[Free] 2018(Aug) Dumps4cert CompTIA SY0-401 Dumps with VCE and PDF Download 91-100

Dumps4cert.com : Latest Dumps with PDF and VCE Files
2018 Aug CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!

CompTIA Security Certification

Question No: 91 – (Topic 1)

An administrator would like to review the effectiveness of existing security in the enterprise. Which of the following would be the BEST place to start?

  1. Review past security incidents and their resolution

  2. Rewrite the existing security policy

  3. Implement an intrusion prevention system

  4. Install honey pot systems

Answer: C Explanation:

The main functions of intrusion prevention systems are to identify malicious activity, log information about this activity, attempt to block/stop it, and report it

Question No: 92 – (Topic 1)

Which of the following is BEST used to break a group of IP addresses into smaller network segments or blocks?

  1. NAT

  2. Virtualization

  3. NAC

  4. Subnetting

Answer: D Explanation:

Subnetting is a dividing process used on networks to divide larger groups of hosts into

smaller collections.

Question No: 93 – (Topic 1)

Which of the following is the MOST secure protocol to transfer files?

  1. FTP

  2. FTPS

  3. SSH

  4. TELNET

Answer: B Explanation:

FTPS refers to FTP Secure, or FTP SSL. It is a secure variation of File Transfer Protocol (FTP).

Question No: 94 – (Topic 1)

Which of the following technologies can store multi-tenant data with different security requirements?

  1. Data loss prevention

  2. Trusted platform module

  3. Hard drive encryption

  4. Cloud computing

Answer: D Explanation:

One of the ways cloud computing is able to obtain cost efficiencies is by putting data from various clients on the same machines. This “multitenant” nature means that workloads from different clients can be on the same system, and a flaw in implementation could compromise security.

Question No: 95 – (Topic 1)

Which of the following is required to allow multiple servers to exist on one physical server?

  1. Software as a Service (SaaS)

  2. Platform as a Service (PaaS)

  3. Virtualization

  4. Infrastructure as a Service (IaaS)

Answer: C Explanation:

Virtualization allows a single set of hardware to host multiple virtual machines.

Question No: 96 – (Topic 1)

A network administrator is asked to send a large file containing PII to a business associate. Which of the following protocols is the BEST choice to use?

  1. SSH

  2. SFTP

  3. SMTP

  4. FTP

Answer: B Explanation:

SFTP encrypts authentication and data traffic between the client and server by making use of SSH to provide secure FTP communications. As a result, SFTP offers protection for both the authentication traffic and the data transfer taking place between a client and server.

Question No: 97 – (Topic 1)

Which of the following protocols allows for the LARGEST address space?

  1. IPX

  2. IPv4

  3. IPv6

  4. Appletalk

Answer: C Explanation:

The main advantage of IPv6 over IPv4 is its larger address space. The length of an IPv6 address is 128 bits, compared with 32 bits in IPv4.

Question No: 98 – (Topic 1)

At an organization, unauthorized users have been accessing network resources via unused network wall jacks. Which of the following would be used to stop unauthorized access?

  1. Configure an access list.

  2. Configure spanning tree protocol.

  3. Configure port security.

  4. Configure loop protection.

Answer: C Explanation:

Port security in IT can mean several things. It can mean the physical control of all connection points, such as RJ-45 wall jacks or device ports, so that no unauthorized users or unauthorized devices can attempt to connect into an open port. This can be accomplished by locking down the wiring closet and server vaults and then disconnecting the workstation run from the patch panel (or punch-down block) that leads to a room’s wall jack. Any unneeded or unused wall jacks can (and should) be physically disabled in this manner. Another option is to use a smart patch panel that can monitor the MAC address of any device connected to each and every wall port across a building and detect not just when a new device is connected to an empty port, but also when a valid device is disconnected or replaced by an invalid device.

Question No: 99 – (Topic 1)

A network engineer is designing a secure tunneled VPN. Which of the following protocols would be the MOST secure?

  1. IPsec

  2. SFTP

  3. BGP

  4. PPTP

Answer: A Explanation:

Layer 2 Tunneling Protocol (L2TP) came about through a partnership between Cisco and Microsoft with the intention of providing a more secure VPN protocol. L2TP is considered to be a more secure option than PPTP, as the IPSec protocol which holds more secure encryption algorithms, is utilized in conjunction with it. It also requires a pre-shared certificate or key. L2TP’s strongest level of encryption makes use of 168 bit keys, 3 DES encryption algorithm and requires two levels of authentication.

L2TP has a number of advantages in comparison to PPTP in terms of providing data integrity and authentication of origin verification designed to keep hackers from compromising the system. However, the increased overhead required to manage this elevated security means that it performs at a slower pace than PPTP.

Question No: 100 – (Topic 1)

Which of the following security devices can be replicated on a Linux based computer using IP tables to inspect and properly handle network based traffic?

  1. Sniffer

  2. Router

  3. Firewall

  4. Switch

Answer: C Explanation:

Ip tables are a user-space application program that allows a system administrator to configure the tables provided by the Linux kernel firewall and the chains and rules it stores.

100% Dumps4cert Free Download!
SY0-401 PDF
100% Dumps4cert Pass Guaranteed!
SY0-401 Dumps

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No