Download New Updated (July) CompTIA SY0-401 Actual Test 191-200

Ensurepass

 

QUESTION 191

During a recent investigation, an auditor discovered that an engineer’s compromised workstation was being used to connect to SCADA systems while the engineer was not logged in. The engineer is responsible for administering the SCADA systems and cannot be blocked from connecting to them. The SCADA systems cannot be modified without vendor approval which requires months of testing. Which of the following is MOST likely to protect the SCADA systems from misuse?

 

A.

Update anti-virus definitions on SCADA systems

B.

Audit accounts on the SCADA systems

C.

Install a firewall on the SCADA network

D.

Deploy NIPS at the edge of the SCADA network

 

Correct Answer: D

 

 

QUESTION 192

A security administrator must implement a network authentication solution which will ensure encryption of user credentials when users enter their username and password to authenticate to the network. Which of the following should the administrator implement?

 

A.

WPA2 over EAP-TTLS

B.

WPA-PSK

C.

WPA2 with WPS

D.

WEP over EAP-PEAP

 

Correct Answer: D

 

 

 

 

 

 

 

QUESTION 193

Several employees have been printing files that include personally identifiable information of customers. Auditors have raised concerns about the destruction of these hard copies after they are created, and management has decided the best way to address this concern is by preventing these files from being printed. Which of the following would be the BEST control to implement?

 

A.

File encryption

B.

Printer hardening

C.

Clean desk policies

D.

Data loss prevention

 

Correct Answer: D

 

 

QUESTION 194

The company’s sales team plans to work late to provide the Chief Executive Officer (CEO) with a special report of sales before the quarter ends. After working for several hours, the team finds they cannot save or print the reports. Which of the following controls is preventing them from completing their work?

 

A.

Discretionary access control

B.

Role-based access control

C.

Time of Day access control

D.

Mandatory access control

 

Correct Answer: C

 

 

QUESTION 195

A security engineer is asked by the company’s development team to recommend the most secure method for password storage. Which of the following provide the BEST protection against brute forcing stored passwords? (Select TWO).

 

A.

PBKDF2

B.

MD5

C.

SHA2

D.

Bcrypt

E.

AES

F.

CHAP

 

Correct Answer: AD

 

 

QUESTION 196

After entering the following information into a SOHO wireless router, a mobile device’s user reports being unable to connect to the network:

 

PERMIT 0A: D1: FA. B1: 03: 37

DENY 01: 33: 7F: AB: 10: AB

 

Which of the following is preventing the device from connecting?

 

A.

WPA2-PSK requires a supplicant on the mobile device.

B.

Hardware address filtering is blocking the device.

C.

TCP/IP Port f
iltering has been implemented on the SOHO router.

D.

IP address filtering has disabled the device from connecting.

 

Correct Answer: B

 

 

QUESTION 197

The call center supervisor has reported that many employees have been playing preinstalled games on company computers and this is reducing productivity. Which of the following would be MOST effective for preventing this behavior?

 

A.

Acceptable use policies

B.

Host-based firewalls

C.

Content inspection

D.

Application whitelisting

 

Correct Answer: D

 

 

QUESTION 198

When creating a public / private key pair, for which of the following ciphers would a user need to specify the key strength?

 

A.

SHA

B.

AES

C.

DES

D.

RSA

 

Correct Answer: D

 

 

QUESTION 199

A company has decided to move large data sets to a cloud provider in order to limit the costs of new infrastructure. Some of the data is sensitive and the Chief Information Officer wants to make sure both parties have a clear understanding of the controls needed to protect the data. Which of the following types of interoperability agreement is this?

 

A.

ISA

B.

MOU

C.

SLA

D.

BPA

 

Correct Answer: A

 

 

QUESTION 200

Which of the following solutions provides the most flexibility when testing new security controls prior to implementation?

 

A.

Trusted OS

B.

Host software baselining

C.

OS hardening

D.

Virtualization

 

Correct Answer: D

 

Free VCE & PDF File for CompTIA SY0-401 Real Exam

Instant Access to
Free VCE Files: CompTIA | VMware | SAP …

Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in SY0-401 Real Tests (July) and tagged , , , , , , . Bookmark the permalink.