Our pass rate is high to 98.9% and the similarity percentage between our comptia security+ get certified get ahead sy0 401 study guide study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the CompTIA sy0 401 vce exam in just one try? I am currently studying for the CompTIA security+ sy0 401 exam. Latest CompTIA comptia sy0 401 Test exam practice questions and answers, Try CompTIA comptia sy0 401 Brain Dumps First.
Q601. Privilege creep among long-term employees can be mitigated by which of the following procedures?
A. User permission reviews
B. Mandatory vacations
C. Separation of duties
D. Job function rotation
Answer: A
Explanation:
Privilege creep is the steady build-up of access rights beyond what a user requires to perform his/her task. Privilege creep can be decreased by conducting sporadic access rights reviews, which will confirm each user's need to access specific roles and rights in an effort to find and rescind excess privileges.
Q602. Which of the following may significantly reduce data loss if multiple drives fail at the same time?
A. Virtualization
B. RAID
C. Load balancing
D. Server clustering
Answer: B
Explanation:
RAID, or redundant array of independent disks (RAID). RAID allows your existing servers to have more than one hard drive so that if the main hard drive fails, the system keeps functioning.
Q603. During which of the following phases of the Incident Response process should a security administrator define and implement general defense against malware?
A. Lessons Learned
B. Preparation
C. Eradication
D. Identification
Answer: B
Explanation:
Incident response procedures involves: Preparation; Incident identification; Escalation and notification; Mitigation steps; Lessons learned; Reporting; Recover/reconstitution procedures; First responder; Incident isolation (Quarantine; Device removal); Data breach; Damage and loss control. It is important to stop malware before it ever gets hold of a system –thus you should know which malware is out there and take defensive measures - this means preparation to guard against malware infection should be done.
Q604. Which of the following application security testing techniques is implemented when an automated system generates random input data?
A. Fuzzing
B. XSRF
C. Hardening
D. Input validation
Answer: A
Explanation:
Fuzzing is a software testing technique that involves providing invalid, unexpected, or random data to as inputs to a computer program. The program is then monitored for exceptions such as crashes, or failed validation, or memory leaks.
Q605. A security engineer is reviewing log data and sees the output below:
POST: /payload.php HTTP/1.1 HOST: localhost Accept: */* Referrer: http://localhost/ ******* HTTP/1.1 403 Forbidden Connection: close
Log: Access denied with 403. Pattern matches form bypass Which of the following technologies was MOST likely being used to generate this log?
A. Host-based Intrusion Detection System
B. Web application firewall
C. Network-based Intrusion Detection System
D. Stateful Inspection Firewall
E. URL Content Filter
Answer: B
Explanation:
A web application firewall is a device, server add-on, virtual service, or system filter that defines a strict set of communication rules for a website and all visitors. It’s intended to be an application-specific firewall to prevent cross-site scripting, SQL injection, and other web application attacks.
Q606. A new application needs to be deployed on a virtual server. The virtual server hosts a SQL server that is used by several employees. Which of the following is the BEST approach for implementation of the new application on the virtual server?
A. Take a snapshot of the virtual server after installing the new application and store the snapshot in a secure location.
B. Generate a baseline report detailing all installed applications on the virtualized server after installing the new application.
C. Take a snapshot of the virtual server before installing the new application and store the snapshot in a secure location.
D. Create an exact copy of the virtual server and store the copy on an external hard drive after installing the new application.
Answer: C
Explanation:
Q607. Which of the following can a security administrator implement on mobile devices that will help prevent unwanted people from viewing the data if the device is left unattended?
A. Screen lock
B. Voice encryption
C. GPS tracking
D. Device encryption
Answer: A
Explanation:
Screen-lock is a security feature that requires the user to enter a PIN or a password after a short period of inactivity before they can access the system again. This feature ensures that if your device is left unattended or is lost or stolen, it will be difficult for anyone else to access your data or applications.
Q608. The Chief Information Officer (CIO) has mandated web based Customer Relationship Management (CRM) business functions be moved offshore to reduce cost, reduce IT overheads, and improve availability. The Chief Risk Officer (CRO) has agreed with the CIO’s direction but has mandated that key authentication systems be run within the organization’s network. Which of the following would BEST meet the CIO and CRO’s requirements?
A. Software as a Service
B. Infrastructure as a Service
C. Platform as a Service
D. Hosted virtualization service
Answer: A
Explanation:
Software as a Service (SaaS) is a software distribution model in which applications are hosted by a vendor or service provider and made available to customers over a network, typically the Internet.
Q609. Which of the following BEST describes a SQL Injection attack?
A. The attacker attempts to have the receiving server pass information to a back-end database from which it can compromise the stored information.
B. The attacker attempts to have the receiving server run a payload using programming commonly found on web servers.
C. The attacker overwhelms a system or application, causing it to crash and bring the server down to cause an outage.
D. The attacker overwhelms a system or application, causing it to crash, and then redirects the memory address to read from a location holding the payload.
Answer: A
Explanation:
SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker). SQL injection must exploit a security vulnerability in an application's software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.
Q610. Ann has recently transferred from the payroll department to engineering. While browsing file shares, Ann notices she can access the payroll status and pay rates of her new coworkers. Which of the following could prevent this scenario from occurring?
A. Credential management
B. Continuous monitoring
C. Separation of duties
D. User access reviews
Answer: D
Explanation: