Examcollection has service hotline for you to be able to consult us if you have virtually any question. Our objective would be to make our own customers satisfied and successful. We all are so proud of the pass rate that people promise you are going to get the CompTIA SY0-401 certification with no any difficulty. Or perhaps you can get 100% cash back with the paying fees.
2021 Apr SY0-401 vce
Q431. In order for network monitoring to work properly, you need a PC and a network card running in what mode?
A. Launch
B. Exposed
C. Promiscuous
D. Sweep
Answer: C
Explanation:
Promiscuous mode allows the network card to look at any packet that it sees on the network. This even includes packets that are not addressed to that network card.
Q432. A security administrator must implement a network authentication solution which will ensure encryption of user credentials when users enter their username and password to authenticate to the network.
Which of the following should the administrator implement?
A. WPA2 over EAP-TTLS
B. WPA-PSK
C. WPA2 with WPS
D. WEP over EAP-PEAP
Answer: D
Explanation:
D: Wired Equivalent Privacy (WEP) is designed to provide security equivalent to that of a wired network. WEP has vulnerabilities and isn’t considered highly secure. Extensible Authentication Protocol (EAP) provides a framework for authentication that is often used with wireless networks. Among the five EAP types adopted by the WPA/ WPA2 standard are EAP-TLS, EAP-PSK, EAP-MD5, as well as LEAP and PEAP. PEAP is similar in design to EAP-TTLS, requiring only a server-side PKI certificate to create a secure TLS tunnel to protect user authentication, and uses server-side public key certificates to authenticate the server. It then creates an encrypted TLS tunnel between the client and the authentication server. In most configurations, the keys for this encryption are transported using the server's public key. The ensuing exchange of authentication information inside the tunnel to authenticate the client is then encrypted and user credentials are safe from eavesdropping.
Q433. Users are unable to connect to the web server at IP 192.168.0.20. Which of the following can be inferred of a firewall that is configured ONLY with the following ACL?
PERMIT TCP ANY HOST 192.168.0.10 EQ 80
PERMIT TCP ANY HOST 192.168.0.10 EQ 443
A. It implements stateful packet filtering.
B. It implements bottom-up processing.
C. It failed closed.
D. It implements an implicit deny.
Answer: D
Explanation:
Implicit deny is the default security stance that says if you aren’t specifically granted access or privileges for a resource, you’re denied access by default. Implicit deny is the default response when an explicit allow or deny isn’t present.
Q434. A system administrator has noticed that users change their password many times to cycle back to the original password when their passwords expire. Which of the following would BEST prevent this behavior?
A. Assign users passwords based upon job role.
B. Enforce a minimum password age policy.
C. Prevent users from choosing their own passwords.
D. Increase the password expiration time frame.
Answer: B
Explanation:
A minimum password age policy defines the period that a password must be used for before it can be changed.
Q435. Several users report to the administrator that they are having issues downloading files from the file server. Which of the following assessment tools can be used to determine if there is an issue with the file server?
A. MAC filter list
B. Recovery agent
C. Baselines
D. Access list
Answer: C
Explanation:
The standard configuration on a server is known as the baseline. In this question, we can see if
anything has changed on the file server by comparing its current configuration with the baseline.
The IT baseline protection approach is a methodology to identify and implement computer security
measures in an organization. The aim is the achievement of an adequate and appropriate level of
security for IT systems. This is known as a baseline.
A baseline report compares the current status of network systems in terms of security updates,
performance or other metrics to a predefined set of standards (the baseline).
Renewal SY0-401 free practice exam:
Q436. Pete, the system administrator, wants to restrict access to advertisements, games, and gambling web sites. Which of the following devices would BEST achieve this goal?
A. Firewall
B. Switch
C. URL content filter
D. Spam filter
Answer: C
Explanation:
URL filtering, also known as web filtering, is the act of blocking access to a site based on all or part of the URL used to request access. URL filtering can focus on all or part of a fully qualified domain name (FQDN), specific path names, specific filenames, specific fi le extensions, or entire specific URLs. Many URL-filtering tools can obtain updated master URL block lists from vendors as well as allow administrators to add or remove URLs from a custom list.
Q437. Which of the following security architecture elements also has sniffer functionality? (Select TWO).
A. HSM
B. IPS
C. SSL accelerator
D. WAP
E. IDS
Answer: B,E
Explanation:
Sniffer functionality means the ability to capture and analyze the content of data packets as they
are transmitted across the network.
IDS and IPS systems perform their functions by capturing and analyzing the content of data
packets.
An intrusion detection system (IDS) is a device or software application that monitors network or
system activities for malicious activities or policy violations and produces reports to a management
station. IDS come in a variety of “flavors” and approach the goal of detecting suspicious traffic in
different ways. There are network based (NIDS) and host based (HIDS) intrusion detection
systems. Some systems may attempt to stop an intrusion attempt but this is neither required nor
expected of a monitoring system. Intrusion detection and prevention systems (IDPS) are primarily
focused on identifying possible incidents, logging information about them, and reporting attempts.
In addition, organizations use IDPSes for other purposes, such as identifying problems with
security policies, documenting existing threats and deterring individuals from violating security
policies. IDPSes have become a necessary addition to the security infrastructure of nearly every
organization.
IDPSes typically record information related to observed events, notify security administrators of
important observed events and produce reports. Many IDPSes can also respond to a detected
threat by attempting to prevent it from succeeding. They use several response techniques, which
involve the IDPS stopping the attack itself, changing the security environment (e.g. reconfiguring a
firewall) or changing the attack's content.
Q438. Which of the following would BEST deter an attacker trying to brute force 4-digit PIN numbers to access an account at a bank teller machine?
A. Account expiration settings
B. Complexity of PIN
C. Account lockout settings
D. PIN history requirements
Answer: C
Explanation:
Account lockout settings determine the number of failed login attempts before the account gets locked and how long the account will be locked out for. For example, an account can be configured to lock if three incorrect passwords (or in this case PIN’s) are entered. The account can then be configured to automatically unlock after a period of time or stay locked until someone manually unlocks it.
Q439. The server administrator has noted that most servers have a lot of free disk space and low memory utilization. Which of the following statements will be correct if the server administrator migrates to a virtual server environment?
A. The administrator will need to deploy load balancing and clustering.
B. The administrator may spend more on licensing but less on hardware and equipment.
C. The administrator will not be able to add a test virtual environment in the data center.
D. Servers will encounter latency and lowered throughput issues.
Answer: B
Explanation:
Migrating to a virtual server environment reduces cost by eliminating the need to purchase, manage, maintain and power physical machines. The fewer physical machines you have, the less money it costs.
Q440. Which of the following fire suppression systems is MOST likely used in a datacenter?
A. FM-200
B. Dry-pipe
C. Wet-pipe
D. Vacuum
Answer: A
Explanation:
FM200 is a gas and the principle of a gas system is that it displaces the oxygen in the room, thereby removing this essential component of a fi re. in a data center is is the preferred choice of fire suppressant.