[Free] Download New Updated (February 2016) CompTIA SY0-401 Practice Tests 1171-1180

Ensurepass

QUESTION 1171

A company’s Chief Information Officer realizes the company cannot continue to operate after a disaster. Which of the following describes the disaster?

 

A.

Risk

B.

Asset

C.

Threat

D.

Vulnerability

 

Correct Answer: C

 

 

 

 

QUESTION 1172

A company plans to expand by hiring new engineers who work in highly specialized areas. Each engineer will have very different job requirements and use unique tools and applications in their job. Which of the following is MOST appropriate to use?

 

A.

Role-based privileges

B.

Credential management

C.

User assigned privileges

D.

User access

 

Correct Answer: A

 

 

QUESTION 1173

Ann, the Chief Technology Officer (CTO), has agreed to
allow users to bring their own device (BYOD) in order to leverage mobile technology without providing every user with a company owned device. She is concerned that users may not understand the company’s rules, and she wants to limit potential legal concerns. Which of the following is the CTO concerned with?

 

A.

Data ownership

B.

Device access control

C.

Support ownership

D.

Acceptable use

 

Correct Answer: A

 

 

QUESTION 1174

A file on a Linux server has default permissions of rw-rw-r–. The system administrator has verified that Ann, a user, is not a member of the group owner of the file. Which of the following should be modified to assure that Ann has read access to the file?

 

A.

User ownership information for the file in question

B.

Directory permissions on the parent directory of the file in question

C.

Group memberships for the group owner of the file in question

D.

The file system access control list (FACL) for the file in question

 

Correct Answer: D

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

QUESTION 1175

A security administrator discovers that an attack has been completed against a node on the corporate network. All available logs were collected and stored.

 

You must review all network logs to discover the scope of the attack, check the box of the node(s) that have been compromised and drag and drop the appropriate actions to complete the incident response on the network. The environment is a critical production environment; perform the LEAST disruptive actions on the network, while still performing the appropriate incid3nt responses.

 

Instructions:

The web server, database server, IDS, and User PC are clickable. Check the box of the node(s) that have been compromised and drag and drop the appropriate actions to complete the incident response on the network. Not all actions may be used, and order is not important. If at anytime you would like to bring back the initial state of the simulation, please select the Reset button. When you have completed the simulation, please select the Done button to submit. Once the simulation is submitted, please select the Next button to continue.

 

clip_image002

 

Correct Answer:

Database server was attacked, actions should be to capture network traffic and Chain of Custody.

 

clip_image004

clip_image005

 

IDS Server Log:

clip_image007

 

Web Server Log:

clip_image009

clip_image011

 

Database Server Log:

clip_image013

 

Users PC Log:

clip_image015

 

QUESTION 1176

DRAG DROP

A security administrator is given the security and availability profiles for servers that are being deployed.

 

1. Match each RAID type with the correct configuration and MINIMUM number of drives.

2. Review the server profiles and match them with the appropriate RAID type based on integrity, availability, I/O, storage requirements. Instructions:

 

clip_image017All drive definitions can be dragged as many times as necessary

clip_image017[1]Not all placeholders may be filled in the RAID configuration boxes

clip_image017[2]If parity is required, please select the appropriate number of parity checkboxes

clip_image017[3]Server profiles may be dragged only once

 

If at any time you would like to bring back the initial state of the simulation, please select the Reset button. When you have completed the simulation, please select the Done button to submit. Once the simulation is submitted, please select the Next button to continue.

 

clip_image019

 

Correct Answer:

 

 

QUESTION 1177

A software developer utilizes cryptographic functions to generate codes that verify message integrity. Due to the nature if the data that is being sent back and forth from the client application to the server, the developer would like to change the cryptographic function to one that verities both authentication and message integrity. Which of the following algorithms should the software developer utilize?

 

A.

HMAC

B.

SHA

C.

Two Fish

D.

RIPEMD

 

Correct Answer: D

 

 

QUESTION 1178

When designing a corporate NAC solution, which of the following is the MOST relevant integration issue?

 

A.

Infrastructure time sync

B.

End user mobility

C.

802.1X supplicant compatibility

D.

Network Latency

E.

Network Zoning

Correct Answer: D

 

 

QUESTION 1179

Which of the following access methods uses radio frequency waves for authentication?

 

A.

Video surveillance

B.

Mantraps

C.

Proximity readers

D.

Biometrics

 

Correct Answer: C

 

 

QUESTION 1180

Which of the following authentication methods can use the SCTP and TLS protocols for reliable packet transmissions?

 

A.

TACACS+

B.

SAML

C.

Diameter

D.

Kerberos

 

Correct Answer: C

 


 

Free VCE & PDF File for CompTIA SY0-401 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in Uncategorized and tagged , , , , , , , . Bookmark the permalink.