses into smaller network segments or blocks?
A. NAT
B. Virtualization
C. NAC
D. Subnetting
Answer: D
Explanation:
Subnetting is a dividing process used on networks to divide larger groups of hosts into smaller collections.
Q202. Which of the following protocols encapsulates an IP packet with an additional IP header?
A. SFTP
B. IPSec
C. HTTPS
D. SSL
Answer: B
Explanation:
Authentication Header (AH) is a member of the IPsec protocol suite. AH operates directly on top of IP, using IP protocol number 51.
Q203. Which of the following tools will allow a technician to detect security-related TCP connection anomalies?
A. Logical token
B. Performance monitor
C. Public key infrastructure
D. Trusted platform module
Answer: B
Explanation:
Performance Monitor in a Windows system can monitor many different ‘counters’. For TCP network connections, you can monitor specific TCP related counters including the following: Connection Failures Connections Active Connections Established Connections Passive Connections Reset Segments Received/sec Segments Retransmitted/sec Segments Sent/sec Total Segments/sec
By monitoring the counters listed above, you will be able to detect security-related TCP connection anomalies.
Q204. A security manager requires fencing around the perimeter, and cipher locks on all entrances. The manager is concerned with which of the following security controls?
A. Integrity
B. Availability
C. Confidentiality
D. Safety
Answer: D
Explanation:
Fencing is used to increase physical security and safety. Locks are used to keep those who are unauthorized out.
Q205. Which of the following ports should be used by a system administrator to securely manage a remote server?
A. 22
B. 69
C. 137
D. 445
Answer: A
Explanation:
Secure Shell (SSH) is a more secure replacement for Telnet, rlogon, rsh, and rcp. SSH can be called a remote access or remote terminal solution. SSH offers a means by which a command-line, text-only interface connection with a server, router, switch, or similar device can be established over any distance. SSH makes use of TCP port 22.
Abreast of the times SY0-401 pdf exam:
Q206. Which of the following is a security concern regarding users bringing personally-owned devices that they connect to the corporate network?
A. Cross-platform compatibility issues between personal devices and server-based applications
B. Lack of controls in place to ensure that the devices have the latest system patches and signature files
C. Non-corporate devices are more difficult to locate when a user is terminated
D. Non-purchased or leased equipment may cause failure during the audits of company-owned assets
Answer: B
Explanation:
With employees who want to bring their own devices you will have to make them understand why they cannot. You do not want them plugging in a flash drive, let alone a camera, smartphone, tablet computer, or other device, on which company fi les could get intermingled with personal files. Allowing this to happen can create situations where data can leave the building that shouldn’t as well as introduce malware to the system. Employees should not sync unauthorized smartphones to their work systems. Some smartphones use multiple wireless spectrums and unwittingly open up the possibility for an attacker in the parking lot to gain access through the phone to the internal network. Thus if you do not have controls in place then your network is definitely at risk.
Q207. Pete, the system administrator, wishes to monitor and limit users’ access to external websites.
Which of the following would BEST address this?
A. Block all traffic on port 80.
B. Implement NIDS.
C. Use server load balancers.
D. Install a proxy server.
Answer: D
Explanation:
A proxy is a device that acts on behalf of other(s). In the interest of security, all internal user interaction with the Internet should be controlled through a proxy server. The proxy server should automatically block known malicious sites. The proxy server should cache often-accessed sites to improve performance.
Q208. Which of the following risk concepts requires an organization to determine the number of failures per year?
A. SLE
B. ALE
C. MTBF
D. Quantitative analysis
Answer: B
Explanation:
ALE is the annual loss expectancy value. This is a monetary measure of how much loss you could expect in a year.
Q209. A recent review of accounts on various systems has found that after employees' passwords are required to change they are recycling the same password as before. Which of the following policies should be enforced to prevent this from happening? (Select TWO).
A. Reverse encryption
B. Minimum password age
C. Password complexity
D. Account lockouts
E. Password history
F. Password expiration
Answer: B,E
Explanation:
Q210. Which of the following network design elements allows for many internal devices to share one public IP address?
A. DNAT
B. PAT
C. DNS
D. DMZ
Answer: B
Explanation:
Port Address Translation (PAT), is an extension to network address translation (NAT) that permits multiple devices on a local area network (LAN) to be mapped to a single public IP address. The goal of PAT is to conserve IP addresses.
Most home networks use PAT. In such a scenario, the Internet Service Provider (ISP) assigns a single IP address to the home network's router. When Computer X logs on the Internet, the router assigns the client a port number, which is appended to the internal IP address. This, in effect, gives Computer X a unique address. If Computer Z logs on the Internet at the same time, the router assigns it the same local IP address with a different port number. Although both computers are sharing the same public IP address and accessing the Internet at the same time, the router knows exactly which computer to send specific packets to because each computer has a unique internal address.