Sighing up at Actualtests.com, you are going to get all of the CompTIA CompTIA exam demos. The CompTIA SY0-401 exam questions as well as answers are offered in two forms. The two forms are Pdf as well as Test Engine. Both are free downloadable for you personally when we confirm the payment. You d far better take a quiz prior to buying the CompTIA CompTIA products to be able to check out the strong as well as weak areas. Invest more moment on the weak details and lay any solid foundation for the CompTIA SY0-401 exam preparation.
2021 Jan SY0-401 simulations
Q51. Which of the following is characterized by an attacker attempting to map out an organization’s staff hierarchy in order to send targeted emails?
A. Whaling
B. Impersonation
C. Privilege escalation
D. Spear phishing
Answer: A
Explanation:
A whaling attack is targeted at company executives. Mapping out an organization’s staff hierarchy to determine who the people at the top are is also part of a whaling attack. Whaling is a specific kind of malicious hacking within the more general category of phishing, which involves hunting for data that can be used by the hacker. In general, phishing efforts are focused on collecting personal data about users. In whaling, the targets are high-ranking bankers, executives or others in powerful positions or job titles. Hackers who engage in whaling often describe these efforts as "reeling in a big fish," applying a familiar metaphor to the process of scouring technologies for loopholes and opportunities for data theft. Those who are engaged in whaling may, for example, hack into specific networks where these powerful individuals work or store sensitive data. They may also set up keylogging or other malware on a work station associated with one of these executives. There are many ways that hackers can pursue whaling, leading C-level or top-level executives in business and government to stay vigilant about the possibility of cyber threats.
Q52. The Chief Security Officer (CSO) is contacted by a first responder. The CSO assigns a handler. Which of the following is occurring?
A. Unannounced audit response
B. Incident response process
C. Business continuity planning
D. Unified threat management
E. Disaster recovery process
Answer: B
Explanation:
Q53. Which of the following wireless protocols could be vulnerable to a brute-force password attack? (Select TWO).
A. WPA2-PSK
B. WPA - EAP - TLS
C. WPA2-CCMP
D. WPA -CCMP
E. WPA - LEAP
F. WEP
Answer: A,E
Explanation:
A brute force attack is an attack that attempts to guess a password. WPA2-PSK and WEP both use a “Pre-Shared Key”. The pre-shared key is a password and therefore is susceptible to a brute force attack.
Q54. A security analyst needs to logon to the console to perform maintenance on a remote server. Which of the following protocols would provide secure access?
A. SCP
B. SSH
C. SFTP
D. HTTPS
Answer: B
Explanation:
Secure Shell (SSH) is a tunneling protocol originally used on Unix systems. It’s now available for both Unix and Windows environments. SSH is primarily intended for interactive terminal sessions. SSH is used to establish a command-line, text-only interface connection with a server, router, switch, or similar device over any distance.
Q55. NO: 104
A UNIX administrator would like to use native commands to provide a secure way of connecting to other devices remotely and to securely transfer files. Which of the following protocols could be utilized? (Select TWO).
A. RDP
B. SNMP
C. FTP
D. SCP
E. SSH
Answer: D,E
Explanation:
SSH is used to establish a command-line, text-only interface connection with a server, router,
switch, or similar device over any distance.
Secure Copy Protocol (SCP) is a secure file-transfer facility based on SSH and Remote Copy
Protocol (RCP). SCP is commonly used on Linux and Unix platforms.
Up to the immediate present SY0-401 exam fees:
Q56. Ann has taken over as the new head of the IT department. One of her first assignments was to implement AAA in preparation for the company’s new telecommuting policy. When she takes inventory of the organizations existing network infrastructure, she makes note that it is a mix of several different vendors. Ann knows she needs a method of secure centralized access to the company’s network resources. Which of the following is the BEST service for Ann to implement?
A. RADIUS
B. LDAP
C. SAML
D. TACACS+
Answer: A
Explanation:
The Remote Authentication Dial In User Service (RADIUS) networking protocol offers centralized Authentication, Authorization, and Accounting (AAA) management for users who make use of a network service.
Q57. Which of the following is a penetration testing method?
A. Searching the WHOIS database for administrator contact information
B. Running a port scanner against the target's network
C. War driving from a target's parking lot to footprint the wireless network
D. Calling the target's helpdesk, requesting a password reset
Answer: D
Explanation:
Q58. Establishing a published chart of roles, responsibilities, and chain of command to be used during a disaster is an example of which of the following?
A. Fault tolerance
B. Succession planning
C. Business continuity testing
D. Recovery point objectives
Answer: B
Explanation:
Succession planning outlines those internal to the organization that has the ability to step into positions when they open. By identifying key roles that cannot be left unfilled and associating internal employees who can step into these roles, you can groom those employees to make sure that they are up to speed when it comes time for them to fill those positions.
Q59. CORRECT TEXT
A security administrator discovers that an attack has been completed against a node on the corporate network. All available logs were collected and stored.
You must review all network logs to discover the scope of the attack, check the box of the node(s) that have been compromised and drag and drop the appropriate actions to complete the incident response on the network. The environment is a critical production environment; perform the LEAST disruptive actions on the network, while still performing the appropriate incid3nt responses.
Instructions: The web server, database server, IDS, and User PC are clickable. Check the box of the node(s) that have been compromised and drag and drop the appropriate actions to complete the incident response on the network. Not all actions may be used, and order is not important. If at anytime you would like to bring back the initial state of the simulation, please select the Reset button. When you have completed the simulation, please select the Done button to submit. Once the simulation is submitted, please select the Next button to continue.
Answer: Database server was attacked, actions should be to capture network traffic and Chain of Custody.
Q60. Which of the following ports and protocol types must be opened on a host with a host-based firewall to allow incoming SFTP connections?
A. 21/UDP
B. 21/TCP
C. 22/UDP
D. 22/TCP
Answer: D
Explanation:
SSH uses TCP port 22. All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22.