Download New Updated (July) CompTIA SY0-401 Actual Test 171-180

Ensurepass

 

QUESTION 171

A distributed denial of service attack can BEST be described as:

 

A.

Invalid characters being entered into a field in a database application.

B.

Users attempting to input random or invalid data into fields within a web browser application.

C.

Multiple computers attacking a single target in an organized attempt to deplete its resources.

D.

Multiple attackers attempting to gain elevated privileges on a target system.

 

Correct Answer: C

 

 

QUESTION 172

Joe analyzed the following log and determined the security team should implement which of the following as a mitigation method against further attempts?

 

Host 192.168.1.123

 

[00: 00: 01]Successful Login: 015 192.168.1.123 : local

[00: 00: 03]Unsuccessful Login: 022 214.34.56.006 : RDP 192.168.1.124

[00: 00: 04]UnSuccessful Login: 010 214.34.56.006 : RDP 192.168.1.124

[00: 00: 07]UnSuccessful Login: 007 214.34.56.006 : RDP 192.168.1.124

[00: 00: 08]UnSuccessful Login: 003 214.34.56.006 : RDP 192.168.1.124

 

A.

Reporting

B.

IDS

C.

Monitor system logs

D.

Hardening

 

Correct Answer: D

 

 

QUESTION 173

A computer supply company is located in a building with three wireless networks. The system security team implemented a quarterly security scan and saw the following.

 

SSID State Channel Level

 

Computer AreUs1 connected 1 70dbm

Computer AreUs2 connected 5 80dbm

Computer AreUs3 connected 3 75dbm

Computer AreUs4 connected 6 95dbm

 

Which of the following is this an example of?

 

A.

Rogue access point

B.

Near field communication

C.

Jamming

D.

Packet sniffing

 

Correct Answer: A

 

 

 

 

QUESTION 174

A systems administrator has implemented PKI on a classified government network. In the event that a disconnect occurs from the primary CA, which of the following should be accessible locally from every site to ensure users with bad certificates cannot gain access to the network?

 

A.

A CRL

B.

Make the RA available

C.

A verification authority

D.

A redundant CA

 

Correct Answer: A

 

 

QUESTION 175

While configuring a new access layer switch, the administrator, Joe, was advised that he needed to make sure that only devices authorized to access the network would be permitted to login and utilize resources. Which of the following should the administrator implement to ensure this happens?

 

A.

Log Analysis

B.

VLAN Management

C.

Network separation

D.

802.1x

 

Correct Answer: D

 

 

QUESTION 176

A vulnerability assessment indicates that a router can be accessed from default port 80 and default port 22. Which of the following should be executed on the router to prevent access via these ports? (Select TWO).

 

A.

FTP service should be disabled

B.

HTTPS service should be disabled

C.

SSH service should be disabled

D.

HTTP service should disabled

E.

Telnet service should be disabled

 

Correct Answer: CD

 

 

QUESTION 177

Results from a vulnerability analysis indicate that all enabled virtual terminals on a router can be accessed using the same password. The company’s network device security policy mandates that at least one virtual terminal have a different password than the other virtual terminals. Which of the following sets of commands would meet this requirement?

 

A.

line vty 0 6 P@s5W0Rd password line vty 7 Qwer++!Y password

B.

line console 0 password password line vty 0 4 password P@s5W0Rd

C.

line vty 0 3 password Qwer++!Y line vty 4 password P@s5W0Rd

D.

line vty 0 3 password Qwer++!Y line console 0 password P@s5W0Rd

 

Correct Answer: C

QUESTION 178

Joe, an employee, was escorted from the company premises due to suspicion of revealing trade secrets to a competitor. Joe had already been working for two hours before leaving the premises.

A security technician was asked to prepare a report of files that had changed since last night’s integrity scan. Which of the following could the technician use to prepare the report? (Select TWO).

 

A.

PGP

B.

MD5

C.

ECC

D.

AES

E.

Blowfish

F.

HMAC

 

Correct Answer: BF

 

 

QUESTION 179

Ann has read and write access to an employee database, while Joe has only read access. Ann is leaving for a conference. Which of the following types of authorization could be utilized to trigger write access for Joe when Ann is absent?

 

A.

Mandatory access control

B.

Role-based access control

C.

Discretionary access control

D.

Rule-based access control

 

Correct Answer: D

 

 

QUESTION 180

Human Resources suspects an employee is accessing the employee salary database. The administrator is asked to find out who it is. In order to complete this task, which of the following is a security control that should be in place?

 

A.

Shared accounts should be prohibited.

B.

Account lockout should be enabled

C.

Privileges should be assigned to groups rather than individuals

D.

Time of day restrictions should be in use

 

Correct Answer: A

 

Free VCE & PDF File for CompTIA SY0-401 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in SY0-401 Real Tests (July) and tagged , , , , , , . Bookmark the permalink.