It is more faster and easier to pass the CompTIA SY0-401 exam by using Certified CompTIA CompTIA Security+ Certification questuins and answers. Immediate access to the Update SY0-401 Exam and find the same core area SY0-401 questions with professionally verified answers, then PASS your exam with a high score now.
2021 Dec SY0-401 exam question
Q621. Which of the following tools would allow Ann, the security administrator, to be able to BEST quantify all traffic on her network?
A. Honeypot
B. Port scanner
C. Protocol analyzer
D. Vulnerability scanner
Answer: C
Explanation:
A Protocol Analyzer is a hardware device or more commonly a software program used to capture
network data communications sent between devices on a network. By capturing and analyzing the
packets sent between the systems on the network, Ann would be able to quantify the amount of
traffic on the network.
Well known software protocol analyzers include Message Analyzer (formerly Network Monitor)
from Microsoft and Wireshark (formerly Ethereal).
Q622. Corporate IM presents multiple concerns to enterprise IT. Which of the following concerns should Jane, the IT security manager, ensure are under control? (Select THREE).
A. Authentication
B. Data leakage
C. Compliance
D. Malware
E. Non-repudiation
F. Network loading
Answer: B,C,D
Explanation:
In a joint enterprise, data may be combined from both organizations. It must be determined, in advance, who is responsible for that data and how the data backups will be managed. Data leakage, compliance and Malware issues are all issues concerning data ownership and backup which are both impacted on by corporate IM.
Q623. Which of the following security account management techniques should a security analyst implement to prevent staff, who has switched company roles, from exceeding privileges?
A. Internal account audits
B. Account disablement
C. Time of day restriction
D. Password complexity
Answer: A
Explanation:
Internal account auditing will allow you to switch the appropriate users to the proper accounts required after the switching of roles occurred and thus check that the principle of least privilege is followed.
Q624. While rarely enforced, mandatory vacation policies are effective at uncovering:
A. Help desk technicians with oversight by multiple supervisors and detailed quality control systems.
B. Collusion between two employees who perform the same business function.
C. Acts of incompetence by a systems engineer designing complex architectures as a member of a team.
D. Acts of gross negligence on the part of system administrators with unfettered access to system and no oversight.
Answer: D
Explanation:
Least privilege (privilege reviews) and job rotation is done when mandatory vacations are implemented. Then it will uncover areas where the system administrators neglected to check all users’ privileges since the other users must fill in their positions when they are on their mandatory vacation.
Q625. NO: 36
Sara, a security technician, has received notice that a vendor coming in for a presentation will require access to a server outside of the network. Currently, users are only able to access remote sites through a VPN connection. How could Sara BEST accommodate the vendor?
A. Allow incoming IPSec traffic into the vendor’s IP address.
B. Set up a VPN account for the vendor, allowing access to the remote site.
C. Turn off the firewall while the vendor is in the office, allowing access to the remote site.
D. Write a firewall rule to allow the vendor to have access to the remote site.
Answer: D
Explanation:
Firewall rules are used to define what traffic is able pass between the firewall and the internal network. Firewall rules block the connection, allow the connection, or allow the connection only if it is secured. Firewall rules can be applied to inbound traffic or outbound traffic and any type of network.
Refresh SY0-401 exam cram:
Q626. A password history value of three means which of the following?
A. Three different passwords are used before one can be reused.
B. A password cannot be reused once changed for three years.
C. After three hours a password must be re-entered to continue.
D. The server stores passwords in the database for three days.
Answer: A
Explanation:
Password History defines the number of unique new passwords a user must use before an old password can be reused.
Q627. Which of the following protocols allows for secure transfer of files? (Select TWO).
A. ICMP
B. SNMP
C. SFTP
D. SCP
E. TFTP
Answer: C,D
Explanation:
Standard FTP is a protocol often used to move files between one system and another either over the Internet or within private networks. SFTP is a secured alternative to standard FTP. Secure Copy Protocol (SCP) is a secure file-transfer facility based on SSH and Remote Copy Protocol (RCP).
Q628. Several employees have been printing files that include personally identifiable information of customers. Auditors have raised concerns about the destruction of these hard copies after they are created, and management has decided the best way to address this concern is by preventing these files from being printed.
Which of the following would be the BEST control to implement?
A. File encryption
B. Printer hardening
C. Clean desk policies
D. Data loss prevention
Answer: D
Explanation:
Data loss prevention (DLP) systems monitor the contents of systems (workstations, servers, and networks) to make sure that key content is not deleted or removed. They also monitor who is using the data (looking for unauthorized access) and transmitting the data. This would address the concerns of the auditors.
Q629. A certificate used on an ecommerce web server is about to expire. Which of the following will occur if the certificate is allowed to expire?
A. The certificate will be added to the Certificate Revocation List (CRL).
B. Clients will be notified that the certificate is invalid.
C. The ecommerce site will not function until the certificate is renewed.
D. The ecommerce site will no longer use encryption.
Answer: B
Explanation:
A similar process to certificate revocation will occur when a certificate is allowed to expire. Notification will be sent out to clients of the invalid certificate. The process of revoking a certificate begins when the CA is notified that a particular certificate needs to be revoked. This must be done whenever the private key becomes known. The owner of a certificate can request that it be revoked at any time, or the administrator can make the request.
Q630. Which of the following should be used when a business needs a block cipher with minimal key size for internal encryption?
A. AES
B. Blowfish
C. RC5
D. 3DES
Answer: B
Explanation:
Blowfish is an encryption system invented by a team led by Bruce Schneier that performs a 64-bit block cipher at very fast speeds. It is a symmetric block cipher that can use variable-length keys (from 32 bits to 448 bits).