[Free] 2018(June) Ensurepass CompTIA SY0-401 Dumps with VCE and PDF 411-420

Ensurepass.com : Ensure you pass the IT Exams
2018 May CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!

CompTIA Security Certification

Question No: 411 – (Topic 2)

A recent audit has revealed weaknesses in the process of deploying new servers and network devices. Which of the following practices could be used to increase the security posture during deployment? (Select TWO).

  1. Deploy a honeypot

  2. Disable unnecessary services

  3. Change default passwords

  4. Implement an application firewall

  5. Penetration testing

Answer: B,C Explanation:

Increasing security posture is akin to getting the appropriate type of risk mitigation for your company. A plan and its implementation is a major part of security posture. When new servers and network devices are being deployed your most vulnerable points will be coming from all unnecessary services that may be running from servers and network default passwords. Thus your plan should be to disable those services that are not needed and change the default password during the deployment of the new servers and network devices.

Question No: 412 – (Topic 2)

A technician is investigating intermittent switch degradation. The issue only seems to occur when the building’s roof air conditioning system runs. Which of the following would reduce the connectivity issues?

  1. Adding a heat deflector

  2. Redundant HVAC systems

  3. Shielding

  4. Add a wireless network

Answer: C Explanation:

EMI can cause circuit overload, spikes, or even electrical component failure. In the question it is mentioned that switch degradation occurs when the building’s roof air- conditioning system is also running. All electromechanical systems emanate EMI. Thus you could alleviate the problem using EMI shielding.

Question No: 413 – (Topic 2)

Visible security cameras are considered to be which of the following types of security controls?

  1. Technical

  2. Compensating

  3. Deterrent

  4. Administrative

Answer: C Explanation:

Since a deterrent access control method is designed to discourage the violation of security policies, so a camera can be used to discourage individuals from taking unwanted action.

Question No: 414 – (Topic 2)

Digital signatures are used for ensuring which of the following items? (Select TWO).

  1. Confidentiality

  2. Integrity

  3. Non-Repudiation

  4. Availability

  5. Algorithm strength

Answer: B,C Explanation:

A digital signature is similar in function to a standard signature on a document. It validates the integrity of the message and the sender. The message is encrypted using the encryption system, and a second piece of information, the digital signature, is added to the message.

Nonrepudiation prevents one party from denying actions that they carried out and in the electronic world nonrepudiation measures can be a two-key cryptographic system and the involvement of a third party to verify the validity. This respected third party ‘vouches’ for the individuals in the two-key system. Thus non-repudiation also impacts on integrity.

Question No: 415 – (Topic 2)

Joe, a user, wants to send an encrypted email to Ann. Which of the following will Ann need to use to verify the validity’s of Joe’s certificate? (Select TWO).

  1. The CA’s public key

  2. Joe’s private key

  3. Ann’s public key

  4. The CA’s private key

  5. Joe’s public key

  6. Ann’s private key

Answer: A,E Explanation:

Joe wants to send a message to Ann. It’s important that this message not be altered. Joe will use the private key to create a digital signature. The message is, in effect, signed with the private key. Joe then sends the message to Ann. Ann will use the public key attached to the message to validate the digital signature. If the values match, Ann knows the

message is authentic and came from Joe. Ann will use a key provided by Joe-the public key-to decrypt the message. Most digital signature implementations also use a hash to verify that the message has not been altered, intentionally or accidently, in transit. Thus Ann would compare the signature area referred to as a message in the message with the calculated value digest (her private key in this case). If the values match, the message hasn’t been tampered with and the originator is verified as the person they claim to be. This process provides message integrity, nonrepudiation, and authentication.

A certificate authority (CA) is an organization that is responsible for issuing, revoking, and distributing certificates. A certificate is nothing more than a mechanism that associates the public key with an individual.

If Joe wants to send Ann an encrypted e-mail, there should be a mechanism to verify to Ann that the message received from Mike is really from Joe. If a third party (the CA) vouches for Joe and Ann trusts that third party, Ann can assume that the message is authentic because the third party says so.

Question No: 416 CORRECT TEXT – (Topic 2)

You have been tasked with designing a security plan for your company. Drag and drop the appropriate security controls on the floor plan-Instructions: All objects must be used and all place holders must be filled. Order does not matter. When you have completed the simulation, please select the Done button to submit.

Ensurepass 2018 PDF and VCE

Answer: lt;mapgt;lt;m x1=quot;809quot; x2=quot;944quot; y1=quot;163quot; y2=quot;198quot; ss=quot;0quot; a=quot;0quot; /gt;lt;m x1=quot;804quot; x2=quot;945quot; y1=quot;205quot; y2=quot;232quot; ss=quot;0quot; a=quot;0quot; /gt;lt;m x1=quot;805quot; x2=quot;944quot; y1=quot;239quot; y2=quot;269quot; ss=quot;0quot; a=quot;0quot; /gt;lt;m x1=quot;807quot; x2=quot;944quot; y1=quot;277quot; y2=quot;310quot; ss=quot;0quot; a=quot;0quot; /gt;lt;m x1=quot;803quot; x2=quot;946quot; y1=quot;317quot; y2=quot;345quot; ss=quot;0quot; a=quot;0quot; /gt;lt;m x1=quot;804quot; x2=quot;947quot; y1=quot;349quot; y2=quot;380quot; ss=quot;0quot; a=quot;0quot; /gt;lt;m x1=quot;810quot; x2=quot;945quot; y1=quot;389quot; y2=quot;422quot; ss=quot;0quot; a=quot;0quot; /gt;lt;m x1=quot;200quot; x2=quot;334quot; y1=quot;221quot; y2=quot;245quot; ss=quot;1quot; a=quot;0quot; /gt;lt;m x1=quot;410quot; x2=quot;548quot; y1=quot;221quot; y2=quot;247quot; ss=quot;1quot; a=quot;0quot; /gt;lt;m x1=quot;621quot; x2=quot;758quot; y1=quot;222quot; y2=quot;247quot; ss=quot;1quot; a=quot;0quot; /gt;lt;m x1=quot;621quot; x2=quot;755quot; y1=quot;323quot; y2=quot;347quot; ss=quot;1quot; a=quot;0quot; /gt;lt;m x1=quot;410quot; x2=quot;551quot; y1=quot;321quot; y2=quot;348quot; ss=quot;1quot; a=quot;0quot; /gt;lt;m x1=quot;202quot; x2=quot;338quot; y1=quot;324quot; y2=quot;351quot; ss=quot;1quot; a=quot;0quot; /gt;lt;m x1=quot;8quot; x2=quot;150quot; y1=quot;488quot; y2=quot;513quot; ss=quot;1quot; a=quot;0quot; /gt;lt;m x1=quot;11quot; x2=quot;147quot; y1=quot;519quot; y2=quot;546quot; ss=quot;1quot; a=quot;0quot; /gt;lt;m x1=quot;311quot; x2=quot;448quot; y1=quot;489quot; y2=quot;513quot; ss=quot;1quot; a=quot;0quot; /gt;lt;m x1=quot;313quot; x2=quot;450quot; y1=quot;518quot; y2=quot;541quot; ss=quot;1quot; a=quot;0quot; /gt;lt;m x1=quot;315quot; x2=quot;451quot; y1=quot;547quot; y2=quot;570quot; ss=quot;1quot; a=quot;0quot; /gt;lt;m x1=quot;316quot; x2=quot;449quot; y1=quot;574quot; y2=quot;597quot; ss=quot;1quot; a=quot;0quot; /gt;lt;m x1=quot;315quot; x2=quot;449quot; y1=quot;603quot; y2=quot;629quot; ss=quot;1quot; a=quot;0quot; /gt;lt;m x1=quot;851quot; x2=quot;986quot; y1=quot;522quot; y2=quot;550quot; ss=quot;1quot; a=quot;0quot; /gt;lt;m x1=quot;849quot; x2=quot;986quot; y1=quot;612quot; y2=quot;640quot; ss=quot;1quot; a=quot;0quot; /gt;lt;m x1=quot;853quot;

x2=quot;987quot; y1=quot;701quot; y2=quot;727quot; ss=quot;1quot; a=quot;0quot; /gt;lt;c start=quot;6quot; stop=quot;0quot; /gt;lt;c start=quot;6quot; stop=quot;1quot;

/gt;lt;c start=quot;6quot; stop=quot;2quot; /gt;lt;c start=quot;6quot; stop=quot;3quot; /gt;lt;c start=quot;6quot; stop=quot;4quot; /gt;lt;c start=quot;6quot; stop=quot;5quot; /gt;lt;c start=quot;5quot; stop=quot;6quot; /gt;lt;c start=quot;1quot; stop=quot;7quot; /gt;lt;c start=quot;2quot; stop=quot;8quot; /gt;lt;c start=quot;5quot; stop=quot;9quot; /gt;lt;c start=quot;3quot; stop=quot;10quot; /gt;lt;c start=quot;0quot; stop=quot;11quot; /gt;lt;c start=quot;4quot; stop=quot;12quot; /gt;lt;c start=quot;4quot; stop=quot;13quot; /gt;lt;c start=quot;4quot; stop=quot;14quot; /gt;lt;c start=quot;4quot; stop=quot;15quot;

/gt;lt;/mapgt;

Explanation:

Cable locks – Adding a cable lock between a laptop and a desk prevents someone from picking it up and walking away

Proximity badge reader

Safe is a hardware/physical security measure

Mantrap can be used to control access to sensitive areas. CCTV can be used as video surveillance.

Biometric reader can be used to control and prevent unauthorized access.

Locking cabinets can be used to protect backup media, documentation and other physical artefacts.

References:

Dulaney, Emmett and Chuck Eastton, CompTIA Security Study Guide, 6th Edition, Sybex, Indianapolis, 2014, p. 369

Question No: 417 – (Topic 2)

Which of the following documents outlines the technical and security requirements of an agreement between organizations?

  1. BPA

  2. RFQ

  3. ISA

  4. RFC

Answer: C Explanation:

ISA/ Interconnection Security Agreement is an agreement between two organizations that have connected systems. The agreement documents the technical requirements of the connected systems.

Question No: 418 – (Topic 2)

Which of the following, if properly implemented, would prevent users from accessing files that are unrelated to their job duties? (Select TWO).

  1. Separation of duties

  2. Job rotation

  3. Mandatory vacation

  4. Time of day restrictions

  5. Least privilege

Answer: A,E Explanation:

Separation of duties means that users are granted only the permissions they need to do their work and no more. More so it means that you are employing best practices. The segregation of duties and separation of environments is a way to reduce the likelihood of misuse of systems or information. A separation of duties policy is designed to reduce the risk of fraud and to prevent other losses in an organization.

A least privilege policy should be used when assigning permissions. Give users only the permissions that they need to do their work and no more.

Question No: 419 – (Topic 2)

A security administrator has just finished creating a hot site for the company. This implementation relates to which of the following concepts?

  1. Confidentiality

  2. Availability

  3. Succession planning

  4. Integrity

Answer: B Explanation:

Simply making sure that the data and systems are available for authorized users is what availability is all about. Data backups, redundant systems, and disaster recovery plans all support availability. And creating a hot site is about providing availability.

Question No: 420 – (Topic 2)

Which of the following is a best practice when a mistake is made during a forensics examination?

  1. The examiner should verify the tools before, during, and after an examination.

  2. The examiner should attempt to hide the mistake during cross-examination.

  3. The examiner should document the mistake and workaround the problem.

  4. The examiner should disclose the mistake and assess another area of the disc.

Answer: C Explanation:

Every step in an incident response should be documented, including every action taken by end users and the incident-response team.

100% Ensurepass Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Ensurepass Free Guaranteed!
Download 2018 EnsurePass SY0-401 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.