It is more faster and easier to pass the CompTIA SY0-401 exam by using Tested CompTIA CompTIA Security+ Certification questuins and answers. Immediate access to the Replace SY0-401 Exam and find the same core area SY0-401 questions with professionally verified answers, then PASS your exam with a high score now.
2021 Dec SY0-401 exam question
Q241. Which of the following are examples of network segmentation? (Select TWO).
A. IDS
B. IaaS
C. DMZ
D. Subnet
E. IPS
Answer: C,D
Explanation:
C:
A demilitarized zone (DMZ) is a part of the network that is separated of segmented from the rest of the network by means of firewalls and acts as a buffer between the untrusted public Internet and the trusted local area network (LAN).
D.
IP subnets can be used to separate or segment networks while allowing communication between the network segments via routers.
Q242. Which of the following technologies uses multiple devices to share work?
A. Switching
B. Load balancing
C. RAID
D. VPN concentrator
Answer: B
Explanation:
Load balancing is a way of providing high availability by splitting the workload across multiple computers.
Q243. While setting up a secure wireless corporate network, which of the following should Pete, an administrator, avoid implementing?
A. EAP-TLS
B. PEAP
C. WEP
D. WPA
Answer: C
Explanation:
WEP is one of the more vulnerable security protocols. The only time to use WEP is when you must have compatibility with older devices that do not support new encryption.
Q244. Which of the following is the BEST reason for placing a password lock on a mobile device?
A. Prevents an unauthorized user from accessing owner's data
B. Enables remote wipe capabilities
C. Stops an unauthorized user from using the device again
D. Prevents an unauthorized user from making phone calls
Answer: A
Explanation:
Q245. A supervisor in the human resources department has been given additional job duties in the accounting department. Part of their new duties will be to check the daily balance sheet calculations on spreadsheets that are restricted to the accounting group. In which of the following ways should the account be handled?
A. The supervisor should be allowed to have access to the spreadsheet files, and their membership in the human resources group should be terminated.
B. The supervisor should be removed from the human resources group and added to the accounting group.
C. The supervisor should be added to the accounting group while maintaining their membership in the human resources group.
D. The supervisor should only maintain membership in the human resources group.
Answer: C
Explanation:
You can assign permissions to access resources either to a user or a group. The most efficient way is to assign permissions to a group (group based privileges). By assigning the human resources supervisor’s user account to the group means the supervisor will inherit the permissions of that group, and allow him to carry out the new duties. Because the new duties are being added to his normal duties, maintaining membership in the human resources group will allow the supervisor to continue performing his normal duties.
Avant-garde SY0-401 braindumps:
Q246. Which of the following can be used to mitigate risk if a mobile device is lost?
A. Cable lock
B. Transport encryption
C. Voice encryption
D. Strong passwords
Answer: D
Explanation:
Passwords are the most likely mechanism that can be used to mitigate risk when a mobile device is lost. A strong password would be more difficult to crack.
Q247. Computer evidence at a crime is preserved by making an exact copy of the hard disk. Which of the following does this illustrate?
A. Taking screenshots
B. System image capture
C. Chain of custody
D. Order of volatility
Answer: B
Explanation:
A system image would be a snapshot of what exists at the moment. Thus capturing an image of the operating system in its exploited state can be helpful in revisiting the issue after the fact to learn more about it.
Q248. Which of the following can BEST help prevent cross-site scripting attacks and buffer overflows on a production system?
A. Input validation
B. Network intrusion detection system
C. Anomaly-based HIDS
D. Peer review
Answer: A
Explanation:
Input validation is a defensive technique intended to mitigate against possible user input attacks, such as buffer overflows and fuzzing. Input validation checks every user input submitted to the application before processing that input. The check could be a length, a character type, a language type, or a domain.
Q249. A large multinational corporation with networks in 30 countries wants to establish an understanding of their overall public-facing network attack surface. Which of the following security techniques would be BEST suited for this?
A. External penetration test
B. Internal vulnerability scan
C. External vulnerability scan
D. Internal penetration test
Answer: C
Explanation:
Q250. Which of the following can be performed when an element of the company policy cannot be enforced by technical means?
A. Develop a set of standards
B. Separation of duties
C. Develop a privacy policy
D. User training
Answer: D
Explanation:
User training is an important aspect of maintaining safety and security. It helps improve users’ security awareness in terms of prevention, enforcement, and threats. It is of critical importance when element of the company policy cannot be enforced by technical means.