[Free] Download New Updated (February 2016) CompTIA SY0-401 Practice Tests 761-770

Ensurepass

QUESTION 761

Which of the following can be used to maintain a higher level of security in a SAN by allowing isolation of mis-configurations or faults?

 

A.

VLAN

B.

Protocol security

C.

Port security

D.

VSAN

 

Correct Answer: D

 

 

QUESTION 762

The act of magnetically erasing all of the data on a disk is known as:

 

A.

Wiping

B.

Dissolution

C.

Scrubbing

D.

Degaussing

 

Correct Answer: D

 

 

QUESTION 763

Joe, a network security engineer, has visibility to network traffic through network monitoring tools. However, he’s concerned that a disgruntled employee may be targeting a server containing the company’s financial records. Which of the following security mechanism would be MOST appropriate to confirm Joe’s suspicion?

 

A.

HIDS

B.

HIPS

C.

NIPS

D.

NIDS

 

Correct Answer: A

 

 

 

 

 

 

QUESTION 764

Joe, a technician at the local power plant, notices that several turbines had ramp up in cycles during the week. Further investigation by the system engineering team determined that a timed .exe file had been uploaded to the sy
stem control console during a visit by international contractors. Which of the following actions should Joe recommend?

 

A.

Create a VLAN for the SCADA

B.

Enable PKI for the MainFrame

C.

Implement patch management

D.

Implement stronger WPA2 Wireless

 

Correct Answer: A

 

 

QUESTION 765

A system administrator has been instructed by the head of security to protect their data at-rest.

Which of the following would provide the strongest protection?

 

A.

Prohibiting removable media

B.

Incorporating a full-disk encryption system

C.

Biometric controls on data center entry points

D.

A host-based intrusion detection system

 

Correct Answer: B

 

 

QUESTION 766

An Information Systems Security Officer (ISSO) has been placed in charge of a classified peer-to-peer network that cannot connect to the Internet. The ISSO can update the antivirus definitions manually, but which of the following steps is MOST important?

 

A.

A full scan must be run on the network after the DAT file is installed.

B.

The signatures must have a hash value equal to what is displayed on the vendor site.

C.

The definition file must be updated within seven days.

D.

All users must be logged off of the network prior to the installation of the definition file.

 

Correct Answer: B

 

 

QUESTION 767

Ann has taken over as the new head of the IT department. One of her first assignments was to implement AAA in preparation for the company’s new telecommuting policy. When she takes inventory of the organizations existing network infrastructure, she makes note that it is a mix of several different vendors. Ann knows she needs a method of secure centralized access to the company’s network resources. Which of the following is the BEST service for Ann to implement?

 

A.

RADIUS

B.

LDAP

C.

SAML

D.

TACACS+

 

Correct Answer: A

 

QUESTION 768

A group policy requires users in an organization to use strong passwords that must be changed every 15 days. Joe and Ann were hired 16 days ago. When Joe logs into the network, he is prompted to change his password; when Ann logs into the network, she is not prompted to change her password. Which of the following BEST explains why Ann is not required to change her password?

 

A.

Ann’s user account has administrator privileges.

B.

Joe’s user account was not added to the group policy.

C.

Ann’s user account was not added to the group policy.

D.

Joe’s user account was inadvertently disabled and must be re-created.

 

Correct Answer: C

 

 

QUESTION 769

A new web server has been provisioned at a third party hosting provider for processing credit card transactions. The security administrator runs the netstat command on the server and notices that ports 80, 443, and 3389 are in a `listening’ state. No other ports are open. Which of the following services should be disabled to ensure secure communications?

 

A.

HTTPS

B.

HTTP

C.

RDP

D.

TELNET

 

Correct Answer: B

 

 

QUESTION 770

Several employee accounts appear to have been cracked by an attacker. Which of the following should the security administrator implement to mitigate password cracking attacks? (Select TWO).

 

A.

Increase password complexity

B.

Deploy an IDS to capture suspicious logins

C.

Implement password history

D.

Implement monitoring of logins

E.

Implement password expiration

F.

Increase password length

 

Correct Answer: AF

 

Free VCE & PDF File for CompTIA SY0-401 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in Uncategorized and tagged , , , , , , , . Bookmark the permalink.