testexam23 By Riverbed purchasing CompTIA SY0-401 exam sample questions, you will have all that is necessary for completing the CompTIA SY0-401 with all practice questions that are always up to date. All the FLYDUMPS CompTIA SY0-401 practice questions and answers are related to the real CompTIA SY0-401.If you use FLYDUMPS CompTIA https://www.leads4pass.com/sy0-401.html exam sample questions, you can experience an actual CompTIA SY0-401 exam. CompTIA SY0-401 training covers over 100% of the CompTIA SY0-401 questions and answers that may be appeared in your CompTIA SY0-401 test.
QUESTION 55
An organization recently switched from a cloud-based email solution to an in-house email server. The firewall needs to be modified to allow for sending and receiving email. Which of the following ports should be open on the firewall to allow for email traffic? (Select THREE).
A. TCP 22
B. TCP 23
C. TCP 25
D. TCP 53
E. TCP 110
F. TCP 143
G. TCP 445
Correct Answer: CEF Explanation
QUESTION 56
A new web server has been provisioned at a third party hosting provider for processing credit card transactions. The security administrator runs the netstat command on the server and notices that ports 80, 443, and 3389 are in a ‘listening’ state. No other ports are open. Which of the following services should be disabled to ensure secure communications?
A. HTTPS
B. HTTP
C. RDP
D. TELNET
Correct Answer: B Explanation
QUESTION 57
A company hosts its public websites internally. The administrator would like to make some changes to the
architecture.
The three goals are:
(1)
reduce the number of public IP addresses in use by the web servers
(2)
drive all the web traffic through a central point of control
(3)
mitigate automated attacks that are based on IP address scanning
A.
Firewall
B.
Load balancer
C.
URL filter
D.
Reverse proxy
Which of the following would meet all three goals?
Correct Answer: D Explanation
QUESTION 58
Ann is the data owner of financial records for a company. She has requested that she have the ability to assign read and write privileges to her folders. The network administrator is tasked with setting up the initial access control system and handing Ann’s administrative capabilities. Which of the following systems should be deployed?
A. Role-based
B. Mandatory
C. Discretionary
D. Rule-based
Correct Answer: C Explanation
QUESTION 59
The IT department noticed that there was a significant decrease in network performance during the afternoon hours. The IT department performed analysis of the network and discovered this was due to users accessing and downloading music and video streaming from social sites. The IT department notified corporate of their findings and a memo was sent to all employees addressing the misuse of company resources and requesting adherence to company policy. Which of the following policies is being enforced?
A. Acceptable use policy
B. Telecommuting policy
C. Data ownership policy
D. Non disclosure policy
Correct Answer: A Explanation
QUESTION 60
A computer security officer has investigated a possible data breach and has found it credible. The officer notifies the data center manager and the Chief Information Security Officer (CISO). This is an example of:
A. escalation and notification.
B. first responder.
C. incident identification.
D. incident mitigation.
Correct Answer: A Explanation
QUESTION 61
A small company wants to employ PKI. The company wants a cost effective solution that must be simple and trusted. They are considering two options: X.509 and PGP. Which of the following would be the BEST option?
A. PGP, because it employs a web-of-trust that is the most trusted form of PKI.
B. PGP, because it is simple to incorporate into a small environment.
C. X.509, because it uses a hierarchical design that is the most trusted form of PKI.
D. X.509, because it is simple to incorporate into a small environment.
Correct Answer: B Explanation
QUESTION 62
Ann was reviewing her company’s event logs and observed several instances of GUEST accessing the company print server, file server, and archive database. As she continued to investigate, Ann noticed that it seemed to happen at random intervals throughout the day, but mostly after the weekly automated patching and often logging in at the same time. Which of the following would BEST mitigate this issue?
A. Enabling time of day restrictions
B. Disabling unnecessary services
C. Disabling unnecessary accounts
D. Rogue machine detection
Correct Answer: C Explanation
QUESTION 63
A new application needs to be deployed on a virtual server. The virtual server hosts a SQL server that is used by several employees. Which of the following is the BEST approach for implementation of the new application on the virtual server?
A. Take a snapshot of the virtual server after installing the new application and store the snapshot in a secure location.
B. Generate a baseline report detailing all installed applications on the virtualized server after installing the new application.
C. Take a snapshot of the virtual server before installing the new application and store the snapshot in a secure location.
D. Create an exact copy of the virtual server and store the copy on an external hard drive after installing the new application.
Correct Answer: C Explanation
QUESTION 64
A security administrator is notified that users attached to a particular switch are having intermittent connectivity issues. Upon further research, the administrator finds evidence of an ARP spoofing attack. Which of the following could be utilized to provide protection from this type of attack?
A. Configure MAC filtering on the switch.
B. Configure loop protection on the switch.
C. Configure flood guards on the switch.
D. Configure 802.1x authentication on the switch.
Correct Answer: C Explanation
QUESTION 65
Ann is a member of the Sales group. She needs to collaborate with Joe, a member of the IT group, to edit a file. Currently, the file has the following permissions: Ann: read/write
Sales Group: read
IT Group: no access
If a discretionary access control list is in place for the files owned by Ann, which of the following would be the BEST way to share the file with Joe?
A. Add Joe to the Sales group.
B. Have the system administrator give Joe full access to the file.
C. Give Joe the appropriate access to the file directly.
D. Remove Joe from the IT group and add him to the Sales group.
Correct Answer: C Explanation
QUESTION 66
A company would like to take electronic orders from a partner; however, they are concerned that a non-authorized person may send an order. The legal department asks if there is a solution that provides non-repudiation. Which of the following would meet the requirements of this scenario?
A. Encryption
B. Digital signatures
C. Steganography
D. Hashing
E. Perfect forward secrecy
Correct Answer: B Explanation
QUESTION 67
The Chief Security Officer (CSO) is contacted by a first responder. The CSO assigns a handler. Which of the following is occurring?
A. Unannounced audit response
B. Incident response process
C. Business continuity planning
D. Unified threat management
E. Disaster recovery process
Correct Answer: B Explanation
QUESTION 68
An organization must implement controls to protect the confidentiality of its most sensitive data. The company is currently using a central storage system and group based access control for its sensitive information. Which of the following controls can further secure the data in the central storage system?
A. Data encryption
B. Patching the system
C. Digital signatures
D. File hashing
Correct Answer: A Explanation QUESTION 69
A network administrator, Joe, arrives at his new job to find that none of the users have changed their network passwords since they were initially hired. Joe wants to have everyone change their passwords immediately. Which of the following policies should be enforced to initiate a password change?
A. Password expiration
B. Password reuse
C. Password recovery
D. Password disablement
Correct Answer: A Explanation
QUESTION 70
Ann, a security administrator at a call center, has been experiencing problems with users intentionally installing unapproved and occasionally malicious software on their computers. Due to the nature of their jobs, Ann cannot change their permissions. Which of the following would BEST alleviate her concerns?
A. Deploy a HIDS suite on the users’ computers to prevent application installation.
B. Maintain the baseline posture at the highest OS patch level.
C. Enable the pop-up blockers on the users’ browsers to prevent malware.
D. Create an approved application list and block anything not on it.
Correct Answer: D Explanation
QUESTION 71
Which of the following should be used to authenticate and log connections from wireless users connecting with EAP-TLS?
A. Kerberos
B. LDAP
C. SAML
D. RADIUS
Correct Answer: D Explanation
QUESTION 72
A security administrator is auditing a database server to ensure the correct security measures are in place to protect the data. Some of the fields consist of people’s first name, last name, home address, date of birth and mothers last name. Which of the following describes this type of data?
A. PII
B. PCI
C. Low
D. Public
Correct Answer: A Explanation
QUESTION 73
Which of the following would be MOST appropriate if an organization’s requirements mandate complete
Flydumps CompTIA SY0-401 practice tests are composed of latest exam questions formulate an actual exam scenario with an intent to expose your potentials and latent skills. Our Microsoft practice tests encompass all the fundamental of CompTIA SY0-401 exam formats, orients your efforts towards guaranteed success for CompTIA https://www.leads4pass.com/sy0-401.html exams. You can hit your target with assurance if you have opted for our CompTIA SY0-401 practice test training.