SY0-401 New Questions!!!

Discussion in 'Security+' started by Nageil, Aug 30, 2016.

  1. Nageil

    Nageil Member
    Member

    Joined:
    May 6, 2016
    Messages:
    49
    Likes Received:
    1
    QUESTION 1839
    A new intern in the purchasing department requires read access to shared documents.
    Permissions are normally controlled through a group called "Purchasing", however, the purchasing group permissions allow write access.
    Which of the following would be the BEST course of action?

    [TABLE]
    [TR]
    [TD]A.
    [/TD]
    [TD]Modify all the shared files with read only permissions for the intern.
    [/TD]
    [/TR]
    [TR]
    [TD]B.
    [/TD]
    [TD]Create a new group that has only read permissions for the files.
    [/TD]
    [/TR]
    [TR]
    [TD]C.
    [/TD]
    [TD]Remove all permissions for the shared files.
    [/TD]
    [/TR]
    [TR]
    [TD]D.
    [/TD]
    [TD]Add the intern to the "Purchasing" group.
    [/TD]
    [/TR]
    [/TABLE]

    Answer: B


    QUESTION 1840
    A business has recently deployed laptops to all sales employees. The laptops will be used primarily from home offices and while traveling, and a high amount of wireless mobile use is expected. To protect the laptops while connected to untrusted wireless networks, which of the following would be the BEST method for reducing the risk of having the laptops compromised?

    [TABLE]
    [TR]
    [TD]A.
    [/TD]
    [TD]MAC filtering
    [/TD]
    [/TR]
    [TR]
    [TD]B.
    [/TD]
    [TD]Virtualization
    [/TD]
    [/TR]
    [TR]
    [TD]C.
    [/TD]
    [TD]OS hardening
    [/TD]
    [/TR]
    [TR]
    [TD]D.
    [/TD]
    [TD]Application white-listing
    [/TD]
    [/TR]
    [/TABLE]

    Answer: C


    QUESTION 1841
    Which of the following is the GREATEST risk to a company by allowing employees to physically bring their personal smartphones to work?

    [TABLE]
    [TR]
    [TD]A.
    [/TD]
    [TD]Taking pictures of proprietary information and equipment in restricted areas.
    [/TD]
    [/TR]
    [TR]
    [TD]B.
    [/TD]
    [TD]Installing soft token software to connect to the company's wireless network.
    [/TD]
    [/TR]
    [TR]
    [TD]C.
    [/TD]
    [TD]Company cannot automate patch management on personally-owned devices.
    [/TD]
    [/TR]
    [TR]
    [TD]D.
    [/TD]
    [TD]Increases the attack surface by having more target devices on the company's campus
    [/TD]
    [/TR]
    [/TABLE]

    Answer: A


    QUESTION 1842
    Which of the following is the summary of loss for a given year?

    [TABLE]
    [TR]
    [TD]A.
    [/TD]
    [TD]MTBF
    [/TD]
    [/TR]
    [TR]
    [TD]B.
    [/TD]
    [TD]ALE
    [/TD]
    [/TR]
    [TR]
    [TD]C.
    [/TD]
    [TD]SLA
    [/TD]
    [/TR]
    [TR]
    [TD]D.
    [/TD]
    [TD]ARO
    [/TD]
    [/TR]
    [/TABLE]

    Answer: B


    QUESTION 1843
    A Security Officer on a military base needs to encrypt several smart phones that will be going into the field. Which of the following encryption solutions should be deployed in this situation?

    [TABLE]
    [TR]
    [TD]A.
    [/TD]
    [TD]Elliptic curve
    [/TD]
    [/TR]
    [TR]
    [TD]B.
    [/TD]
    [TD]One-time pad
    [/TD]
    [/TR]
    [TR]
    [TD]C.
    [/TD]
    [TD]3DES
    [/TD]
    [/TR]
    [TR]
    [TD]D.
    [/TD]
    [TD]AES-256
    [/TD]
    [/TR]
    [/TABLE]

    Answer: D


    QUESTION 1844
    An organization relies heavily on an application that has a high frequency of security updates. At present, the security team only updates the application on the first Monday of each month, even though the security updates are released as often as twice a week. Which of the following would be the BEST method of updating this application?

    [TABLE]
    [TR]
    [TD]A.
    [/TD]
    [TD]Configure testing and automate patch management for the application.
    [/TD]
    [/TR]
    [TR]
    [TD]B.
    [/TD]
    [TD]Configure security control testing for the application.
    [/TD]
    [/TR]
    [TR]
    [TD]C.
    [/TD]
    [TD]Manually apply updates for the application when they are released.
    [/TD]
    [/TR]
    [TR]
    [TD]D.
    [/TD]
    [TD]Configure a sandbox for testing patches before the scheduled monthly update.
    [/TD]
    [/TR]
    [/TABLE]

    Answer: A


    QUESTION 1845
    A technician must configure a firewall to block external DNS traffic from entering a network. Which of the following ports should they block on the firewall?

    [TABLE]
    [TR]
    [TD]A.
    [/TD]
    [TD]53
    [/TD]
    [/TR]
    [TR]
    [TD]B.
    [/TD]
    [TD]110
    [/TD]
    [/TR]
    [TR]
    [TD]C.
    [/TD]
    [TD]143
    [/TD]
    [/TR]
    [TR]
    [TD]D.
    [/TD]
    [TD]443
    [/TD]
    [/TR]
    [/TABLE]

    Answer: A


    QUESTION 1846
    A software development company needs to share information between two remote servers, using encryption to protect it. A programmer suggests developing a new encryption protocol, arguing that using an unknown protocol with secure, existing cryptographic algorithm libraries will provide strong encryption without being susceptible to attacks on other known protocols. Which of the following summarizes the BEST response to the programmer's proposal?

    [TABLE]
    [TR]
    [TD]A.
    [/TD]
    [TD]The newly developed protocol will only be as secure as the underlying cryptographic algorithms used.
    [/TD]
    [/TR]
    [TR]
    [TD]B.
    [/TD]
    [TD]New protocols often introduce unexpected vulnerabilities, even when developed with otherwise secure and tested algorithm libraries.
    [/TD]
    [/TR]
    [TR]
    [TD]C.
    [/TD]
    [TD]A programmer should have specialized training in protocol development before attempting to design a new encryption protocol.
    [/TD]
    [/TR]
    [TR]
    [TD]D.
    [/TD]
    [TD]The obscurity value of unproven protocols against attacks often outweighs the potential for introducing new vulnerabilities.
    [/TD]
    [/TR]
    [/TABLE]

    Answer: B


    QUESTION 1847
    The Chief Technology Officer (CTO) of a company, Ann, is putting together a hardware budget for the next 10 years. She is asking for the average lifespan of each hardware device so that she is able to calculate when she will have to replace each device. Which of the following categories BEST describes what she is looking for?

    [TABLE]
    [TR]
    [TD]A.
    [/TD]
    [TD]ALE
    [/TD]
    [/TR]
    [TR]
    [TD]B.
    [/TD]
    [TD]MTTR
    [/TD]
    [/TR]
    [TR]
    [TD]C.
    [/TD]
    [TD]MTBF
    [/TD]
    [/TR]
    [TR]
    [TD]D.
    [/TD]
    [TD]MTTF
    [/TD]
    [/TR]
    [/TABLE]

    Answer: D


    QUESTION 1848
    A software developer wants to ensure that the application is verifying that a key is valid before establishing SSL connections with random remote hosts on the Internet. Which of the following should be used in the code? (Select TWO.)

    [TABLE]
    [TR]
    [TD]A.
    [/TD]
    [TD]Escrowed keys
    [/TD]
    [/TR]
    [TR]
    [TD]B.
    [/TD]
    [TD]SSL symmetric encryption key
    [/TD]
    [/TR]
    [TR]
    [TD]C.
    [/TD]
    [TD]Software code private key
    [/TD]
    [/TR]
    [TR]
    [TD]D.
    [/TD]
    [TD]Remote server public key
    [/TD]
    [/TR]
    [TR]
    [TD]E.
    [/TD]
    [TD]OCSP
    [/TD]
    [/TR]
    [/TABLE]

    Answer: E


    QUESTION 1849
    A security guard has informed the Chief Information Security Officer that a person with a tablet has been walking around the building. The guard also noticed strange white markings in different areas of the parking lot. The person is attempting which of the following types of attacks?

    [TABLE]
    [TR]
    [TD]A.
    [/TD]
    [TD]Jamming
    [/TD]
    [/TR]
    [TR]
    [TD]B.
    [/TD]
    [TD]War chalking
    [/TD]
    [/TR]
    [TR]
    [TD]C.
    [/TD]
    [TD]Packet sniffing
    [/TD]
    [/TR]
    [TR]
    [TD]D.
    [/TD]
    [TD]Near field communication
    [/TD]
    [/TR]
    [/TABLE]

    Answer: B


    QUESTION 1850
    A system administrator is configuring a site-to-site VPN tunnel. Which of the following should be configured on the VPN concentrator during the IKE phase?

    [TABLE]
    [TR]
    [TD]A.
    [/TD]
    [TD]RIPEMD
    [/TD]
    [/TR]
    [TR]
    [TD]B.
    [/TD]
    [TD]ECDHE
    [/TD]
    [/TR]
    [TR]
    [TD]C.
    [/TD]
    [TD]Diffie-Hellman
    [/TD]
    [/TR]
    [TR]
    [TD]D.
    [/TD]
    [TD]HTTPS
    [/TD]
    [/TR]
    [/TABLE]

    To get full version dumps, please visit my Google Drive:

    Dear visitor, you need to Register or Login to view links on Certify Chat.

     
  2. DapperDanBeen

    DapperDanBeen Member
    Member

    Joined:
    Jul 4, 2017
    Messages:
    11
    Likes Received:
    2

    Dear visitor, you need to Register or Login to view links on Certify Chat.

    Click to expand...
    seems it only links to that one pdf
    where is full version?
     
  • momo

    momo Member
    Member

    Joined:
    May 17, 2017
    Messages:
    25
    Likes Received:
    0
    Not the full version
     
  • candusmisheel

    candusmisheel Member
    Member

    Joined:
    Feb 12, 2018
    Messages:
    172
    Likes Received:
    0
    Choose a sure shot way towards your success in certification exam with COMPTIA SY0-401 dumps of (Dumpspdf.com). We guarantee your success with 100% money back assurance. An exclusive collection of valid and most updated

    Dear visitor, you need to Register or Login to view links on Certify Chat.

    is the secret behind this assurance. So feel free to get benefits from such valuable SY0-401 Exam Dumps and enjoy brilliant success in COMPTIA exam.
     
  • Share This Page