Tactics to sy0 401 vce

Pass4sure offers free demo for security+ sy0 401 exam. "CompTIA Security+ Certification", also known as comptia security+ sy0 401 exam, is a CompTIA Certification. This set of posts, Passing the CompTIA comptia security+ sy0 401 exam, will help you answer those questions. The comptia sy0 401 Questions & Answers covers all the knowledge points of the real exam. 100% real CompTIA comptia security+ sy0 401 exams and revised by experts!

Q191. A recent audit has revealed weaknesses in the process of deploying new servers and network devices. Which of the following practices could be used to increase the security posture during deployment? (Select TWO). 

A. Deploy a honeypot 

B. Disable unnecessary services 

C. Change default passwords 

D. Implement an application firewall 

E. Penetration testing 

Answer: B,C 

Explanation: 


Q192. A group policy requires users in an organization to use strong passwords that must be changed every 15 days. Joe and Ann were hired 16 days ago. When Joe logs into the network, he is prompted to change his password; when Ann logs into the network, she is not prompted to change her password. Which of the following BEST explains why Ann is not required to change her password? 

A. Ann’s user account has administrator privileges. 

B. Joe’s user account was not added to the group policy. 

C. Ann’s user account was not added to the group policy. 

D. Joe’s user account was inadvertently disabled and must be re-created. 

Answer:

Explanation: 

Group policy is used to manage Windows systems in a Windows network domain environment by means of a Group Policy Object (GPO). GPO’s include a number of settings related to credentials, which includes password expiration. Because Anne was not prompted to change her password, it could only mean that her user account was not added to the group policy. 


Q193. A large multinational corporation with networks in 30 countries wants to establish an understanding of their overall public-facing network attack surface. Which of the following security techniques would be BEST suited for this? 

A. External penetration test 

B. Internal vulnerability scan 

C. External vulnerability scan 

D. Internal penetration test 

Answer:

Explanation: 


Q194. When reviewing security logs, an administrator sees requests for the AAAA record of www.comptia.com. Which of the following BEST describes this type of record? 

A. DNSSEC record 

B. IPv4 DNS record 

C. IPSEC DNS record 

D. IPv6 DNS record 

Answer:

Explanation: The AAAA Address record links a FQDN to an IPv6 address. 


Q195. The security administrator at ABC company received the following log information from an external party: 

10:45:01 EST, SRC 10.4.3.7:3056, DST 8.4.2.1:80, ALERT, Directory traversal 

10:45:02 EST, SRC 10.4.3.7:3057, DST 8.4.2.1:80, ALERT, Account brute force 

10:45:03 EST, SRC 10.4.3.7:3058, DST 8.4.2.1:80, ALERT, Port scan 

The external party is reporting attacks coming from abc-company.com. Which of the following is the reason the ABC company’s security administrator is unable to determine the origin of the attack? 

A. A NIDS was used in place of a NIPS. 

B. The log is not in UTC. 

C. The external party uses a firewall. 

D. ABC company uses PAT. 

Answer:

Explanation: 

PAT would ensure that computers on ABC’s LAN translate to the same IP address, but with a different port number assignment. The log information shows the IP address, not the port number, making it impossible to pin point the exact source. 


Q196. A network administrator is configuring access control for the sales department which has high employee turnover. Which of the following is BEST suited when assigning user rights to individuals in the sales department? 

A. Time of day restrictions 

B. Group based privileges 

C. User assigned privileges 

D. Domain admin restrictions 

Answer:

Explanation: 

The question states that the sales department has a high employee turnover. You can assign permissions to access resources either to a user or a group. The most efficient way is to assign permissions to a group (group based privileges). Then when a new employee starts, you simply add the new user account to the appropriate groups. The user then inherits all the permissions assigned to the groups. 


Q197. Which of the following would BEST be used to calculate the expected loss of an event, if the likelihood of an event occurring is known? (Select TWO). 

A. DAC 

B. ALE 

C. SLE 

D. ARO 

E. ROI 

Answer: B,C 

Explanation: 

ALE (Annual Loss Expectancy) is equal to the SLE (Single Loss Expectancy) times the annualized rate of occurrence. SLE (Single Loss Expectancy) is equal to asset value (AV) times exposure factor (EF). 


Q198. A network administrator has recently updated their network devices to ensure redundancy is in place so that: 

A. switches can redistribute routes across the network. 

B. environmental monitoring can be performed. 

C. single points of failure are removed. 

D. hot and cold aisles are functioning. 

Answer:

Explanation: 

Redundancy refers to systems that either are duplicated or fail over to other systems in the event of a malfunction. The best way to remove an SPOF from your environment is to add redundancy. 


Q199. Pete, the system administrator, has concerns regarding users losing their company provided smartphones. Pete’s focus is on equipment recovery. Which of the following BEST addresses his concerns? 

A. Enforce device passwords. 

B. Use remote sanitation. 

C. Enable GPS tracking. 

D. Encrypt stored data. 

Answer:

Explanation: 

Global Positioning System (GPS) tracking can be used to identify its location of a stolen device and can allow authorities to recover the device. However, for GPS tracking to work, the device must have an Internet connection or a wireless phone service over which to send its location information. 


Q200. A security team has established a security awareness program. Which of the following would BEST prove the success of the program? 

A. Policies 

B. Procedures 

C. Metrics 

D. Standards 

Answer:

Explanation: 

All types of training should be followed up- be tested to see if it worked and how much was learned in the training process. You must follow up and gather training metrics to validate compliance and security posture. By training metrics, we mean some quantifiable method for determining the efficacy of training.