[Free] 2018(July) Dumps4cert CompTIA SY0-401 Dumps with VCE and PDF Download 401-410

By | July 17, 2018

Dumps4cert.com : Latest Dumps with PDF and VCE Files
2018 July CompTIA Official New Released SY0-401
100% Free Download! 100% Pass Guaranteed!

CompTIA Security Certification

Question No: 401 – (Topic 2)

Which of the following types of risk reducing policies also has the added indirect benefit of cross training employees when implemented?

  1. Least privilege

  2. Job rotation

  3. Mandatory vacations

  4. Separation of duties

Answer: B Explanation:

A job rotation policy defines intervals at which employees must rotate through positions. Similar in purpose to mandatory vacations, it helps to ensure that the company does not become too dependent on one person and it does afford the company with the opportunity

to place another person in that same job.

Question No: 402 – (Topic 2)

Some customers have reported receiving an untrusted certificate warning when visiting the company’s website. The administrator ensures that the certificate is not expired and that customers have trusted the original issuer of the certificate. Which of the following could be causing the problem?

  1. The intermediate CA certificates were not installed on the server.

  2. The certificate is not the correct type for a virtual server.

  3. The encryption key used in the certificate is too short.

  4. The client’s browser is trying to negotiate SSL instead of TLS.

Answer: A Explanation:

In a hierarchical trust model, also known as a tree, a root CA at the top provides all of the information. The intermediate CAs are next in the hierarchy, and they trust only information provided by the root CA. The root CA also trusts intermediate CAs that are in their level in the hierarchy and none that aren’t.

Question No: 403 – (Topic 2)

A company has just deployed a centralized event log storage system. Which of the following can be used to ensure the integrity of the logs after they are collected?

  1. Write-once drives

  2. Database encryption

  3. Continuous monitoring

  4. Role-based access controls

Answer: A Explanation:

A write-once drive means that the disk cannot be overwritten once data is written to the disk; and thus the integrity of the logs, if they are written to a write-once drives will ensure integrity of those logs.

Question No: 404 – (Topic 2)

The method to provide end users of IT systems and applications with requirements related to acceptable use, privacy, new threats and trends, and use of social networking is:

  1. Security awareness training.

  2. BYOD security training.

  3. Role-based security training.

  4. Legal compliance training.

Answer: A Explanation:

Security awareness and training are critical to the success of a security effort. They include explaining policies, procedures, and current threats to both users and management.

Question No: 405 – (Topic 2)

When implementing fire suppression controls in a datacenter it is important to:

  1. Select a fire suppression system which protects equipment but may harm technicians.

  2. Ensure proper placement of sprinkler lines to avoid accidental leakage onto servers.

  3. Integrate maintenance procedures to include regularly discharging the system.

  4. Use a system with audible alarms to ensure technicians have 20 minutes to evacuate.

Answer: B Explanation:

Water-based systems can cause serious damage to all electrical equipment and the sprinkler lines in a fire suppression control system should be placed in such a way so as not to leak onto computers when it do get activated because it works with overhead nozzles.

Question No: 406 – (Topic 2)

A company is looking to reduce the likelihood of employees in the finance department being involved with money laundering. Which of the following controls would BEST mitigate this risk?

  1. Implement privacy policies

  2. Enforce mandatory vacations

  3. Implement a security policy

  4. Enforce time of day restrictions

Answer: B Explanation:

A mandatory vacation policy requires all users to take time away from work to refresh. And in the same time it also gives the company a chance to make sure that others can fill in any gaps in skills and satisfy the need to have replication or duplication at all levels in addition to affording the company an opportunity to discover fraud for when others do the same job in the absence of the regular staff member then there is transparency.

Question No: 407 – (Topic 2)

The main corporate website has a service level agreement that requires availability 100% of the time, even in the case of a disaster. Which of the following would be required to meet this demand?

  1. Warm site implementation for the datacenter

  2. Geographically disparate site redundant datacenter

  3. Localized clustering of the datacenter

  4. Cold site implementation for the datacenter

Answer: B Explanation:

Data backups, redundant systems, and disaster recovery plans all support availability. AN in this case a geographically disparate site redundant datacenter represents 100% availability regardless of whether a disaster event occurs.

Question No: 408 – (Topic 2)

Which of the following controls can be used to prevent the disclosure of sensitive information stored on a mobile device’s removable media in the event that the device is lost or stolen?

  1. Hashing

  2. Screen locks

  3. Device password

  4. Encryption

Answer: D Explanation:

Encryption is used to ensure the confidentiality of information.

Question No: 409 – (Topic 2)

After an audit, it was discovered that the security group memberships were not properly adjusted for employees’ accounts when they moved from one role to another. Which of the following has the organization failed to properly implement? (Select TWO).

  1. Mandatory access control enforcement.

  2. User rights and permission reviews.

  3. Technical controls over account management.

  4. Account termination procedures.

  5. Management controls over account management.

  6. Incident management and response plan.

Answer: B,E Explanation:

Reviewing user rights and permissions can be used to determine that all groups, users, and other accounts have the appropriate privileges assigned according to the policies of the corporation and their job descriptions since they were all moved to different roles.

Control over account management would have taken into account the different roles that employees have and adjusted the rights and permissions of these roles accordingly.

Question No: 410 – (Topic 2)

A company recently experienced data loss when a server crashed due to a midday power


Which of the following should be used to prevent this from occurring again?

  1. Recovery procedures

  2. EMI shielding

  3. Environmental monitoring

  4. Redundancy

Answer: D Explanation:

Redundancy refers to systems that either are duplicated or fail over to other systems in the event of a malfunction (in this case a power outage). Failover refers to the process of reconstructing a system or switching over to other systems when a failure is detected. In the case of a server, the server switches to a redundant server when a fault is detected.

This strategy allows service to continue uninterrupted until the primary server can be restored.

100% Dumps4cert Free Download!
Download Free Demo:SY0-401 Demo PDF
100% Dumps4cert Pass Guaranteed!
SY0-401 Dumps

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.